r29244 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r29243‎ \| r29244 \| r29245 >
Date:	23:39, 3 January 2008
Author:	brion
Status:	old
Tags:
Comment:	Remove ApiChangeRights. Duplicates code, doesn't handle current permissions model properly.
Modified paths:	/trunk/phase3/includes/AutoLoader.php (modified) (history) /trunk/phase3/includes/api/ApiChangeRights.php (deleted) (history) /trunk/phase3/includes/api/ApiMain.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/api/ApiChangeRights.php
—	—	@@ -1,170 +0,0 @@
2		~~-<?php~~
3		-
4		-/*
5		~~- * Created on Sep 11, 2007~~
6		~~- * API for MediaWiki 1.8+~~
7		- *
8		~~- * Copyright (C) 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl~~
9		- *
10		~~- * This program is free software; you can redistribute it and/or modify~~
11		~~- * it under the terms of the GNU General Public License as published by~~
12		~~- * the Free Software Foundation; either version 2 of the License, or~~
13		~~- * (at your option) any later version.~~
14		- *
15		~~- * This program is distributed in the hope that it will be useful,~~
16		~~- * but WITHOUT ANY WARRANTY; without even the implied warranty of~~
17		~~- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the~~
18		~~- * GNU General Public License for more details.~~
19		- *
20		~~- * You should have received a copy of the GNU General Public License along~~
21		~~- * with this program; if not, write to the Free Software Foundation, Inc.,~~
22		~~- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.~~
23		~~- * http://www.gnu.org/copyleft/gpl.html~~
24		~~- */~~
25		-
26		~~-if (!defined('MEDIAWIKI')) {~~
27		~~- // Eclipse helper - will be ignored in production~~
28		~~- require_once ("ApiBase.php");~~
29		-}
30		-
31		-/**
32		~~- * @addtogroup API~~
33		~~- */~~
34		~~-class ApiChangeRights extends ApiBase {~~
35		-
36		~~- public function __construct($main, $action) {~~
37		~~- parent :: __construct($main, $action);~~
38		~~- }~~
39		-
40		~~- public function execute() {~~
41		~~- global $wgUser, $wgRequest;~~
42		~~- $this->getMain()->requestWriteMode();~~
43		-
44		~~- if(wfReadOnly())~~
45		~~- $this->dieUsage('The wiki is in read-only mode', 'readonly');~~
46		~~- $params = $this->extractRequestParams();~~
47		-
48		~~- $ur = new UserrightsForm($wgRequest);~~
49		~~- $allowed = $ur->changeableGroups();~~
50		~~- $res = array();~~
51		-
52		~~- if(is_null($params['user']))~~
53		~~- $this->dieUsage('The user parameter must be set', 'nouser');~~
54		-
55		~~- $uName = User::getCanonicalName($params['user']);~~
56		~~- $u = User::newFromName($uName);~~
57		~~- if(!$u)~~
58		~~- $this->dieUsage("Invalid username ``{$params['user']}''", 'invaliduser');~~
59		~~- if($u->getId() == 0) // Anon or non-existent~~
60		~~- $this->dieUsage("User ``{$params['user']}'' doesn't exist", 'nosuchuser');~~
61		-
62		~~- $curgroups = $u->getGroups();~~
63		-
64		~~- if($params['listgroups'])~~
65		~~- {~~
66		~~- $res['user'] = $uName;~~
67		~~- $res['allowedgroups'] = $allowed;~~
68		~~- $res['ingroups'] = $curgroups;~~
69		~~- $this->getResult()->setIndexedTagName($res['ingroups'], 'group');~~
70		~~- $this->getResult()->setIndexedTagName($res['allowedgroups']['add'], 'group');~~
71		~~- $this->getResult()->setIndexedTagName($res['allowedgroups']['remove'], 'group');~~
72		~~- }~~
73		-;
74		~~- if($params['gettoken'])~~
75		~~- {~~
76		~~- $res['changerightstoken'] = $wgUser->editToken($uName);~~
77		~~- $this->getResult()->addValue(null, $this->getModuleName(), $res);~~
78		~~- return;~~
79		~~- }~~
80		-
81		~~- if(empty($params['addto']) && empty($params['rmfrom']))~~
82		~~- $this->dieUsage('At least one of the addto and rmfrom parameters must be set', 'noaddrm');~~
83		~~- if(is_null($params['token']))~~
84		~~- $this->dieUsage('The token parameter must be set', 'notoken');~~
85		~~- if(!$wgUser->matchEditToken($params['token'], $uName))~~
86		~~- $this->dieUsage('Invalid token', 'badtoken');~~
87		-
88		~~- if(!$wgUser->isAllowed('userrights'))~~
