r25834 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r25833‎ \| r25834 \| r25835 >
Date:	19:58, 13 September 2007
Author:	catrope
Status:	old
Tags:
Comment:	apiedit: Adding untested ApiChangeRights module, will test by the end of next week
Modified paths:	/branches/apiedit/phase3/CHANGED (modified) (history) /branches/apiedit/phase3/includes/AutoLoader.php (modified) (history) /branches/apiedit/phase3/includes/SpecialUserrights.php (modified) (history) /branches/apiedit/phase3/includes/api/ApiChangeRights.php (added) (history) /branches/apiedit/phase3/includes/api/ApiMain.php (modified) (history)

Diff [purge]

Index: branches/apiedit/phase3/CHANGED
—	—	@@ -28,6 +28,10 @@
29	29	** Static function doUnblock() does the dirty work, doSubmit() wraps around it
30	30	** Introduced IPUnblockForm::UNBLOCK_* constants for doUnblock()'s return values
31	31
	32	+SpecialUserrights.php
	33	+* Separated UI and DB code in UserrightsForm::saveUserGroups() (r25834)
	34	+** doSaveUserGroups() does the dirty work, saveUserGroups() wraps around it
	35	+
32	36	api/ApiQueryInfo.php
33	37	* Implemented tokens (r23562, r23568,r23638, r23668)
34	38	* Fixed bug 10898 (r24458)
—	—	@@ -59,11 +63,14 @@
60	64	api/ApiQueryBlocks.php (NEW)
61	65	* action=query&list=blocks module that lists blocks from the ipblocks table (r25735)
62	66
	67	+api/ApiChangeRights.php (NEW)
	68	+* action=changerights module that changes users' rights (r25834)
	69	+
63	70	AutoLoader.php
64		~~-* Added entries for ApiRollback (r23562), ApiDelete (r23590), ApiQueryDeletedRevs (r23668), ApiUndelete (r23687), ApiProtect (r23588), ApiBlock (r25548), ApiQueryBlocks (r25735)~~
	71	+* Added entries for ApiRollback (r23562), ApiDelete (r23590), ApiQueryDeletedRevs (r23668), ApiUndelete (r23687), ApiProtect (r23588), ApiBlock (r25548), ApiQueryBlocks (r25735), ApiChangeRights (r25834)
65	72
66	73	api/ApiMain.php
67		~~-* Added entries for ApiRollback (r23562), ApiDelete (r23590), ApiUndelete (r23687), ApiProtect (r23588), ApiBlock (r25548)~~
	74	+* Added entries for ApiRollback (r23562), ApiDelete (r23590), ApiUndelete (r23687), ApiProtect (r23588), ApiBlock (r25548), ApiChangeRights (r25834)
68	75
69	76	api/ApiQuery.php
70	77	* Added entries for ApiQueryDeletedRevs (r23668), ApiQueryBlocks (r25735)
Index: branches/apiedit/phase3/includes/SpecialUserrights.php
—	—	@@ -64,30 +64,17 @@
65	65	}
66	66	}
67	67
68		- /**
69		~~- * Save user groups changes in the database.~~
70		~~- * Data comes from the editUserGroupsForm() form function~~
71		- *
72		~~- * @param string $username Username to apply changes to.~~
73		~~- * @param array $removegroup id of groups to be removed.~~
74		~~- * @param array $addgroup id of groups to be added.~~
75		~~- * @param string $reason Reason for group change~~
76		- *
	68	+ /** Back-end for saveUserGroups()
	69	+ * @param User $u
	70	+ * @param array $removegroup
	71	+ * @param array $addgroup
	72	+ * @param string $reason
77	73	*/
78		~~- function saveUserGroups( $username, $removegroup, $addgroup, $reason = '' ) {~~
79		~~- global $wgOut;~~
80		~~- $u = User::newFromName($username);~~
81	74
82		~~- if(is_null($u)) {~~
83		~~- $wgOut->addWikiText( wfMsg( 'nosuchusershort', htmlspecialchars( $username ) ) );~~
84		~~- return;~~
85		~~- }~~
86		-
87		~~- if($u->getID() == 0) {~~
88		~~- $wgOut->addWikiText( wfMsg( 'nosuchusershort', htmlspecialchars( $username ) ) );~~
89		~~- return;~~
90		~~- }~~
91		-
	75	+ function doSaveUserGroups($u, $removegroup, $addgroup, $reason)
	76	+ {
	77	+ $dbw = wfGetDB(DB_MASTER);
	78	+ $dbw->begin();
92	79	$oldGroups = $u->getGroups();
93	80	$newGroups = $oldGroups;
94	81	// remove then add groups
—	—	@@ -114,10 +101,34 @@
115	102
116	103	wfRunHooks( 'UserRights', array( &$u, $addgroup, $removegroup ) );
117	104	$log = new LogPage( 'rights' );
118		~~- $log->addEntry( 'rights', Title::makeTitle( NS_USER, $u->getName() ), $reason, array( $this->makeGroupNameList( $oldGroups ),~~
	105	+ $log->addEntry( 'rights', Title::makeTitle( NS_USER, $username ), $reason, array( $this->makeGroupNameList( $oldGroups ),
119	106	$this->makeGroupNameList( $newGroups ) ) );
	107	+ $dbw->commit();
120	108	}
121	109
	110	+ /**
	111	+ * Save user groups changes in the database.
