MediaWiki REL1_28
ApiMain Class Reference

This is the main API class, used for both external and internal processing. More...

Inheritance diagram for ApiMain:
Collaboration diagram for ApiMain:

Public Member Functions

 __construct ( $context=null, $enableWrite=false)
 Constructs an instance of ApiMain that utilizes the module and format specified by $request.
 
 canApiHighLimits ()
 Check whether the current user is allowed to use high limits.
 
 createPrinterByName ( $format)
 Create an instance of an output formatter by its name.
 
 execute ()
 Execute api request.
 
 getAllowedParams ()
 See ApiBase for description.
 
 getCheck ( $name)
 Get a boolean request value, and register the fact that the parameter was used, for logging.
 
 getContinuationManager ()
 Get the continuation manager.
 
 getErrorFormatter ()
 Get the ApiErrorFormatter object associated with current request.
 
 getModule ()
 Get the API module object.
 
 getModuleManager ()
 Overrides to return this instance's module manager.
 
 getPrinter ()
 Get the result formatter object.
 
 getResult ()
 Get the ApiResult object associated with current request.
 
 getUpload ( $name)
 Get a request upload, and register the fact that it was used, for logging.
 
 getUserAgent ()
 Fetches the user agent used for this request.
 
 getVal ( $name, $default=null)
 Get a request value, and register the fact that it was used, for logging.
 
 isInternalMode ()
 Return true if the API was started by other PHP code using FauxRequest.
 
 isReadMode ()
 
 lacksSameOriginSecurity ()
 Get the security flag for the current request.
 
 markParamsSensitive ( $params)
 Mark parameters as sensitive.
 
 markParamsUsed ( $params)
 Mark parameters as used.
 
 modifyHelp (array &$help, array $options, array &$tocData)
 Called from ApiHelp before the pieces are joined together and returned.
 
 setCacheControl ( $directives)
 Set directives (key/value pairs) for the Cache-Control header.
 
 setCacheMaxAge ( $maxage)
 Set how long the response should be cached.
 
 setCacheMode ( $mode)
 Set the type of caching headers which will be sent.
 
 setContinuationManager ( $manager)
 Set the continuation manager.
 
- Public Member Functions inherited from ApiBase
 __construct (ApiMain $mainModule, $moduleName, $modulePrefix='')
 
 setWarning ( $warning)
 Set warning section for this module.
 
 dieUsage ( $description, $errorCode, $httpRespCode=0, $extradata=null)
 Throw a UsageException, which will (if uncaught) call the main module's error handler and die with an error message.
 
 dieBlocked (Block $block)
 Throw a UsageException, which will (if uncaught) call the main module's error handler and die with an error message including block info.
 
 getErrorFromStatus ( $status, &$extraData=null)
 Get error (as code, string) from a Status object.
 
 dieStatus ( $status)
 Throw a UsageException based on the errors in the Status object.
 
 dieReadOnly ()
 Helper function for readonly errors.
 
 dieUsageMsg ( $error)
 Output the error message related to a certain array.
 
 dieUsageMsgOrDebug ( $error)
 Will only set a warning instead of failing if the global $wgDebugAPI is set to true.
 
 parseMsg ( $error)
 Return the error message related to a certain array.
 
 logFeatureUsage ( $feature)
 Write logging information for API features to a debug log, for usage analysis.
 
 getCustomPrinter ()
 If the module may only be used with a certain format module, it should override this method to return an instance of that formatter.
 
 getHelpUrls ()
 Return links to more detailed help pages about the module.
 
 shouldCheckMaxlag ()
 Indicates if this module needs maxlag to be checked.
 
 isWriteMode ()
 Indicates whether this module requires write mode.
 
 mustBePosted ()
 Indicates whether this module must be called with a POST request.
 
 isDeprecated ()
 Indicates whether this module is deprecated.
 
 isInternal ()
 Indicates whether this module is "internal" Internal API modules are not (yet) intended for 3rd party use and may be unstable.
 
 needsToken ()
 Returns the token type this module requires in order to execute.
 
 getConditionalRequestData ( $condition)
 Returns data for HTTP conditional request mechanisms.
 
 getModuleName ()
 Get the name of the module being executed by this instance.
 
 getModulePrefix ()
 Get parameter prefix (usually two letters or an empty string).
 
 getMain ()
 Get the main module.
 
 isMain ()
 Returns true if this module is the main module ($this === $this->mMainModule), false otherwise.
 
 getParent ()
 Get the parent of this module.
 
 getModulePath ()
 Get the path to this module.
 
 getModuleFromPath ( $path)
 Get a module from its module path.
 
 dynamicParameterDocumentation ()
 Indicate if the module supports dynamically-determined parameters that cannot be included in self::getAllowedParams().
 
 encodeParamName ( $paramName)
 This method mangles parameter name based on the prefix supplied to the constructor.
 
 extractRequestParams ( $parseLimit=true)
 Using getAllowedParams(), this function makes an array of the values provided by the user, with key being the name of the variable, and value - validated value from user or default.
 
 requireOnlyOneParameter ( $params, $required)
 Die if none or more than one of a certain set of parameters is set and not false.
 
 requireMaxOneParameter ( $params, $required)
 Die if more than one of a certain set of parameters is set and not false.
 
