MediaWiki  master
ApiRevisionDelete.php
Go to the documentation of this file.
1 <?php
28 
35 class ApiRevisionDelete extends ApiBase {
36 
37  public function execute() {
39 
40  $params = $this->extractRequestParams();
41  $user = $this->getUser();
42  $this->checkUserRightsAny( RevisionDeleter::getRestriction( $params['type'] ) );
43 
44  if ( !$params['ids'] ) {
45  $this->dieWithError( [ 'apierror-paramempty', 'ids' ], 'paramempty_ids' );
46  }
47 
48  // Check if user can add tags
49  if ( $params['tags'] ) {
50  $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $params['tags'], $this->getAuthority() );
51  if ( !$ableToTag->isOK() ) {
52  $this->dieStatus( $ableToTag );
53  }
54  }
55 
56  $hide = $params['hide'] ?: [];
57  $show = $params['show'] ?: [];
58  if ( array_intersect( $hide, $show ) ) {
59  $this->dieWithError( 'apierror-revdel-mutuallyexclusive', 'badparams' );
60  } elseif ( !$hide && !$show ) {
61  $this->dieWithError( 'apierror-revdel-paramneeded', 'badparams' );
62  }
63  $bits = [
64  'content' => RevisionDeleter::getRevdelConstant( $params['type'] ),
65  'comment' => RevisionRecord::DELETED_COMMENT,
66  'user' => RevisionRecord::DELETED_USER,
67  ];
68  $bitfield = [];
69  foreach ( $bits as $key => $bit ) {
70  if ( in_array( $key, $hide ) ) {
71  $bitfield[$bit] = 1;
72  } elseif ( in_array( $key, $show ) ) {
73  $bitfield[$bit] = 0;
74  } else {
75  $bitfield[$bit] = -1;
76  }
77  }
78 
79  if ( $params['suppress'] === 'yes' ) {
80  $this->checkUserRightsAny( 'suppressrevision' );
81  $bitfield[RevisionRecord::DELETED_RESTRICTED] = 1;
82  } elseif ( $params['suppress'] === 'no' ) {
83  $bitfield[RevisionRecord::DELETED_RESTRICTED] = 0;
84  } else {
85  $bitfield[RevisionRecord::DELETED_RESTRICTED] = -1;
86  }
87 
88  $targetObj = null;
89  if ( $params['target'] ) {
90  $targetObj = Title::newFromText( $params['target'] );
91  }
92  $targetObj = RevisionDeleter::suggestTarget( $params['type'], $targetObj, $params['ids'] );
93  if ( $targetObj === null ) {
94  $this->dieWithError( [ 'apierror-revdel-needtarget' ], 'needtarget' );
95  }
96 
97  // TODO: replace use of PermissionManager
98  if ( $this->getPermissionManager()->isBlockedFrom( $user, $targetObj ) ) {
99  // @phan-suppress-next-line PhanTypeMismatchArgumentNullable Block is checked and not null
100  $this->dieBlocked( $user->getBlock() );
101  }
102 
104  $params['type'], $this->getContext(), $targetObj, $params['ids']
105  );
106  $status = $list->setVisibility( [
107  'value' => $bitfield,
108  'comment' => $params['reason'] ?? '',
109  'perItemStatus' => true,
110  'tags' => $params['tags']
111  ] );
112 
113  $result = $this->getResult();
114  $data = $this->extractStatusInfo( $status );
115  $data['target'] = $targetObj->getFullText();
116  $data['items'] = [];
117 
118  foreach ( $status->getValue()['itemStatuses'] as $id => $s ) {
119  $data['items'][$id] = $this->extractStatusInfo( $s );
120  $data['items'][$id]['id'] = $id;
121  }
122 
123  $list->reloadFromPrimary();
124  for ( $item = $list->reset(); $list->current(); $item = $list->next() ) {
125  $data['items'][$item->getId()] += $item->getApiData( $this->getResult() );
126  }
127 
128  $data['items'] = array_values( $data['items'] );
129  ApiResult::setIndexedTagName( $data['items'], 'i' );
130  $result->addValue( null, $this->getModuleName(), $data );
131  }
132 
133  private function extractStatusInfo( Status $status ) {
134  $ret = [
135  'status' => $status->isOK() ? 'Success' : 'Fail',
136  ];
137 
138  $errors = $this->getErrorFormatter()->arrayFromStatus( $status, 'error' );
139  if ( $errors ) {
140  $ret['errors'] = $errors;
141  }
142  $warnings = $this->getErrorFormatter()->arrayFromStatus( $status, 'warning' );
143  if ( $warnings ) {
144  $ret['warnings'] = $warnings;
145  }
146 
147  return $ret;
148  }
149 
150  public function mustBePosted() {
151  return true;
152  }
153 
154  public function isWriteMode() {
155  return true;
156  }
157 
158  public function getAllowedParams() {
159  return [
160  'type' => [
161  ParamValidator::PARAM_TYPE => RevisionDeleter::getTypes(),
