r107587 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r107586‎ \| r107587 \| r107588 >
Date:	19:08, 29 December 2011
Author:	bsitu
Status:	ok
Tags:
Comment:	Introducing page request permission check to MarkAsHelpful
Modified paths:	/trunk/extensions/MarkAsHelpful/MarkAsHelpful.php (modified) (history) /trunk/extensions/MarkAsHelpful/api/ApiGetMarkAsHelpfulItem.php (modified) (history) /trunk/extensions/MarkAsHelpful/api/ApiMarkAsHelpful.php (modified) (history)

Diff [purge]

Index: trunk/extensions/MarkAsHelpful/MarkAsHelpful.php
—	—	@@ -32,11 +32,12 @@
33	33
34	34	// API
35	35	$wgAutoloadClasses['ApiMarkAsHelpful'] = $dir . 'api/ApiMarkAsHelpful.php';
36		~~-$wgAutoloadClasses['MWApiGetMarkAsHelpfulItemInvalidActionException'] = $dir . 'api/ApiMarkAsHelpful.php';~~
	36	+$wgAutoloadClasses['MWApiGetMarkAsHelpfulItemInvalidPageException'] = $dir . 'api/ApiGetMarkAsHelpfulItem.php';
37	37	$wgAPIModules['markashelpful'] = 'ApiMarkAsHelpful';
38	38
39	39	$wgAutoloadClasses['ApiGetMarkAsHelpfulItem'] = $dir . 'api/ApiGetMarkAsHelpfulItem.php';
40		~~-$wgAutoloadClasses['MWApiMarkAsHelpfulInvalidActionException'] = $dir . 'api/ApiGetMarkAsHelpfulItem.php';~~
	40	+$wgAutoloadClasses['MWApiMarkAsHelpfulInvalidActionException'] = $dir . 'api/ApiMarkAsHelpful.php';
	41	+$wgAutoloadClasses['MWApiMarkAsHelpfulInvalidPageException'] = $dir . 'api/ApiMarkAsHelpful.php';
41	42	$wgAPIModules['getmarkashelpfulitem'] = 'ApiGetMarkAsHelpfulItem';
42	43
43	44	// Hooks
Index: trunk/extensions/MarkAsHelpful/api/ApiGetMarkAsHelpfulItem.php
—	—	@@ -7,24 +7,43 @@
8	8
9	9	$params = $this->extractRequestParams();
10	10
11		~~- // check if current user has permission to mark this item,~~
12		~~- $isAbleToMark = true;~~
	11	+ $page = Title::newFromText( $params['page'] );
13	12
14		~~- wfRunHooks( 'onMarkItemAsHelpful', array( 'mark', $params['type'], $params['item'], $wgUser, &$isAbleToMark ) );~~
	13	+ if ( !$page ) {
	14	+ throw new MWApiGetMarkAsHelpfulItemInvalidPageException( 'Invalid page!' );
	15	+ }
15	16
16		~~- $HelpfulUserList = MarkAsHelpfulItem::getMarkAsHelpfulList( $params['type'], $params['item'] );~~
	17	+ // check if current user has permission to mark the item,
	18	+ $isAbleToMark = false;
	19	+ // check if the page has permission to request the item
	20	+ $isAbleToShow = false;
17	21
18		~~- if ( $params['prop'] == 'metadata') {~~
19		~~- $data = $HelpfulUserList;~~
20		~~- $format = 'metadata';~~
21		~~- } else {~~
22		~~- $data = MarkAsHelpfulUtil::getMarkAsHelpfulTemplate(~~
23		~~- $wgUser, $isAbleToMark, $HelpfulUserList, $params['type'],~~
24		~~- $params['item']~~
25		~~- );~~
26		~~- $format = 'formatted';~~
	22	+ wfRunHooks( 'onMarkItemAsHelpful', array( $params['type'], $params['item'], $wgUser, &$isAbleToMark, $page, &$isAbleToShow ) );
	23	+
	24	+ if ( $isAbleToShow ) {