 requireAtLeastOneParameter ( $params, $required)
 Die if none of a certain set of parameters is set and not false.
 
 requirePostedParameters ( $params, $prefix='prefix')
 Die if any of the specified parameters were found in the query part of the URL rather than the post body.
 
 getTitleOrPageId ( $params, $load=false)
 Get a WikiPage object from a title or pageid param, if possible.
 
 validateToken ( $token, array $params)
 Validate the supplied token.
 
 getWatchlistUser ( $params)
 Gets the user for whom to get the watchlist.
 
 getFinalDescription ()
 Get final module description, after hooks have had a chance to tweak it as needed.
 
 getFinalParams ( $flags=0)
 Get final list of parameters, after hooks have had a chance to tweak it as needed.
 
 getFinalParamDescription ()
 Get final parameter descriptions, after hooks have had a chance to tweak it as needed.
 
 getModuleProfileName ( $db=false)
 
 profileIn ()
 
 profileOut ()
 
 safeProfileOut ()
 
 getProfileTime ()
 
 profileDBIn ()
 
 profileDBOut ()
 
 getProfileDBTime ()
 
- Public Member Functions inherited from ContextSource
 canUseWikiPage ()
 Check whether a WikiPage object can be get with getWikiPage().
 
 exportSession ()
 Export the resolved user IP, HTTP headers, user ID, and session ID.
 
 getConfig ()
 Get the Config object.
 
 getContext ()
 Get the base IContextSource object.
 
 getLanguage ()
 Get the Language object.
 
 getOutput ()
 Get the OutputPage object.
 
 getRequest ()
 Get the WebRequest object.
 
 getSkin ()
 Get the Skin object.
 
 getStats ()
 Get the Stats object.
 
 getTiming ()
 Get the Timing object.
 
 getTitle ()
 Get the Title object.
 
 getUser ()
 Get the User object.
 
 getWikiPage ()
 Get the WikiPage object.
 
 msg ()
 Get a Message object with context set Parameters are the same as wfMessage()
 
 setContext (IContextSource $context)
 Set the IContextSource object.
 

Static Public Member Functions

static handleApiBeforeMainException (Exception $e)
 Handle an exception from the ApiBeforeMain hook.
 
- Static Public Member Functions inherited from ApiBase
static truncateArray (&$arr, $limit)
 Truncate an array to a certain length.
 
static makeMessage ( $msg, IContextSource $context, array $params=null)
 Create a Message from a string or array.
 

Public Attributes

const API_DEFAULT_FORMAT = 'jsonfm'
 When no format parameter is given, this format will be used.
 
- Public Attributes inherited from ApiBase
const GET_VALUES_FOR_HELP = 1
 getAllowedParams() flag: When set, the result could take longer to generate, but should be more thorough.
 
const LIMIT_BIG1 = 500
 Fast query, standard limit.
 
const LIMIT_BIG2 = 5000
 Fast query, apihighlimits limit.
 
const LIMIT_SML1 = 50
 Slow query, standard limit.
 
const LIMIT_SML2 = 500
 Slow query, apihighlimits limit.
 
const PARAM_DFLT = 0
 (null|boolean|integer|string) Default value of the parameter.
 
const PARAM_ISMULTI = 1
 (boolean) Accept multiple pipe-separated values for this parameter (e.g.
 
const PARAM_TYPE = 2
 (string|string[]) Either an array of allowed value strings, or a string type as described below.
 
const PARAM_MAX = 3
 (integer) Max value allowed for the parameter, for PARAM_TYPE 'integer' and 'limit'.
 
const PARAM_MAX2 = 4
 (integer) Max value allowed for the parameter for users with the apihighlimits right, for PARAM_TYPE 'limit'.
 
const PARAM_MIN = 5
 (integer) Lowest value allowed for the parameter, for PARAM_TYPE 'integer' and 'limit'.
 
const PARAM_ALLOW_DUPLICATES = 6
 (boolean) Allow the same value to be set more than once when PARAM_ISMULTI is true?
 
const PARAM_DEPRECATED = 7
 (boolean) Is the parameter deprecated (will show a warning)?
 
const PARAM_REQUIRED = 8
 (boolean) Is the parameter required?
 
const PARAM_RANGE_ENFORCE = 9
 (boolean) For PARAM_TYPE 'integer', enforce PARAM_MIN and PARAM_MAX?
 
const PARAM_HELP_MSG = 10
 (string|array|Message) Specify an alternative i18n documentation message for this parameter.
 
const PARAM_HELP_MSG_APPEND = 11
 ((string|array|Message)[]) Specify additional i18n messages to append to the normal message for this parameter.
 
const PARAM_HELP_MSG_INFO = 12
 (array) Specify additional information tags for the parameter.
 
const PARAM_VALUE_LINKS = 13
 (string[]) When PARAM_TYPE is an array, this may be an array mapping those values to page titles which will be linked in the help.
 
const PARAM_HELP_MSG_PER_VALUE = 14
 ((string|array|Message)[]) When PARAM_TYPE is an array, this is an array mapping those values to $msg for ApiBase::makeMessage().
 
const PARAM_SUBMODULE_MAP = 15
 (string[]) When PARAM_TYPE is 'submodule', map parameter values to submodule paths.
 
const PARAM_SUBMODULE_PARAM_PREFIX = 16
 (string) When PARAM_TYPE is 'submodule', used to indicate the 'g' prefix added by ApiQueryGeneratorBase (and similar if anything else ever does that).
 
const PARAM_SENSITIVE = 17
 (boolean) Is the parameter sensitive? Note 'password'-type fields are always sensitive regardless of the value of this field.
 

