MediaWiki  master
ApiProtect.php
Go to the documentation of this file.
1 <?php
26 class ApiProtect extends ApiBase {
27  public function execute() {
28  $params = $this->extractRequestParams();
29 
30  $pageObj = $this->getTitleOrPageId( $params, 'fromdbmaster' );
31  $titleObj = $pageObj->getTitle();
32 
33  $this->checkTitleUserPermissions( $titleObj, 'protect' );
34 
35  $user = $this->getUser();
36  $tags = $params['tags'];
37 
38  // Check if user can add tags
39  if ( !is_null( $tags ) ) {
40  $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $tags, $user );
41  if ( !$ableToTag->isOK() ) {
42  $this->dieStatus( $ableToTag );
43  }
44  }
45 
46  $expiry = (array)$params['expiry'];
47  if ( count( $expiry ) != count( $params['protections'] ) ) {
48  if ( count( $expiry ) == 1 ) {
49  $expiry = array_fill( 0, count( $params['protections'] ), $expiry[0] );
50  } else {
51  $this->dieWithError( [
52  'apierror-toofewexpiries',
53  count( $expiry ),
54  count( $params['protections'] )
55  ] );
56  }
57  }
58 
59  $restrictionTypes = $titleObj->getRestrictionTypes();
60 
61  $protections = [];
62  $expiryarray = [];
63  $resultProtections = [];
64  foreach ( $params['protections'] as $i => $prot ) {
65  $p = explode( '=', $prot );
66  $protections[$p[0]] = ( $p[1] == 'all' ? '' : $p[1] );
67 
68  if ( $titleObj->exists() && $p[0] == 'create' ) {
69  $this->dieWithError( 'apierror-create-titleexists' );
70  }
71  if ( !$titleObj->exists() && $p[0] != 'create' ) {
72  $this->dieWithError( 'apierror-missingtitle-createonly' );
73  }
74 
75  if ( !in_array( $p[0], $restrictionTypes ) && $p[0] != 'create' ) {
76  $this->dieWithError( [ 'apierror-protect-invalidaction', wfEscapeWikiText( $p[0] ) ] );
77  }
78  if ( !in_array( $p[1], $this->getConfig()->get( 'RestrictionLevels' ) ) && $p[1] != 'all' ) {
79  $this->dieWithError( [ 'apierror-protect-invalidlevel', wfEscapeWikiText( $p[1] ) ] );
80  }
81 
82  if ( wfIsInfinity( $expiry[$i] ) ) {
83  $expiryarray[$p[0]] = 'infinity';
84  } else {
85  $exp = strtotime( $expiry[$i] );
86  if ( $exp < 0 || !$exp ) {
87  $this->dieWithError( [ 'apierror-invalidexpiry', wfEscapeWikiText( $expiry[$i] ) ] );
88  }
89 
90  $exp = wfTimestamp( TS_MW, $exp );
91  if ( $exp < wfTimestampNow() ) {
92  $this->dieWithError( [ 'apierror-pastexpiry', wfEscapeWikiText( $expiry[$i] ) ] );
93  }
94  $expiryarray[$p[0]] = $exp;
95  }
96  $resultProtections[] = [
97  $p[0] => $protections[$p[0]],
98  'expiry' => ApiResult::formatExpiry( $expiryarray[$p[0]], 'infinite' ),
99  ];
100  }
101 
102  $cascade = $params['cascade'];
103 
104  $watch = $params['watch'] ? 'watch' : $params['watchlist'];
105  $this->setWatch( $watch, $titleObj, 'watchdefault' );
106 
107  $status = $pageObj->doUpdateRestrictions(
108  $protections,
109  $expiryarray,
110  $cascade,
111  $params['reason'],
112  $user,
113  $tags
114  );
115 
116  if ( !$status->isOK() ) {
117  $this->dieStatus( $status );
118  }
119  $res = [
120  'title' => $titleObj->getPrefixedText(),
121  'reason' => $params['reason']
122  ];
123  if ( $cascade ) {
124  $res['cascade'] = true;
125  }
126  $res['protections'] = $resultProtections;
127  $result = $this->getResult();
128  ApiResult::setIndexedTagName( $res['protections'], 'protection' );
129  $result->addValue( null, $this->getModuleName(), $res );
130  }
131 
132  public function mustBePosted() {
133  return true;
134  }
135 
136  public function isWriteMode() {
137  return true;
138  }
139 
140  public function getAllowedParams() {
141  return [
142  'title' => [
143  ApiBase::PARAM_TYPE => 'string',
144  ],
145  'pageid' => [
146  ApiBase::PARAM_TYPE => 'integer',
147  ],
148  'protections' => [