162  ParamValidator::PARAM_REQUIRED => true
163  ],
164  'target' => null,
165  'ids' => [
166  ParamValidator::PARAM_ISMULTI => true,
167  ParamValidator::PARAM_REQUIRED => true
168  ],
169  'hide' => [
170  ParamValidator::PARAM_TYPE => [ 'content', 'comment', 'user' ],
171  ParamValidator::PARAM_ISMULTI => true,
172  ],
173  'show' => [
174  ParamValidator::PARAM_TYPE => [ 'content', 'comment', 'user' ],
175  ParamValidator::PARAM_ISMULTI => true,
176  ],
177  'suppress' => [
178  ParamValidator::PARAM_TYPE => [ 'yes', 'no', 'nochange' ],
179  ParamValidator::PARAM_DEFAULT => 'nochange',
180  ],
181  'reason' => [
182  ParamValidator::PARAM_TYPE => 'string'
183  ],
184  'tags' => [
185  ParamValidator::PARAM_TYPE => 'tags',
186  ParamValidator::PARAM_ISMULTI => true,
187  ],
188  ];
189  }
190 
191  public function needsToken() {
192  return 'csrf';
193  }
194 
195  protected function getExamplesMessages() {
196  $title = Title::newMainPage()->getPrefixedText();
197  $mp = rawurlencode( $title );
198 
199  return [
200  "action=revisiondelete&target={$mp}&type=revision&ids=12345&" .
201  'hide=content&token=123ABC'
202  => 'apihelp-revisiondelete-example-revision',
203  'action=revisiondelete&type=logging&ids=67890&hide=content|comment|user&' .
204  'reason=BLP%20violation&token=123ABC'
205  => 'apihelp-revisiondelete-example-log',
206  ];
207  }
208 
209  public function getHelpUrls() {
210  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Revisiondelete';
211  }
212 }
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:63
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition: ApiBase.php:1516
checkUserRightsAny( $rights, $user=null)
Helper function for permission-denied errors.
Definition: ApiBase.php:1632
getErrorFormatter()
Definition: ApiBase.php:679
getPermissionManager()
Obtain a PermissionManager instance that subclasses may use in their authorization checks.
Definition: ApiBase.php:728
getResult()
Get the result object.
Definition: ApiBase.php:668
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:808
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:529
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:1571
useTransactionalTimeLimit()
Call wfTransactionalTimeLimit() if this request was POSTed.
Definition: ApiBase.php:1364
dieBlocked(Block $block)
Throw an ApiUsageException, which will (if uncaught) call the main module's error handler and die wit...
Definition: ApiBase.php:1545
static setIndexedTagName(array &$arr, $tag)
Set the tag name for numeric-keyed values in XML format.
Definition: ApiResult.php:604
API interface to RevDel.
isWriteMode()
Indicates whether this module requires write mode.
mustBePosted()
Indicates whether this module must be called with a POST request.
getExamplesMessages()
Returns usage examples for this module.
getHelpUrls()
Return links to more detailed help pages about the module.
needsToken()
Returns the token type this module requires in order to execute.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
static canAddTagsAccompanyingChange(array $tags, Authority $performer=null, $checkBlock=true)
Is it OK to allow the user to apply all the specified tags at the same time as they edit/make the cha...
Definition: ChangeTags.php:396
getContext()
Get the base IContextSource object.
Page revision base class.
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition: Status.php:58
Represents a title within MediaWiki.
Definition: Title.php:76
static getTypes()
Lists the valid possible types for revision deletion.
static suggestTarget( $typeName, $target, array $ids)
Suggest a target for the revision deletion.
static getRevdelConstant( $typeName)
Get the revision deletion constant for the RevDel type.
static getRestriction( $typeName)
Get the user right required for the RevDel type.
static createList( $typeName, IContextSource $context, PageIdentity $page, array $ids)
Instantiate the appropriate list class for a given list of IDs.
isOK()
Returns whether the operation completed.
Service for formatting and validating API parameters.
return true
Definition: router.php:90