Protected Member Functions

 checkAsserts ( $params)
 Check asserts of the user's rights.
 
 checkConditionalRequestHeaders ( $module)
 Check selected RFC 7232 precondition headers.
 
 checkExecutePermissions ( $module)
 Check for sufficient permissions to execute.
 
 checkMaxLag ( $module, $params)
 Check the max lag if necessary.
 
 checkReadOnly ( $module)
 Check if the DB is read-only for this user.
 
 encodeRequestLogValue ( $s)
 Encode a value in a format suitable for a space-separated log line.
 
 errorMessageFromException ( $e)
 Create an error message for the given exception.
 
 executeAction ()
 Execute the actual module, without any error handling.
 
 executeActionWithErrorHandling ()
 Execute an action, and in case of an error, erase whatever partial results have been accumulated, and replace it with an error message and a help screen.
 
 getExamplesMessages ()
 
 getParamsUsed ()
 Get the request parameters used in the course of the preceding execute() request.
 
 getSensitiveParams ()
 Get the request parameters that should be considered sensitive.
 
 handleCORS ()
 Check the &origin= query parameter against the Origin: HTTP header and respond appropriately.
 
 handleException (Exception $e)
 Handle an exception as an API response.
 
 logRequest ( $time, $e=null)
 Log the preceding request.
 
 printResult ( $isError)
 Print results using the current printer.
 
 reportUnusedParams ()
 Report unused parameters, so the client gets a hint in case it gave us parameters we don't know, for example in case of spelling mistakes or a missing 'g' prefix for generators.
 
 sendCacheHeaders ( $isError)
 Send caching headers.
 
 setRequestExpectations (ApiBase $module)
 Set database connection, query, and write expectations given this module request.
 
 setupExecuteAction ()
 Set up for the execution.
 
 setupExternalResponse ( $module, $params)
 Check POST for external response and setup result printer.
 
 setupModule ()
 Set up the module for response.
 
 substituteResultWithError ( $e)
 Replace the result data with the information about an exception.
 
- Protected Member Functions inherited from ApiBase
 dieContinueUsageIf ( $condition)
 Die with the $prefix.
 
 getWebUITokenSalt (array $params)
 Fetch the salt used in the Web UI corresponding to this module.
 
 getDB ()
 Gets a default replica DB connection object.
 
 getParameter ( $paramName, $parseLimit=true)
 Get a value for the given parameter.
 
 getWatchlistValue ( $watchlist, $titleObj, $userOption=null)
 Return true if we're to watch the page, false if not, null if no change.
 
 getParameterFromSettings ( $paramName, $paramSettings, $parseLimit)
 Using the settings determine the value for the given parameter.
 
 handleParamNormalization ( $paramName, $value, $rawValue)
 Handle when a parameter was Unicode-normalized.
 
 explodeMultiValue ( $value, $limit)
 Split a multi-valued parameter string, like explode()
 
 parseMultiValue ( $valueName, $value, $allowMultiple, $allowedValues)
 Return an array of values that were given in a 'a|b|c' notation, after it optionally validates them against the list allowed values.
 
 validateLimit ( $paramName, &$value, $min, $max, $botMax=null, $enforceLimits=false)
 Validate the value against the minimum and user/bot maximum limits.
 
 validateTimestamp ( $value, $encParamName)
 Validate and normalize of parameters of type 'timestamp'.
 
 setWatch ( $watch, $titleObj, $userOption=null)
 Set a watch (or unwatch) based the based on a watchlist parameter.
 
 getDescriptionMessage ()
 Return the description message.
 
 getHelpFlags ()
 Generates the list of flags for the help screen and for action=paraminfo.
 
 getModuleSourceInfo ()
 Returns information about the source of this module, if known.
 
 getDescription ()
 Returns the description string for this module.
 
 getParamDescription ()
 Returns an array of parameter descriptions.
 
 getExamples ()
 Returns usage examples for this module.
 
 useTransactionalTimeLimit ()
 Call wfTransactionalTimeLimit() if this request was POSTed.
 

Static Protected Member Functions

static matchOrigin ( $value, $rules, $exceptions)
 Attempt to match an Origin header against a set of rules and a set of exceptions.
 
static matchRequestedHeaders ( $requestedHeaders)
 Attempt to validate the value of Access-Control-Request-Headers against a list of headers that we allow the follow up request to send.
 
static wildcardToRegex ( $wildcard)
 Helper function to convert wildcard string into a regex '*' => '.
 
- Static Protected Member Functions inherited from ApiBase
static dieDebug ( $method, $message)
 Internal code errors should be reported with this method.
 

Private Member Functions

 checkBotReadOnly ()
 Check whether we are readonly for bots.
 
 createErrorPrinter ()
 Create the printer for error output.
 

