MediaWiki master
|
Users can authorize applications to use their account via OAuth. More...
Public Member Functions | |
__construct (ServiceOptions $options) | |
getGrantGroups (array $grantsFilter=null) | |
Divide the grants into groups. | |
getGrantRights ( $grants) | |
Fetch the rights allowed by a set of grants. | |
getHiddenGrants () | |
Get the list of grants that are hidden and should always be granted. | |
getRightsByGrant () | |
Map all grants to corresponding user rights. | |
getRiskGroupsByGrant (string $default='unknown') | |
Returns a map of grant name => risk group. | |
getValidGrants () | |
List all known grants. | |
grantsAreValid (array $grants) | |
Test that all grants in the list are known. | |
Public Attributes | |
const | CONSTRUCTOR_OPTIONS |
const | RISK_INTERNAL = 'internal' |
Risk level classification for grants which are used for internal purposes and should not be handed out. | |
const | RISK_LOW = 'low' |
Risk level classification for grants which aren't particularly risky. | |
const | RISK_SECURITY = 'security' |
Risk level classification for grants which can be used to cause damage that is hard or impossible to undo, such as exfiltrating sensitive private data or creating security vulnerabilities. | |
const | RISK_VANDALISM = 'vandalism' |
Risk level classification for grants which can be used for disruptive vandalism or other kinds of abuse that couldn't be achieved just by registering new accounts, such as main page vandalism, vandalism of popular templates, page merge vandalism, or blocks. | |
Users can authorize applications to use their account via OAuth.
Grants are used to limit permissions for these application. This service allows application logic to access grants.
Definition at line 33 of file GrantsInfo.php.
MediaWiki\Permissions\GrantsInfo::__construct | ( | ServiceOptions | $options | ) |
Definition at line 76 of file GrantsInfo.php.
References MediaWiki\Config\ServiceOptions\assertRequiredOptions().
MediaWiki\Permissions\GrantsInfo::getGrantGroups | ( | array | $grantsFilter = null | ) |
Divide the grants into groups.
string[] | null | $grantsFilter |
Definition at line 135 of file GrantsInfo.php.
MediaWiki\Permissions\GrantsInfo::getGrantRights | ( | $grants | ) |
Fetch the rights allowed by a set of grants.
string[] | string | $grants |
Definition at line 108 of file GrantsInfo.php.
MediaWiki\Permissions\GrantsInfo::getHiddenGrants | ( | ) |
Get the list of grants that are hidden and should always be granted.
Definition at line 159 of file GrantsInfo.php.
MediaWiki\Permissions\GrantsInfo::getRightsByGrant | ( | ) |
Map all grants to corresponding user rights.
Definition at line 95 of file GrantsInfo.php.
MediaWiki\Permissions\GrantsInfo::getRiskGroupsByGrant | ( | string | $default = 'unknown' | ) |
Returns a map of grant name => risk group.
The risk groups are the GrantsInfo::RISK_* constants, plus $default for grants where the risk level is not defined.
string | $default | Default risk group to assign to grants for which no risk group is configured. $default does not have to be one of the RISK_* constants. |
Definition at line 177 of file GrantsInfo.php.
MediaWiki\Permissions\GrantsInfo::getValidGrants | ( | ) |
MediaWiki\Permissions\GrantsInfo::grantsAreValid | ( | array | $grants | ) |
Test that all grants in the list are known.
string[] | $grants |
Definition at line 126 of file GrantsInfo.php.
const MediaWiki\Permissions\GrantsInfo::CONSTRUCTOR_OPTIONS |
Definition at line 68 of file GrantsInfo.php.
const MediaWiki\Permissions\GrantsInfo::RISK_INTERNAL = 'internal' |
Risk level classification for grants which are used for internal purposes and should not be handed out.
Definition at line 63 of file GrantsInfo.php.
const MediaWiki\Permissions\GrantsInfo::RISK_LOW = 'low' |
Risk level classification for grants which aren't particularly risky.
These grants might be abused, e.g. for vandalism, but the effect is easy to undo and the efficiency of abusing them isn't particularly different from registering new user accounts and using those for abuse. Note that risk levels depend on the use case; the default classification is meant for "normal" (public, open registration) wikis. Classification for e.g. a private wiki holding confidential information could be quite different.
Definition at line 43 of file GrantsInfo.php.
const MediaWiki\Permissions\GrantsInfo::RISK_SECURITY = 'security' |
Risk level classification for grants which can be used to cause damage that is hard or impossible to undo, such as exfiltrating sensitive private data or creating security vulnerabilities.
Definition at line 57 of file GrantsInfo.php.
const MediaWiki\Permissions\GrantsInfo::RISK_VANDALISM = 'vandalism' |
Risk level classification for grants which can be used for disruptive vandalism or other kinds of abuse that couldn't be achieved just by registering new accounts, such as main page vandalism, vandalism of popular templates, page merge vandalism, or blocks.
Definition at line 50 of file GrantsInfo.php.