	112	+ * Data comes from the editUserGroupsForm() form function
	113	+ *
	114	+ * @param string $username Username to apply changes to.
	115	+ * @param array $removegroup id of groups to be removed.
	116	+ * @param array $addgroup id of groups to be added.
	117	+ * @param string $reason Reason for group change
	118	+ *
	119	+ */
	120	+ function saveUserGroups( $username, $removegroup, $addgroup, $reason = '' ) {
	121	+ global $wgOut;
	122	+ $u = User::newFromName($username);
	123	+ if(is_null($u)) {
	124	+ $wgOut->addWikiText( wfMsg( 'nosuchusershort', htmlspecialchars( $username ) ) );
	125	+ }
	126	+ if($u->getID() == 0) {
	127	+ $wgOut->addWikiText( wfMsg( 'nosuchusershort', htmlspecialchars( $username ) ) );
	128	+ }
	129	+
	130	+ $this->doSaveUserGroups($u, $removegroup, $addgroup, $reason);
	131	+ }
	132	+
122	133	function makeGroupNameList( $ids ) {
123	134	return implode( ', ', $ids );
124	135	}
—	—	@@ -318,7 +329,7 @@
319	330	*
320	331	* @return Array array( 'add' => array( addablegroups ), 'remove' => array( removablegroups ) )
321	332	*/
322		~~- private function changeableGroups() {~~
	333	+ function changeableGroups() {
323	334	global $wgUser;
324	335
325	336	$groups = array( 'add' => array(), 'remove' => array() );
Index: branches/apiedit/phase3/includes/api/ApiChangeRights.php
—	—	@@ -0,0 +1,138 @@
	2	+<?php
	3	+
	4	+/*
	5	+ * Created on Sep 11, 2007
	6	+ * API for MediaWiki 1.8+
	7	+ *
	8	+ * Copyright (C) 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl
	9	+ *
	10	+ * This program is free software; you can redistribute it and/or modify
	11	+ * it under the terms of the GNU General Public License as published by
	12	+ * the Free Software Foundation; either version 2 of the License, or
	13	+ * (at your option) any later version.
	14	+ *
	15	+ * This program is distributed in the hope that it will be useful,
	16	+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
	17	+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	18	+ * GNU General Public License for more details.
	19	+ *
	20	+ * You should have received a copy of the GNU General Public License along
	21	+ * with this program; if not, write to the Free Software Foundation, Inc.,
	22	+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	23	+ * http://www.gnu.org/copyleft/gpl.html
	24	+ */
	25	+
	26	+if (!defined('MEDIAWIKI')) {
	27	+ // Eclipse helper - will be ignored in production
	28	+ require_once ("ApiBase.php");
	29	+}
	30	+
	31	+/**
	32	+ * @addtogroup API
	33	+ */
	34	+class ApiChangeRights extends ApiBase {
	35	+
	36	+ public function __construct($main, $action) {
	37	+ parent :: __construct($main, $action);
	38	+ }
	39	+
	40	+ public function execute() {
	41	+ global $wgUser, $wgRequest;
	42	+ $params = $this->extractRequestParams();
	43	+
	44	+ $ur = new UserrightsForm($wgRequest);
	45	+ $allowed = $ur->changeableGroups();
	46	+ $res = array();
	47	+
	48	+ if($params['listgroups'])
	49	+ $res['allowedgroups'] = $allowed;
	50	+ if(is_null($params['user']))
	51	+ $this->dieUsage('The user parameter must be set', 'nouser');
	52	+
	53	+ $uName = User::getCanonicalName($params['user']);
	54	+ if(!$uName)
	55	+ $this->dieUsage("Invalid username ``{$params['user']}''", 'invaliduser');
	56	+ $u = User::newFromName($uName);
	57	+ if(!$u)
	58	+ $this->dieUsage("User ``{$params['user']}'' doesn't exist", 'nosuchuser')
	59	+;
	60	+ if($params['gettoken'])
	61	+ {
	62	+ $res['changerightstoken'] = $wgUser->editToken($uName);
	63	+ $this->getResult()->addValue(null, $this->getModuleName(), $res);
	64	+ return;
	65	+ }
	66	+
	67	+ if(empty($params['addto']) && empty($params['rmfrom']))
	68	+ $this->dieUsage('At least one of the addto and rmfrom parameters must be set', 'nochange');