Private Attributes

bool null $lacksSameOriginSecurity = null
 Cached return value from self::lacksSameOriginSecurity()
 
 $mAction
 
 $mCacheControl = []
 
 $mCacheMode = 'private'
 
 $mCanApiHighLimits = null
 
ApiContinuationManager null $mContinuationManager
 
 $mEnableWrite
 
 $mErrorFormatter
 
 $mInternalMode
 
ApiBase $mModule
 
 $mModuleMgr
 
 $mParamsSensitive = []
 
 $mParamsUsed = []
 
ApiFormatBase $mPrinter
 
 $mResult
 
 $mSquidMaxage
 

Static Private Attributes

static $Formats
 List of available formats: format name => format class.
 
static $Modules
 List of available modules: action name => module class.
 
static $mRights
 List of user roles that are specifically relevant to the API.
 

Additional Inherited Members

- Static Public Attributes inherited from ApiBase
static $messageMap
 Array that maps message keys to error messages.
 

Detailed Description

This is the main API class, used for both external and internal processing.

When executed, it will create the requested formatter object, instantiate and execute an object associated with the needed action, and use formatter to print results. In case of an exception, an error message will be printed using the same formatter.

To use API from another application, run it using FauxRequest object, in which case any internal exceptions will not be handled but passed up to the caller. After successful execution, use getResult() for the resulting data.

Definition at line 43 of file ApiMain.php.

Constructor & Destructor Documentation

◆ __construct()

ApiMain::__construct (   $context = null,
  $enableWrite = false 
)

Constructs an instance of ApiMain that utilizes the module and format specified by $request.

Parameters
IContextSource | WebRequest$contextIf this is an instance of FauxRequest, errors are thrown and no printing occurs
bool$enableWriteShould be set to true if the api may modify data

Definition at line 167 of file ApiMain.php.

References $code, ContextSource\$context, $request, $wgContLang, $wgLang, $wgUser, ContextSource\getConfig(), ContextSource\getContext(), ContextSource\getLanguage(), RequestContext\getMain(), ApiBase\getParameter(), ContextSource\getRequest(), global, lacksSameOriginSecurity(), RequestContext\sanitizeLangCode(), ContextSource\setContext(), wfDebug(), and wfWikiID().

Member Function Documentation

◆ canApiHighLimits()

ApiMain::canApiHighLimits ( )

Check whether the current user is allowed to use high limits.

Returns
bool

Definition at line 1823 of file ApiMain.php.

References $mCanApiHighLimits, and ContextSource\getUser().

◆ checkAsserts()

ApiMain::checkAsserts (   $params)
protected

Check asserts of the user's rights.

Parameters
array$params

Definition at line 1349 of file ApiMain.php.

References $params, $user, ApiBase\dieUsage(), and ContextSource\getUser().

Referenced by executeAction().

◆ checkBotReadOnly()

ApiMain::checkBotReadOnly ( )
private

Check whether we are readonly for bots.

Definition at line 1312 of file ApiMain.php.

References as, ApiBase\dieUsage(), ContextSource\getConfig(), ApiBase\parseMsg(), wfDebugLog(), and wfGetLB().

Referenced by checkReadOnly().

◆ checkConditionalRequestHeaders()

ApiMain::checkConditionalRequestHeaders (   $module)
protected

Check selected RFC 7232 precondition headers.

RFC 7232 envisions a particular model where you send your request to "a resource", and for write requests that you can read "the resource" by changing the method to GET. When the API receives a GET request, it works out even though "the resource" from RFC 7232's perspective might be many resources from MediaWiki's perspective. But it totally fails for a POST, since what HTTP sees as "the resource" is probably just "/api.php" with all the interesting bits in the body.

Therefore, we only support RFC 7232 precondition headers for GET (and HEAD). That means we don't need to bother with If-Match and If-Unmodified-Since since they only apply to modification requests.

And since we don't support Range, If-Range is ignored too.

Since
1.26
Parameters
ApiBase$moduleApi module being used
Returns
bool True on success, false should exit immediately

Definition at line 1164 of file ApiMain.php.

References $e, $s, $value, ContextSource\getConfig(), ContextSource\getOutput(), ContextSource\getRequest(), ContextSource\getUser(), TS_MW, TS_RFC2822, wfClearOutputBuffers(), and wfTimestamp().

Referenced by executeAction().

◆ checkExecutePermissions()

ApiMain::checkExecutePermissions (   $module)
protected

Check for sufficient permissions to execute.

Parameters
ApiBase$moduleAn Api module

Definition at line 1262 of file ApiMain.php.

References $user, checkReadOnly(), ApiBase\dieUsage(), ApiBase\dieUsageMsg(), ContextSource\getRequest(), and ContextSource\getUser().

Referenced by executeAction().

◆ checkMaxLag()

ApiMain::checkMaxLag (   $module,
  $params 
)
protected

Check the max lag if necessary.

Parameters
ApiBase$moduleApi module being used
array$paramsArray an array containing the request parameters.
Returns
bool True on success, false should exit immediately

Definition at line 1122 of file ApiMain.php.

References $params, $response, ApiBase\dieUsage(), ContextSource\getConfig(), ContextSource\getRequest(), list, and wfGetLB().

Referenced by executeAction().

◆ checkReadOnly()

ApiMain::checkReadOnly (   $module)
protected

Check if the DB is read-only for this user.