89		~~- $this->dieUsage('You don\'t have permission to change users\' rights', 'permissiondenied');~~
90		-
91		~~- // First let's remove redundant groups and check permissions while we're at it~~
92		~~- if(is_null($params['addto']))~~
93		~~- $params['addto'] = array();~~
94		~~- $addto = array();~~
95		~~- foreach($params['addto'] as $g)~~
96		~~- {~~
97		~~- if(!in_array($g, $allowed['add']))~~
98		~~- $this->dieUsage("You don't have permission to add to group ``$g''", 'cantadd');~~
99		~~- if(!in_array($g, $curgroups))~~
100		~~- $addto[] = $g;~~
101		~~- }~~
102		-
103		~~- if(is_null($params['rmfrom']))~~
104		~~- $params['rmfrom'] = array();~~
105		~~- $rmfrom = array();~~
106		~~- foreach($params['rmfrom'] as $g)~~
107		~~- {~~
108		~~- if(!in_array($g, $allowed['remove']))~~
109		~~- $this->dieUsage("You don't have permission to remove from group ``$g''", 'cantremove');~~
110		~~- if(in_array($g, $curgroups))~~
111		~~- $rmfrom[] = $g;~~
112		~~- }~~
113		~~- $dbw = wfGetDb(DB_MASTER);~~
114		~~- $dbw->begin();~~
115		~~- $ur->doSaveUserGroups($u, $rmfrom, $addto, $params['reason']);~~
116		~~- $dbw->commit();~~
117		~~- $res['user'] = $uName;~~
118		~~- $res['addedto'] = $addto;~~
119		~~- $res['removedfrom'] = $rmfrom;~~
120		~~- $res['reason'] = $params['reason'];~~
121		-
122		~~- $this->getResult()->setIndexedTagName($res['addedto'], 'group');~~
123		~~- $this->getResult()->setIndexedTagName($res['removedfrom'], 'group');~~
124		~~- $this->getResult()->addValue(null, $this->getModuleName(), $res);~~
125		~~- }~~
126		-
127		~~- protected function getAllowedParams() {~~
128		~~- return array (~~
129		~~- 'user' => null,~~
130		~~- 'token' => null,~~
131		~~- 'gettoken' => false,~~
132		~~- 'listgroups' => false,~~
133		~~- 'addto' => array(~~
134		~~- ApiBase :: PARAM_ISMULTI => true,~~
135		~~- ),~~
136		~~- 'rmfrom' => array(~~
137		~~- ApiBase :: PARAM_ISMULTI => true,~~
138		~~- ),~~
139		~~- 'reason' => ''~~
140		~~- );~~
141		~~- }~~
142		-
143		~~- protected function getParamDescription() {~~
144		~~- return array (~~
145		~~- 'user' => 'The user you want to add to or remove from groups.',~~
146		~~- 'token' => 'A changerights token previously obtained through the gettoken parameter.',~~
147		~~- 'gettoken' => 'Output a token. Note that the user parameter still has to be set.',~~
148		~~- 'listgroups' => 'List the groups the user is in, and the ones you can add them to and remove them from.',~~
149		~~- 'addto' => 'Pipe-separated list of groups to add this user to',~~
150		~~- 'rmfrom' => 'Pipe-separated list of groups to remove this user from',~~
151		~~- 'reason' => 'Reason for change (optional)'~~
152		~~- );~~
153		~~- }~~
154		-
155		~~- protected function getDescription() {~~
156		~~- return array(~~
157		~~- 'Add or remove a user from certain groups.'~~
158		~~- );~~
159		~~- }~~
160		-
161		~~- protected function getExamples() {~~
162		~~- return array (~~
163		~~- 'api.php?action=changerights&user=Bob&gettoken&listgroups',~~
164		~~- 'api.php?action=changerights&user=Bob&token=123ABC&addto=sysop&reason=Promoting%20per%20RFA'~~
165		~~- );~~
166		~~- }~~
167		-
168		~~- public function getVersion() {~~
169		~~- return __CLASS__ . ': $Id$';~~
170		~~- }~~
171		-}
Index: trunk/phase3/includes/api/ApiMain.php
—	—	@@ -69,7 +69,6 @@
70	70	'protect' => 'ApiProtect',
71	71	'block' => 'ApiBlock',
72	72	'unblock' => 'ApiUnblock',
73		~~- 'changerights' => 'ApiChangeRights',~~
74	73	'move' => 'ApiMove'
75	74	);
76	75
Index: trunk/phase3/includes/AutoLoader.php
—	—	@@ -350,7 +350,6 @@
351	351
352	352	# apiedit branch
353	353	'ApiBlock' => 'includes/api/ApiBlock.php',
354		~~- 'ApiChangeRights' => 'includes/api/ApiChangeRights.php',~~
355	354	'ApiDelete' => 'includes/api/ApiDelete.php',
356	355	'ApiMove' => 'includes/api/ApiMove.php',
357	356	'ApiProtect' => 'includes/api/ApiProtect.php',

Status & tagging log

15:23, 12 September 2011 Meno25 (talk | contribs) changed the status of r29244 [removed: ok added: old]