REL1_35/php/ApiUserrights_8php_source.html

<?php


use MediaWiki\ParamValidator\TypeDef\UserDef;


class ApiUserrights extends ApiBase {


    private $mUser = null;


    protected function getUserRightsPage() {

        return new UserrightsPage;

    }


    protected function getAllGroups() {

        return User::getAllGroups();

    }


    public function execute() {

        $pUser = $this->getUser();


        // Deny if the user is blocked and doesn't have the full 'userrights' permission.

        // This matches what Special:UserRights does for the web UI.

        if ( !$this->getPermissionManager()->userHasRight( $pUser, 'userrights' ) ) {

            $block = $pUser->getBlock();

            if ( $block && $block->isSitewide() ) {

                $this->dieBlocked( $block );

            }

        }


        $params = $this->extractRequestParams();


        // Figure out expiry times from the input

        // $params['expiry'] is not set in CentralAuth's ApiGlobalUserRights subclass

        if ( isset( $params['expiry'] ) ) {

            $expiry = (array)$params['expiry'];

        } else {

            $expiry = [ 'infinity' ];

        }

        $add = (array)$params['add'];

        if ( !$add ) {

            $expiry = [];

        } elseif ( count( $expiry ) !== count( $add ) ) {

            if ( count( $expiry ) === 1 ) {

                $expiry = array_fill( 0, count( $add ), $expiry[0] );

            } else {

                $this->dieWithError( [

                    'apierror-toofewexpiries',

                    count( $expiry ),

                    count( $add )

                ] );

            }

        }


        // Validate the expiries

        $groupExpiries = [];

        foreach ( $expiry as $index => $expiryValue ) {

            $group = $add[$index];

            $groupExpiries[$group] = UserrightsPage::expiryToTimestamp( $expiryValue );


            if ( $groupExpiries[$group] === false ) {

                $this->dieWithError( [ 'apierror-invalidexpiry', wfEscapeWikiText( $expiryValue ) ] );

            }


            // not allowed to have things expiring in the past

            if ( $groupExpiries[$group] && $groupExpiries[$group] < wfTimestampNow() ) {

                $this->dieWithError( [ 'apierror-pastexpiry', wfEscapeWikiText( $expiryValue ) ] );

            }

        }


        $user = $this->getUrUser( $params );


        $tags = $params['tags'];


        // Check if user can add tags

        if ( $tags !== null ) {

            $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $tags, $pUser );

            if ( !$ableToTag->isOK() ) {

                $this->dieStatus( $ableToTag );

            }

        }


        $form = $this->getUserRightsPage();

        $form->setContext( $this->getContext() );

        $r = [];

        $r['user'] = $user->getName();

        $r['userid'] = $user->getId();

        list( $r['added'], $r['removed'] ) = $form->doSaveUserGroups(

            // Don't pass null to doSaveUserGroups() for array params, cast to empty array

            $user, $add, (array)$params['remove'],

            $params['reason'], (array)$tags, $groupExpiries

        );


        $result = $this->getResult();

        ApiResult::setIndexedTagName( $r['added'], 'group' );

        ApiResult::setIndexedTagName( $r['removed'], 'group' );

        $result->addValue( null, $this->getModuleName(), $r );

    }


    private function getUrUser( array $params ) {

        if ( $this->mUser !== null ) {

            return $this->mUser;

        }


        $this->requireOnlyOneParameter( $params, 'user', 'userid' );


        $user = $params['user'] ?? '#' . $params['userid'];


        $form = $this->getUserRightsPage();

        $form->setContext( $this->getContext() );

        $status = $form->fetchUser( $user );

        if ( !$status->isOK() ) {

            $this->dieStatus( $status );

        }


        $this->mUser = $status->value;


        return $status->value;

    }


    public function mustBePosted() {

        return true;

    }


    public function isWriteMode() {

        return true;

    }


    public function getAllowedParams( $flags = 0 ) {

        $allGroups = $this->getAllGroups();


        if ( $flags & ApiBase::GET_VALUES_FOR_HELP ) {

            sort( $allGroups );

        }


        $a = [

            'user' => [

                ApiBase::PARAM_TYPE => 'user',

                UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'id' ],

                UserDef::PARAM_RETURN_OBJECT => true,

            ],

            'userid' => [

                ApiBase::PARAM_TYPE => 'integer',

                ApiBase::PARAM_DEPRECATED => true,

            ],

            'add' => [

                ApiBase::PARAM_TYPE => $allGroups,

                ApiBase::PARAM_ISMULTI => true

            ],

            'expiry' => [

                ApiBase::PARAM_ISMULTI => true,

                ApiBase::PARAM_ALLOW_DUPLICATES => true,

                ApiBase::PARAM_DFLT => 'infinite',

            ],

            'remove' => [

                ApiBase::PARAM_TYPE => $allGroups,

                ApiBase::PARAM_ISMULTI => true

            ],

            'reason' => [

                ApiBase::PARAM_DFLT => ''

            ],

            'token' => [

                // Standard definition automatically inserted

                ApiBase::PARAM_HELP_MSG_APPEND => [ 'api-help-param-token-webui' ],

            ],

            'tags' => [

                ApiBase::PARAM_TYPE => 'tags',

                ApiBase::PARAM_ISMULTI => true

            ],

        ];