149  ApiBase::PARAM_ISMULTI => true,
150  ApiBase::PARAM_REQUIRED => true,
151  ],
152  'expiry' => [
153  ApiBase::PARAM_ISMULTI => true,
155  ApiBase::PARAM_DFLT => 'infinite',
156  ],
157  'reason' => '',
158  'tags' => [
159  ApiBase::PARAM_TYPE => 'tags',
160  ApiBase::PARAM_ISMULTI => true,
161  ],
162  'cascade' => false,
163  'watch' => [
164  ApiBase::PARAM_DFLT => false,
166  ],
167  'watchlist' => [
168  ApiBase::PARAM_DFLT => 'preferences',
170  'watch',
171  'unwatch',
172  'preferences',
173  'nochange'
174  ],
175  ],
176  ];
177  }
178 
179  public function needsToken() {
180  return 'csrf';
181  }
182 
183  protected function getExamplesMessages() {
184  return [
185  'action=protect&title=Main%20Page&token=123ABC&' .
186  'protections=edit=sysop|move=sysop&cascade=&expiry=20070901163000|never'
187  => 'apihelp-protect-example-protect',
188  'action=protect&title=Main%20Page&token=123ABC&' .
189  'protections=edit=all|move=all&reason=Lifting%20restrictions'
190  => 'apihelp-protect-example-unprotect',
191  'action=protect&title=Main%20Page&token=123ABC&' .
192  'protections=&reason=Lifting%20restrictions'
193  => 'apihelp-protect-example-unprotect2',
194  ];
195  }
196 
197  public function getHelpUrls() {
198  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Protect';
199  }
200 }
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below...
Definition: ApiBase.php:94
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking, formatting, etc.
getResult()
Get the result object.
Definition: ApiBase.php:640
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:2078
const PARAM_DFLT
(null|boolean|integer|string) Default value of the parameter.
Definition: ApiBase.php:55
const PARAM_REQUIRED
(boolean) Is the parameter required?
Definition: ApiBase.php:118
wfIsInfinity( $str)
Determine input string is represents as infinity.
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:2006
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user...
Definition: ApiBase.php:761
static setIndexedTagName(array &$arr, $tag)
Set the tag name for numeric-keyed values in XML format.
Definition: ApiResult.php:616
static formatExpiry( $expiry, $infinity='infinity')
Format an expiry timestamp for API output.
Definition: ApiResult.php:1205
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
wfTimestampNow()
Convenience function; returns MediaWiki timestamp for the present time.
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:520
checkTitleUserPermissions(LinkTarget $linkTarget, $actions, $options=[])
Helper function for permission-denied errors.
Definition: ApiBase.php:2148
getTitleOrPageId( $params, $load=false)
Get a WikiPage object from a title or pageid param, if possible.
Definition: ApiBase.php:1025
getExamplesMessages()
Definition: ApiProtect.php:183
getAllowedParams()
Definition: ApiProtect.php:140
const PARAM_ISMULTI
(boolean) Accept multiple pipe-separated values for this parameter (e.g.
Definition: ApiBase.php:58
This abstract class implements many basic API functions, and is the base of all API classes...
Definition: ApiBase.php:42
setWatch( $watch, $titleObj, $userOption=null)
Set a watch (or unwatch) based the based on a watchlist parameter.
Definition: ApiBase.php:1742
const PARAM_DEPRECATED
(boolean) Is the parameter deprecated (will show a warning)?
Definition: ApiBase.php:112
static canAddTagsAccompanyingChange(array $tags, User $user=null)
Is it OK to allow the user to apply all the specified tags at the same time as they edit/make the cha...
Definition: ChangeTags.php:526
const PARAM_ALLOW_DUPLICATES
(boolean) Allow the same value to be set more than once when PARAM_ISMULTI is true?
Definition: ApiBase.php:109