master/php/ApiUserrights_8php_source.html

 <?php


 use MediaWiki\ParamValidator\TypeDef\UserDef;

 use MediaWiki\Permissions\Authority;

 use MediaWiki\User\UserGroupManager;

 use Wikimedia\ParamValidator\ParamValidator;


 class ApiUserrights extends ApiBase {


     private $mUser = null;


     private $userGroupManager;


     public function __construct(

         ApiMain $mainModule,

         $moduleName,

         UserGroupManager $userGroupManager

     ) {

         parent::__construct( $mainModule, $moduleName );

         $this->userGroupManager = $userGroupManager;

     }


     public function execute() {

         $pUser = $this->getUser();


         // Deny if the user is blocked and doesn't have the full 'userrights' permission.

         // This matches what Special:UserRights does for the web UI.

         if ( !$this->getAuthority()->isAllowed( 'userrights' ) ) {

             $block = $pUser->getBlock( Authority::READ_LATEST );

             if ( $block && $block->isSitewide() ) {

                 $this->dieBlocked( $block );

             }

         }


         $params = $this->extractRequestParams();


         // Figure out expiry times from the input

         // $params['expiry'] is not set in CentralAuth's ApiGlobalUserRights subclass

         if ( isset( $params['expiry'] ) ) {

             $expiry = (array)$params['expiry'];

         } else {

             $expiry = [ 'infinity' ];

         }

         $add = (array)$params['add'];

         if ( !$add ) {

             $expiry = [];

         } elseif ( count( $expiry ) !== count( $add ) ) {

             if ( count( $expiry ) === 1 ) {

                 $expiry = array_fill( 0, count( $add ), $expiry[0] );

             } else {

                 $this->dieWithError( [

                     'apierror-toofewexpiries',

                     count( $expiry ),

                     count( $add )

                 ] );

             }

         }


         // Validate the expiries

         $groupExpiries = [];

         foreach ( $expiry as $index => $expiryValue ) {

             $group = $add[$index];

             $groupExpiries[$group] = UserrightsPage::expiryToTimestamp( $expiryValue );


             if ( $groupExpiries[$group] === false ) {

                 $this->dieWithError( [ 'apierror-invalidexpiry', wfEscapeWikiText( $expiryValue ) ] );

             }


             // not allowed to have things expiring in the past

             if ( $groupExpiries[$group] && $groupExpiries[$group] < wfTimestampNow() ) {

                 $this->dieWithError( [ 'apierror-pastexpiry', wfEscapeWikiText( $expiryValue ) ] );

             }

         }


         $user = $this->getUrUser( $params );


         $tags = $params['tags'];


         // Check if user can add tags

         if ( $tags !== null ) {

             $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $tags, $this->getAuthority() );

             if ( !$ableToTag->isOK() ) {

                 $this->dieStatus( $ableToTag );

             }

         }


         $form = new UserrightsPage();

         $form->setContext( $this->getContext() );

         $r = [];

         $r['user'] = $user->getName();

         $r['userid'] = $user->getId();

         list( $r['added'], $r['removed'] ) = $form->doSaveUserGroups(

             // Don't pass null to doSaveUserGroups() for array params, cast to empty array

             $user, $add, (array)$params['remove'],

             $params['reason'], (array)$tags, $groupExpiries

         );


         $result = $this->getResult();

         ApiResult::setIndexedTagName( $r['added'], 'group' );

         ApiResult::setIndexedTagName( $r['removed'], 'group' );

         $result->addValue( null, $this->getModuleName(), $r );

     }


     private function getUrUser( array $params ) {

         if ( $this->mUser !== null ) {

             return $this->mUser;

         }


         $this->requireOnlyOneParameter( $params, 'user', 'userid' );


         $user = $params['user'] ?? '#' . $params['userid'];


         $form = new UserrightsPage();

         $form->setContext( $this->getContext() );

         $status = $form->fetchUser( $user );

         if ( !$status->isOK() ) {

             $this->dieStatus( $status );

         }


         $this->mUser = $status->value;


         return $status->value;

     }


     public function mustBePosted() {

         return true;

     }


     public function isWriteMode() {

         return true;

     }


     public function getAllowedParams( $flags = 0 ) {

         $allGroups = $this->userGroupManager->listAllGroups();


         if ( $flags & ApiBase::GET_VALUES_FOR_HELP ) {

             sort( $allGroups );

         }


         return [

             'user' => [

                 ParamValidator::PARAM_TYPE => 'user',

                 UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'id' ],

             ],

             'userid' => [

                 ParamValidator::PARAM_TYPE => 'integer',

                 ParamValidator::PARAM_DEPRECATED => true,

             ],

             'add' => [

                 ParamValidator::PARAM_TYPE => $allGroups,

                 ParamValidator::PARAM_ISMULTI => true

             ],

             'expiry' => [

                 ParamValidator::PARAM_ISMULTI => true,

                 ParamValidator::PARAM_ALLOW_DUPLICATES => true,

                 ParamValidator::PARAM_DEFAULT => 'infinite',

             ],

             'remove' => [

                 ParamValidator::PARAM_TYPE => $allGroups,

                 ParamValidator::PARAM_ISMULTI => true

             ],

             'reason' => [

                 ParamValidator::PARAM_DEFAULT => ''