	69	+ if(is_null($params['token']))
	70	+ $this->dieUsage('The token parameter must be set', 'notoken');
	71	+ if(!$wgUser->matchEditToken($params['token'], $uName))
	72	+ $this->dieUsage('Invalid token', 'badtoken');
	73	+
	74	+ if(!$wgUser->isAllowed('userrights'))
	75	+ $this->dieUsage('You don\'t have permission to change users\' rights', 'permissiondenied');
	76	+
	77	+ // Check $wgUser can really add and remove all the groups he wants to
	78	+ foreach($params['addto'] as $g)
	79	+ if(!in_array($g, $allowed['add']))
	80	+ $this->dieUsage("You don't have permission to add to group ``$g''", 'cantadd');
	81	+ foreach($params['rmfrom'] as $g)
	82	+ if(!in_array($g, $allowed['remove']))
	83	+ $this->dieUsage("You don't have permission to remove from group ``$g''", 'cantremove');
	84	+
	85	+ $ur->doSaveUserGroups($uName, $params['rmfrom'], $params['addto'], $params['reason']);
	86	+ $res['user'] = $uName;
	87	+ $res['addedto'] = $params['addto'];
	88	+ $res['removedfrom'] = $params['rmfrom'];
	89	+ $res['reason'] = $params['reason'];
	90	+
	91	+ $this->getResult()->addValue(null, $this->getModuleName(), $res);
	92	+ }
	93	+
	94	+ protected function getAllowedParams() {
	95	+ return array (
	96	+ 'user' => null,
	97	+ 'token' => null,
	98	+ 'gettoken' => false,
	99	+ 'listgroups' => false,
	100	+ 'addto' => array(
	101	+ ApiBase :: PARAM_MULTI => true
	102	+ ),
	103	+ 'rmfrom' => array(
	104	+ ApiBase :: PARAM_MULTI => true
	105	+ ),
	106	+ 'reason' => ''
	107	+ );
	108	+ }
	109	+
	110	+ protected function getParamDescription() {
	111	+ return array (
	112	+ 'user' => 'The user you want to add to or remove from groups.',
	113	+ 'token' => 'A changerights token previously obtained through the gettoken parameter.',
	114	+ 'gettoken' => 'Output a token. Note that the user parameter still has to be set.',
	115	+ 'listgroups' => 'List the groups you can add users to and remove them from.',
	116	+ 'addto' => 'Pipe-separated list of groups to add this user to',
	117	+ 'rmfrom' => 'Pipe-separated list of groups to remove this user from',
	118	+ 'reason' => 'Reason for change (optional)'
	119	+ );
	120	+ }
	121	+
	122	+ protected function getDescription() {
	123	+ return array(
	124	+ 'Add or remove a user from certain groups.'
	125	+ );
	126	+ }
	127	+
	128	+ protected function getExamples() {
	129	+ return array (
	130	+ 'api.php?action=changerights&user=Bob&gettoken&listgroups',
	131	+ 'api.php?action=changerights&user=Bob&token=123ABC&addto=sysop&reason=Promoting%20per%20RFA'
	132	+ );
	133	+ }
	134	+
	135	+ public function getVersion() {
	136	+ return __CLASS__ . ': $Id$';
	137	+ }
	138	+}
	139	+?>
Property changes on: branches/apiedit/phase3/includes/api/ApiChangeRights.php
___________________________________________________________________
Added: svn:eol-style
1	140	+ native
Index: branches/apiedit/phase3/includes/api/ApiMain.php
—	—	@@ -60,6 +60,7 @@
61	61	'protect' => 'ApiProtect',
62	62	'block' => 'ApiBlock',
63	63	'unblock' => 'ApiUnblock',
	64	+ 'changerights' => 'ApiChangeRights',
64	65	'opensearch' => 'ApiOpenSearch',
65	66	'feedwatchlist' => 'ApiFeedWatchlist',
66	67	'help' => 'ApiHelp',
Index: branches/apiedit/phase3/includes/AutoLoader.php
—	—	@@ -296,6 +296,7 @@
297	297	# API
298	298	'ApiBase' => 'includes/api/ApiBase.php',
299	299	'ApiBlock' => 'includes/api/ApiBlock.php',
	300	+ 'ApiChangeRights' => 'includes/api/ApiChangeRights.php',
300	301	'ApiDelete' => 'includes/api/ApiDelete.php',
301	302	'ApiFormatFeedWrapper' => 'includes/api/ApiFormatBase.php',
302	303	'ApiFeedWatchlist' => 'includes/api/ApiFeedWatchlist.php',

Status & tagging log

15:20, 12 September 2011 Meno25 (talk | contribs) changed the status of r25834 [removed: ok added: old]