Parameters
ApiBase$moduleAn Api module

Definition at line 1296 of file ApiMain.php.

References checkBotReadOnly(), ApiBase\dieReadOnly(), wfGetLB(), and wfReadOnly().

Referenced by checkExecutePermissions().

◆ createErrorPrinter()

ApiMain::createErrorPrinter ( )
private

Create the printer for error output.

Definition at line 944 of file ApiMain.php.

References $value, API_DEFAULT_FORMAT, createPrinterByName(), and ContextSource\getRequest().

Referenced by handleException().

◆ createPrinterByName()

ApiMain::createPrinterByName (   $format)

Create an instance of an output formatter by its name.

Parameters
string$format
Returns
ApiFormatBase

Definition at line 465 of file ApiMain.php.

References ApiBase\dieUsage().

Referenced by ApiFormatRaw\__construct(), createErrorPrinter(), and setupExternalResponse().

◆ encodeRequestLogValue()

ApiMain::encodeRequestLogValue (   $s)
protected

Encode a value in a format suitable for a space-separated log line.

Parameters
string$s
Returns
string

Definition at line 1526 of file ApiMain.php.

References $s.

Referenced by logRequest().

◆ errorMessageFromException()

ApiMain::errorMessageFromException (   $e)
protected

Create an error message for the given exception.

If the exception is a UsageException then UsageException::getMessageArray() will be called to create the message.

Parameters
Exception$e
Returns
array ['code' => 'some string', 'info' => 'some other string']
Since
1.27

Definition at line 970 of file ApiMain.php.

References $e, and ContextSource\getConfig().

Referenced by logRequest(), and substituteResultWithError().

◆ execute()

ApiMain::execute ( )

Execute api request.

Any errors will be handled if the API was called by the remote client.

Reimplemented from ApiBase.

Definition at line 477 of file ApiMain.php.

References executeAction(), and executeActionWithErrorHandling().

◆ executeAction()

◆ executeActionWithErrorHandling()

ApiMain::executeActionWithErrorHandling ( )
protected

Execute an action, and in case of an error, erase whatever partial results have been accumulated, and replace it with an error message and a help screen.

Definition at line 489 of file ApiMain.php.

References $e, $t, executeAction(), ContextSource\getContext(), ContextSource\getRequest(), ContextSource\getStats(), handleCORS(), handleException(), logRequest(), and sendCacheHeaders().

Referenced by execute().

◆ getAllowedParams()

ApiMain::getAllowedParams ( )

See ApiBase for description.

Returns
array

Reimplemented from ApiBase.

Definition at line 1672 of file ApiMain.php.

References API_DEFAULT_FORMAT, ApiBase\PARAM_DFLT, and ApiBase\PARAM_TYPE.

◆ getCheck()

ApiMain::getCheck (   $name)

Get a boolean request value, and register the fact that the parameter was used, for logging.

Parameters
string$name
Returns
bool

Definition at line 1602 of file ApiMain.php.

References $name, and getVal().

◆ getContinuationManager()

ApiMain::getContinuationManager ( )

Get the continuation manager.

Returns
ApiContinuationManager|null

Reimplemented from ApiBase.

Definition at line 333 of file ApiMain.php.

References $mContinuationManager.

◆ getErrorFormatter()

ApiMain::getErrorFormatter ( )

Get the ApiErrorFormatter object associated with current request.

Returns
ApiErrorFormatter

Reimplemented from ApiBase.

Definition at line 325 of file ApiMain.php.

References $mErrorFormatter.

◆ getExamplesMessages()

ApiMain::getExamplesMessages ( )
protected
See also
ApiBase::getExamplesMessages()

Reimplemented from ApiBase.

Definition at line 1710 of file ApiMain.php.

◆ getModule()

ApiMain::getModule ( )

Get the API module object.

Only works after executeAction()

Returns
ApiBase

Definition at line 363 of file ApiMain.php.

References $mModule.

◆ getModuleManager()

ApiMain::getModuleManager ( )

Overrides to return this instance's module manager.

Returns
ApiModuleManager

Reimplemented from ApiBase.

Definition at line 1835 of file ApiMain.php.

References $mModuleMgr.

Referenced by ApiDocumentationTest\provideDocumentationExists().

◆ getParamsUsed()

ApiMain::getParamsUsed ( )
protected

Get the request parameters used in the course of the preceding execute() request.

Returns
array

Definition at line 1543 of file ApiMain.php.

Referenced by logRequest(), and reportUnusedParams().

◆ getPrinter()

ApiMain::getPrinter ( )

Get the result formatter object.

Only works after setupExecuteAction()

Returns
ApiFormatBase

Definition at line 372 of file ApiMain.php.

References $mPrinter.

◆ getResult()

ApiMain::getResult ( )

Get the ApiResult object associated with current request.

Returns
ApiResult

Reimplemented from ApiBase.

Definition at line 282 of file ApiMain.php.

References $mResult.

Referenced by executeAction(), setupExecuteAction(), and substituteResultWithError().

◆ getSensitiveParams()

ApiMain::getSensitiveParams ( )
protected

Get the request parameters that should be considered sensitive.

Since
1.28
Returns
array

Definition at line 1560 of file ApiMain.php.