             ],

             'token' => [

                 // Standard definition automatically inserted

                 ApiBase::PARAM_HELP_MSG_APPEND => [ 'api-help-param-token-webui' ],

             ],

             'tags' => [

                 ParamValidator::PARAM_TYPE => 'tags',

                 ParamValidator::PARAM_ISMULTI => true

             ],

         ];

     }


     public function needsToken() {

         return 'userrights';

     }


     protected function getWebUITokenSalt( array $params ) {

         return $this->getUrUser( $params )->getName();

     }


     protected function getExamplesMessages() {

         return [

             'action=userrights&user=FooBot&add=bot&remove=sysop|bureaucrat&token=123ABC'

                 => 'apihelp-userrights-example-user',

             'action=userrights&userid=123&add=bot&remove=sysop|bureaucrat&token=123ABC'

                 => 'apihelp-userrights-example-userid',

             'action=userrights&user=SometimeSysop&add=sysop&expiry=1%20month&token=123ABC'

                 => 'apihelp-userrights-example-expiry',

         ];

     }


     public function getHelpUrls() {

         return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:User_group_membership';

     }

 }

wfTimestampNow
wfTimestampNow()
Convenience function; returns MediaWiki timestamp for the present time.
Definition: GlobalFunctions.php:1455

wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition: GlobalFunctions.php:1216

ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:56

ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition: ApiBase.php:1453

ApiBase\PARAM_HELP_MSG_APPEND
const PARAM_HELP_MSG_APPEND
((string|array|Message)[]) Specify additional i18n messages to append to the normal message for this ...
Definition: ApiBase.php:170

ApiBase\requireOnlyOneParameter
requireOnlyOneParameter( $params,... $required)
Die if none or more than one of a certain set of parameters is set and not false.
Definition: ApiBase.php:903

ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:629

ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:765

ApiBase\GET_VALUES_FOR_HELP
const GET_VALUES_FOR_HELP
getAllowedParams() flag: When set, the result could take longer to generate, but should be more thoro...
Definition: ApiBase.php:234

ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:498

ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:1516

ApiBase\dieBlocked
dieBlocked(Block $block)
Throw an ApiUsageException, which will (if uncaught) call the main module's error handler and die wit...
Definition: ApiBase.php:1483

ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:52

ApiResult\setIndexedTagName
static setIndexedTagName(array &$arr, $tag)
Set the tag name for numeric-keyed values in XML format.
Definition: ApiResult.php:604

ApiUserrights
Definition: ApiUserrights.php:34

ApiUserrights\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiUserrights.php:231

ApiUserrights\getAllowedParams
getAllowedParams( $flags=0)
Definition: ApiUserrights.php:169

ApiUserrights\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiUserrights.php:55

ApiUserrights\mustBePosted
mustBePosted()
Indicates whether this module must be called with a POST request.
Definition: ApiUserrights.php:161

ApiUserrights\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition: ApiUserrights.php:212

ApiUserrights\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition: ApiUserrights.php:165

ApiUserrights\__construct
__construct(ApiMain $mainModule, $moduleName, UserGroupManager $userGroupManager)
Definition: ApiUserrights.php:46

ApiUserrights\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiUserrights.php:220

ApiUserrights\getWebUITokenSalt
getWebUITokenSalt(array $params)
Fetch the salt used in the Web UI corresponding to this module.
Definition: ApiUserrights.php:216

ChangeTags\canAddTagsAccompanyingChange
static canAddTagsAccompanyingChange(array $tags, Authority $performer=null, $checkBlock=true)
Is it OK to allow the user to apply all the specified tags at the same time as they edit/make the cha...
Definition: ChangeTags.php:635

ContextSource\getAuthority
getAuthority()
Definition: ContextSource.php:155

ContextSource\getUser
getUser()
Definition: ContextSource.php:147

ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition: ContextSource.php:47

Wikimedia\ParamValidator\ParamValidator::TypeDef\UserDef
Type definition for user types.
Definition: UserDef.php:27

MediaWiki\User\UserGroupManager
Managers user groups.
Definition: UserGroupManager.php:54

UserrightsPage
Special page to allow managing user group membership.
Definition: SpecialUserrights.php:38

UserrightsPage\expiryToTimestamp
static expiryToTimestamp( $expiry)
Converts a user group membership expiry string into a timestamp.
Definition: SpecialUserrights.php:287

Wikimedia\ParamValidator\ParamValidator
Service for formatting and validating API parameters.
Definition: ParamValidator.php:42

MediaWiki\Permissions\Authority
This interface represents the authority associated the current execution context, such as a web reque...
Definition: Authority.php:37

true
return true
Definition: router.php:90