	25	+ $HelpfulUserList = MarkAsHelpfulItem::getMarkAsHelpfulList( $params['type'], $params['item'] );
	26	+
	27	+ if ( $params['prop'] == 'metadata') {
	28	+ $data = $HelpfulUserList;
	29	+ $format = 'metadata';
	30	+ } else {
	31	+ $data = MarkAsHelpfulUtil::getMarkAsHelpfulTemplate(
	32	+ $wgUser, $isAbleToMark, $HelpfulUserList, $params['type'],
	33	+ $params['item']
	34	+ );
	35	+ $format = 'formatted';
	36	+ }
27	37	}
	38	+ else {
	39	+ $data = '';
28	40
	41	+ if ( $params['prop'] == 'metadata') {
	42	+ $format = 'metadata';
	43	+ } else {
	44	+ $format = 'formatted';
	45	+ }
	46	+ }
	47	+
29	48	$result = array( 'result' => 'success', $format => $data );
30	49	$this->getResult()->addValue( null, $this->getModuleName(), $result );
31	50	}
—	—	@@ -44,6 +63,9 @@
45	64	'prop' => array(
46	65	ApiBase::PARAM_TYPE => array( 'metadata', 'formatted' ),
47	66	),
	67	+ 'page' => array(
	68	+ ApiBase::PARAM_REQUIRED => true,
	69	+ ),
48	70	);
49	71	}
50	72
—	—	@@ -56,6 +78,7 @@
57	79	'type' => 'The object type that is being marked as helpful',
58	80	'item' => 'The object item that is being marked as helpful',
59	81	'prop' => 'Which property to get',
	82	+ 'page' => 'The page which is requesting the item',
60	83	);
61	84	}
62	85
—	—	@@ -65,5 +88,4 @@
66	89
67	90	}
68	91
69		~~-class MWApiGetMarkAsHelpfulItemInvalidActionException extends MWException {}~~
70		-
	92	+class MWApiGetMarkAsHelpfulItemInvalidPageException extends MWException {}
\ No newline at end of file
Index: trunk/extensions/MarkAsHelpful/api/ApiMarkAsHelpful.php
—	—	@@ -16,12 +16,21 @@
17	17
18	18	$params = $this->extractRequestParams();
19	19
20		~~- $isAbleToMark = true;~~
	20	+ $page = Title::newFromText( $params['page'] );
21	21
	22	+ if ( !$page ) {
	23	+ throw new MWApiMarkAsHelpfulInvalidPageException( 'Invalid page!' );
	24	+ }
	25	+
	26	+ // check if current user has permission to mark the item,
	27	+ $isAbleToMark = false;
	28	+ // check if the page has permission to request the item
	29	+ $isAbleToShow = false;
	30	+
22	31	// Gives other extension the last chance to specify mark as helpful permission rules
23		~~- wfRunHooks( 'onMarkItemAsHelpful', array( $params['mahaction'], $params['type'], $params['item'], $wgUser, &$isAbleToMark ) );~~
	32	+ wfRunHooks( 'onMarkItemAsHelpful', array( $params['type'], $params['item'], $wgUser, &$isAbleToMark, $page, &$isAbleToShow ) );
24	33
25		~~- if ( !$isAbleToMark ) {~~
	34	+ if ( !$isAbleToShow \|\| !$isAbleToMark ) {
26	35	$this->noPermissionError();
27	36	}
28	37
—	—	@@ -132,4 +141,4 @@
133	142	}
134	143
135	144	class MWApiMarkAsHelpfulInvalidActionException extends MWException {}
136		-
	145	+class MWApiMarkAsHelpfulInvalidPageException extends MWException {}
\ No newline at end of file

Status & tagging log

16:21, 4 January 2012 Catrope (talk | contribs) changed the status of r107587 [removed: new added: ok]