Referenced by logRequest().

◆ getUpload()

ApiMain::getUpload (   $name)

Get a request upload, and register the fact that it was used, for logging.

Since
1.21
Parameters
string$nameParameter name
Returns
WebRequestUpload

Definition at line 1613 of file ApiMain.php.

References $name, and ContextSource\getRequest().

◆ getUserAgent()

ApiMain::getUserAgent ( )

Fetches the user agent used for this request.

The value will be the combination of the 'Api-User-Agent' header (if any) and the standard User-Agent header (if any).

Returns
string

Definition at line 1847 of file ApiMain.php.

References ContextSource\getRequest().

Referenced by logRequest().

◆ getVal()

ApiMain::getVal (   $name,
  $default = null 
)

Get a request value, and register the fact that it was used, for logging.

Parameters
string$name
mixed$default
Returns
mixed

Definition at line 1579 of file ApiMain.php.

References $name, $ret, ContextSource\getRequest(), and ApiBase\setWarning().

Referenced by getCheck().

◆ handleApiBeforeMainException()

static ApiMain::handleApiBeforeMainException ( Exception  $e)
static

Handle an exception from the ApiBeforeMain hook.

This tries to print the exception as an API response, to be more friendly to clients. If it fails, it will rethrow the exception.

Since
1.23
Parameters
Exception$e
Exceptions
Exception

Definition at line 613 of file ApiMain.php.

References $e, false, and RequestContext\getMain().

◆ handleCORS()

ApiMain::handleCORS ( )
protected

Check the &origin= query parameter against the Origin: HTTP header and respond appropriately.

If no origin parameter is present, nothing happens. If an origin parameter is present but doesn't match the Origin header, a 403 status code is set and false is returned. If the parameter and the header do match, the header is checked against $wgCrossSiteAJAXdomains and $wgCrossSiteAJAXdomainExceptions, and if the origin qualifies, the appropriate CORS headers are set. http://www.w3.org/TR/cors/#resource-requests http://www.w3.org/TR/cors/#resource-preflight-requests

Returns
bool False if the caller should abort (403 case), true otherwise (all other cases)

Definition at line 645 of file ApiMain.php.

References $request, $response, ContextSource\getConfig(), ContextSource\getOutput(), ApiBase\getParameter(), ContextSource\getRequest(), and matchOrigin().

Referenced by executeActionWithErrorHandling().

◆ handleException()

ApiMain::handleException ( Exception  $e)
protected

Handle an exception as an API response.

Since
1.23
Parameters
Exception$e

Definition at line 544 of file ApiMain.php.

References $e, $response, createErrorPrinter(), ContextSource\getRequest(), printResult(), setCacheMode(), ApiBase\setWarning(), and substituteResultWithError().

Referenced by executeActionWithErrorHandling().

◆ isInternalMode()

ApiMain::isInternalMode ( )

Return true if the API was started by other PHP code using FauxRequest.

Returns
bool

Definition at line 273 of file ApiMain.php.

References $mInternalMode.

◆ isReadMode()

ApiMain::isReadMode ( )
Returns
bool

Reimplemented from ApiBase.

Definition at line 1663 of file ApiMain.php.

◆ lacksSameOriginSecurity()

ApiMain::lacksSameOriginSecurity ( )

Get the security flag for the current request.

Returns
bool

Reimplemented from ApiBase.

Definition at line 290 of file ApiMain.php.

References $lacksSameOriginSecurity, $request, ContextSource\getRequest(), and lacksSameOriginSecurity().

Referenced by __construct(), and lacksSameOriginSecurity().

◆ logRequest()

ApiMain::logRequest (   $time,
  $e = null 
)
protected

Log the preceding request.

Parameters
float$timeTime in seconds
Exception$eException caught while processing the request

Definition at line 1472 of file ApiMain.php.

References $e, $name, $request, $time, $value, as, encodeRequestLogValue(), errorMessageFromException(), getParamsUsed(), ContextSource\getRequest(), getSensitiveParams(), ContextSource\getUser(), getUserAgent(), wfDebugLog(), wfUrlencode(), and wfWikiID().

Referenced by executeActionWithErrorHandling().

◆ markParamsSensitive()

ApiMain::markParamsSensitive (   $params)

Mark parameters as sensitive.

Since
1.28
Parameters
string | string[]$params

Definition at line 1569 of file ApiMain.php.

References $params, and array().

◆ markParamsUsed()

ApiMain::markParamsUsed (   $params)

Mark parameters as used.

Parameters
string | string[]$params

Definition at line 1551 of file ApiMain.php.

References $params, and array().

◆ matchOrigin()

static ApiMain::matchOrigin (   $value,
  $rules,
  $exceptions 
)
staticprotected

Attempt to match an Origin header against a set of rules and a set of exceptions.

Parameters
string$valueOrigin header
array$rulesSet of wildcard rules
array$exceptionsSet of wildcard rules
Returns
bool True if $value matches a rule in $rules and doesn't match any rules in $exceptions, false otherwise

Definition at line 750 of file ApiMain.php.

References $value, and as.

Referenced by handleCORS().

◆ matchRequestedHeaders()

static ApiMain::matchRequestedHeaders (   $requestedHeaders)
staticprotected

Attempt to validate the value of Access-Control-Request-Headers against a list of headers that we allow the follow up request to send.