        // CentralAuth's ApiGlobalUserRights subclass can't handle expiries

        if ( !$this->getUserRightsPage()->canProcessExpiries() ) {

            unset( $a['expiry'] );

        }

        return $a;

    }


    public function needsToken() {

        return 'userrights';

    }


    protected function getWebUITokenSalt( array $params ) {

        return $this->getUrUser( $params )->getName();

    }


    protected function getExamplesMessages() {

        $a = [

            'action=userrights&user=FooBot&add=bot&remove=sysop|bureaucrat&token=123ABC'

                => 'apihelp-userrights-example-user',

            'action=userrights&userid=123&add=bot&remove=sysop|bureaucrat&token=123ABC'

                => 'apihelp-userrights-example-userid',

        ];

        if ( $this->getUserRightsPage()->canProcessExpiries() ) {

            $a['action=userrights&user=SometimeSysop&add=sysop&expiry=1%20month&token=123ABC']

                = 'apihelp-userrights-example-expiry';

        }

        return $a;

    }


    public function getHelpUrls() {

        return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:User_group_membership';

    }


}


wfTimestampNow
wfTimestampNow()
Convenience function; returns MediaWiki timestamp for the present time.
Definition GlobalFunctions.php:1832

wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition GlobalFunctions.php:1488

ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:52

ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1437

ApiBase\PARAM_DEPRECATED
const PARAM_DEPRECATED
Definition ApiBase.php:98

ApiBase\PARAM_TYPE
const PARAM_TYPE
Definition ApiBase.php:78

ApiBase\PARAM_DFLT
const PARAM_DFLT
Definition ApiBase.php:70

ApiBase\PARAM_HELP_MSG_APPEND
const PARAM_HELP_MSG_APPEND
((string|array|Message)[]) Specify additional i18n messages to append to the normal message for this ...
Definition ApiBase.php:169

ApiBase\PARAM_ALLOW_DUPLICATES
const PARAM_ALLOW_DUPLICATES
Definition ApiBase.php:94

ApiBase\getPermissionManager
getPermissionManager()
Obtain a PermissionManager instance that subclasses may use in their authorization checks.
Definition ApiBase.php:692

ApiBase\requireOnlyOneParameter
requireOnlyOneParameter( $params,... $required)
Die if none or more than one of a certain set of parameters is set and not false.
Definition ApiBase.php:909

ApiBase\dieBlocked
dieBlocked(AbstractBlock $block)
Throw an ApiUsageException, which will (if uncaught) call the main module's error handler and die wit...
Definition ApiBase.php:1464

ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:620

ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:772

ApiBase\GET_VALUES_FOR_HELP
const GET_VALUES_FOR_HELP
getAllowedParams() flag: When set, the result could take longer to generate, but should be more thoro...
Definition ApiBase.php:233

ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:499

ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition ApiBase.php:1495

ApiBase\PARAM_ISMULTI
const PARAM_ISMULTI
Definition ApiBase.php:74

ApiUserrights
Definition ApiUserrights.php:31

ApiUserrights\$mUser
$mUser
Definition ApiUserrights.php:33

ApiUserrights\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition ApiUserrights.php:236

ApiUserrights\getAllowedParams
getAllowedParams( $flags=0)
Definition ApiUserrights.php:165

ApiUserrights\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiUserrights.php:51

ApiUserrights\mustBePosted
mustBePosted()
Indicates whether this module must be called with a POST request Stable to override.
Definition ApiUserrights.php:157

ApiUserrights\getUrUser
getUrUser(array $params)
Definition ApiUserrights.php:136

ApiUserrights\getUserRightsPage
getUserRightsPage()
Get a UserrightsPage object, or subclass.
Definition ApiUserrights.php:39

ApiUserrights\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition ApiUserrights.php:214

ApiUserrights\getAllGroups
getAllGroups()
Get all available groups.
Definition ApiUserrights.php:47

ApiUserrights\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition ApiUserrights.php:161

ApiUserrights\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiUserrights.php:222

ApiUserrights\getWebUITokenSalt
getWebUITokenSalt(array $params)
Fetch the salt used in the Web UI corresponding to this module.
Definition ApiUserrights.php:218

ChangeTags\canAddTagsAccompanyingChange
static canAddTagsAccompanyingChange(array $tags, User $user=null)
Is it OK to allow the user to apply all the specified tags at the same time as they edit/make the cha...
Definition ChangeTags.php:552

ContextSource\getUser
getUser()
Stable to override.
Definition ContextSource.php:131

ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition ContextSource.php:42

MediaWiki\ParamValidator\TypeDef\UserDef
Type definition for user types.
Definition UserDef.php:23

User\getAllGroups
static getAllGroups()
Return the set of defined explicit groups.
Definition User.php:4262

UserrightsPage
Special page to allow managing user group membership.
Definition SpecialUserrights.php:31

UserrightsPage\expiryToTimestamp
static expiryToTimestamp( $expiry)
Converts a user group membership expiry string into a timestamp.
Definition SpecialUserrights.php:254

true
return true
Definition router.php:92