Parameters
string$requestedHeadersComma seperated list of HTTP headers
Returns
bool True if all requested headers are in the list of allowed headers

Definition at line 774 of file ApiMain.php.

References as, and wfDebugLog().

◆ modifyHelp()

ApiMain::modifyHelp ( array $help,
array  $options,
array $tocData 
)

Called from ApiHelp before the pieces are joined together and returned.

This exists mainly for ApiMain to add the Permissions and Credits sections. Other modules probably don't need it.

Parameters
string[]&$helpArray of help data
array$optionsOptions passed to ApiHelp::getHelp
array&$tocDataIf a TOC is being generated, this array has keys as anchors in the page and values as for Linker::generateTOC().

Reimplemented from ApiBase.

Definition at line 1719 of file ApiMain.php.

References $header, $help, $options, as, ContextSource\getConfig(), ContextSource\getLanguage(), and ContextSource\msg().

◆ printResult()

ApiMain::printResult (   $isError)
protected

Print results using the current printer.

Parameters
bool$isError

Definition at line 1649 of file ApiMain.php.

References $mPrinter, ContextSource\getConfig(), ApiFormatBase\initPrinter(), and ApiBase\setWarning().

Referenced by executeAction(), and handleException().

◆ reportUnusedParams()

ApiMain::reportUnusedParams ( )
protected

Report unused parameters, so the client gets a hint in case it gave us parameters we don't know, for example in case of spelling mistakes or a missing 'g' prefix for generators.

Definition at line 1623 of file ApiMain.php.

References $s, getParamsUsed(), ContextSource\getRequest(), and ApiBase\setWarning().

Referenced by executeAction().

◆ sendCacheHeaders()

ApiMain::sendCacheHeaders (   $isError)
protected

Send caching headers.

Parameters
bool$isErrorWhether an error response is being output
Since
1.26 added $isError parameter

Definition at line 826 of file ApiMain.php.

References $name, $out, $response, $value, as, ContextSource\getConfig(), ContextSource\getOutput(), ApiBase\getParameter(), ContextSource\getRequest(), TS_RFC2822, and wfTimestamp().

Referenced by executeActionWithErrorHandling().

◆ setCacheControl()

ApiMain::setCacheControl (   $directives)

Set directives (key/value pairs) for the Cache-Control header.

Boolean values will be formatted as such, by including or omitting without an equals sign.

Cache control values set here will only be used if the cache mode is not private, see setCacheMode().

Parameters
array$directives

Definition at line 454 of file ApiMain.php.

References $mCacheControl.

Referenced by setCacheMaxAge().

◆ setCacheMaxAge()

ApiMain::setCacheMaxAge (   $maxage)

Set how long the response should be cached.

Parameters
int$maxage

Definition at line 381 of file ApiMain.php.

References setCacheControl().

◆ setCacheMode()

ApiMain::setCacheMode (   $mode)

Set the type of caching headers which will be sent.

Parameters
string$modeOne of:
  • 'public': Cache this object in public caches, if the maxage or smaxage parameter is set, or if setCacheMaxAge() was called. If a maximum age is not provided by any of these means, the object will be private.
  • 'private': Cache this object only in private client-side caches.
  • 'anon-public-user-private': Make this object cacheable for logged-out users, but private for logged-in users. IMPORTANT: If this is set, it must be set consistently for a given URL, it cannot be set differently depending on things like the contents of the database, or whether the user is logged in.

If the wiki does not allow anonymous users to read it, the mode set here will be ignored, and private caching headers will always be sent. In other words, the "public" mode is equivalent to saying that the data sent is as public as a page view.

For user-dependent data, the private mode should generally be used. The anon-public-user-private mode should only be used where there is a particularly good performance reason for caching the anonymous response, but where the response to logged-in users may differ, or may contain private data.

If this function is never called, then the default will be the private mode.

Definition at line 413 of file ApiMain.php.

References ApiBase\getParameter(), and wfDebug().

Referenced by handleException().

◆ setContinuationManager()

ApiMain::setContinuationManager (   $manager)

Set the continuation manager.

Parameters
ApiContinuationManager|null

Reimplemented from ApiBase.

Definition at line 341 of file ApiMain.php.

◆ setRequestExpectations()

ApiMain::setRequestExpectations ( ApiBase  $module)
protected

Set database connection, query, and write expectations given this module request.

Parameters
ApiBase$module

Definition at line 1453 of file ApiMain.php.

References ContextSource\getConfig(), ContextSource\getRequest(), Profiler\instance(), and ApiBase\isWriteMode().

Referenced by executeAction().

◆ setupExecuteAction()

ApiMain::setupExecuteAction ( )
protected

◆ setupExternalResponse()

ApiMain::setupExternalResponse (   $module,
  $params 
)
protected

Check POST for external response and setup result printer.

Parameters
ApiBase$moduleAn Api module
array$paramsAn array with the request parameters

Definition at line 1381 of file ApiMain.php.

References $params, $request, createPrinterByName(), ApiBase\dieUsageMsgOrDebug(), ContextSource\getRequest(), ApiBase\logFeatureUsage(), and ApiBase\setWarning().

Referenced by executeAction().

◆ setupModule()

ApiMain::setupModule ( )
protected

Set up the module for response.

Returns
ApiBase The module that will handle this action
Exceptions
MWException
UsageException

Definition at line 1080 of file ApiMain.php.

References ApiBase\dieUsage(), and ApiBase\dieUsageMsg().

Referenced by executeAction().

◆ substituteResultWithError()

ApiMain::substituteResultWithError (   $e)
protected

Replace the result data with the information about an exception.

Returns the error code

Parameters
Exception$e
Returns
string

Definition at line 997 of file ApiMain.php.

References $e, $link, errorMessageFromException(), ContextSource\getConfig(), ApiBase\getParameter(), getResult(), ApiResult\NO_SIZE_CHECK, ApiResult\setContentValue(), wfExpandUrl(), wfHostname(), and wfScript().

Referenced by handleException().

◆ wildcardToRegex()

static ApiMain::wildcardToRegex (   $wildcard)
staticprotected

Helper function to convert wildcard string into a regex '*' => '.

*?' '?' => '.'

Parameters
string$wildcardString with wildcards
Returns
string Regular expression

Definition at line 810 of file ApiMain.php.

Member Data Documentation

◆ $Formats

ApiMain::$Formats
staticprivate
Initial value:
= [
'json' => 'ApiFormatJson',
'jsonfm' => 'ApiFormatJson',
'php' => 'ApiFormatPhp',
'phpfm' => 'ApiFormatPhp',
'xml' => 'ApiFormatXml',
'xmlfm' => 'ApiFormatXml',
'rawfm' => 'ApiFormatJson',
'none' => 'ApiFormatNone',
]

List of available formats: format name => format class.

Definition at line 108 of file ApiMain.php.

◆ $lacksSameOriginSecurity

bool null ApiMain::$lacksSameOriginSecurity = null
private

Cached return value from self::lacksSameOriginSecurity()

Definition at line 158 of file ApiMain.php.

Referenced by lacksSameOriginSecurity().

◆ $mAction

ApiMain::$mAction
private

Definition at line 146 of file ApiMain.php.

◆ $mCacheControl

ApiMain::$mCacheControl = []
private

Definition at line 153 of file ApiMain.php.

Referenced by setCacheControl().

◆ $mCacheMode

ApiMain::$mCacheMode = 'private'
private

Definition at line 152 of file ApiMain.php.

◆ $mCanApiHighLimits

ApiMain::$mCanApiHighLimits = null
private

Definition at line 1817 of file ApiMain.php.

Referenced by canApiHighLimits().

◆ $mContinuationManager

ApiContinuationManager null ApiMain::$mContinuationManager
private

Definition at line 145 of file ApiMain.php.

Referenced by getContinuationManager().

◆ $mEnableWrite

ApiMain::$mEnableWrite
private

Definition at line 147 of file ApiMain.php.

◆ $mErrorFormatter

ApiMain::$mErrorFormatter
private

Definition at line 143 of file ApiMain.php.

Referenced by getErrorFormatter().

◆ $mInternalMode

ApiMain::$mInternalMode
private

Definition at line 148 of file ApiMain.php.

Referenced by isInternalMode().

◆ $mModule

ApiBase ApiMain::$mModule
private

Definition at line 150 of file ApiMain.php.

Referenced by getModule().

◆ $mModuleMgr

ApiMain::$mModuleMgr
private

Definition at line 143 of file ApiMain.php.

Referenced by getModuleManager().

◆ $Modules

ApiMain::$Modules
staticprivate

List of available modules: action name => module class.

Definition at line 52 of file ApiMain.php.

◆ $mParamsSensitive

ApiMain::$mParamsSensitive = []
private

Definition at line 155 of file ApiMain.php.

◆ $mParamsUsed

ApiMain::$mParamsUsed = []
private

Definition at line 154 of file ApiMain.php.

◆ $mPrinter

ApiFormatBase ApiMain::$mPrinter
private

Definition at line 141 of file ApiMain.php.

Referenced by getPrinter(), and printResult().

◆ $mResult

ApiMain::$mResult
private

Definition at line 143 of file ApiMain.php.

Referenced by getResult().

◆ $mRights

ApiMain::$mRights
staticprivate
Initial value:
= [
'writeapi' => [
'msg' => 'right-writeapi',
'params' => []
],
'apihighlimits' => [
'msg' => 'api-help-right-apihighlimits',
]
]
const LIMIT_SML2
Slow query, apihighlimits limit.
Definition ApiBase.php:190
const LIMIT_BIG2
Fast query, apihighlimits limit.
Definition ApiBase.php:186

List of user roles that are specifically relevant to the API.

[ 'right' => [ 'msg' => 'Some message with a $1', 'params' => [ $someVarToSubst ] ], ];

Definition at line 126 of file ApiMain.php.

◆ $mSquidMaxage

ApiMain::$mSquidMaxage
private

Definition at line 148 of file ApiMain.php.

◆ API_DEFAULT_FORMAT

const ApiMain::API_DEFAULT_FORMAT = 'jsonfm'

When no format parameter is given, this format will be used.

Definition at line 47 of file ApiMain.php.

Referenced by createErrorPrinter(), and getAllowedParams().


The documentation for this class was generated from the following file: