includes/api/ApiProtect.php

   1 <?php
   2 /**
   3  * API for MediaWiki 1.8+
   4  *
   5  * Created on Sep 1, 2007
   6  *
   7  * Copyright © 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License along
  20  * with this program; if not, write to the Free Software Foundation, Inc.,
  21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  22  * http://www.gnu.org/copyleft/gpl.html
  23  *
  24  * @file
  25  */
  26
  27 if ( !defined( 'MEDIAWIKI' ) ) {
  28         // Eclipse helper - will be ignored in production
  29         require_once( "ApiBase.php" );
  30 }
  31
  32 /**
  33  * @ingroup API
  34  */
  35 class ApiProtect extends ApiBase {
  36
  37         public function __construct( $main, $action ) {
  38                 parent::__construct( $main, $action );
  39         }
  40
  41         public function execute() {
  42                 global $wgUser, $wgRestrictionLevels;
  43                 $params = $this->extractRequestParams();
  44
  45                 $titleObj = Title::newFromText( $params['title'] );
  46                 if ( !$titleObj ) {
  47                         $this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) );
  48                 }
  49
  50                 $errors = $titleObj->getUserPermissionsErrors( 'protect', $wgUser );
  51                 if ( $errors ) {
  52                         // We don't care about multiple errors, just report one of them
  53                         $this->dieUsageMsg( reset( $errors ) );
  54                 }
  55
  56                 $expiry = (array)$params['expiry'];
  57                 if ( count( $expiry ) != count( $params['protections'] ) ) {
  58                         if ( count( $expiry ) == 1 ) {
  59                                 $expiry = array_fill( 0, count( $params['protections'] ), $expiry[0] );
  60                         } else {
  61                                 $this->dieUsageMsg( array( 'toofewexpiries', count( $expiry ), count( $params['protections'] ) ) );
  62                         }
  63                 }
  64
  65                 $restrictionTypes = $titleObj->getRestrictionTypes();
  66
  67                 $protections = array();
  68                 $expiryarray = array();
  69                 $resultProtections = array();
  70                 foreach ( $params['protections'] as $i => $prot ) {
  71                         $p = explode( '=', $prot );
  72                         $protections[$p[0]] = ( $p[1] == 'all' ? '' : $p[1] );
  73
  74                         if ( $titleObj->exists() && $p[0] == 'create' ) {
  75                                 $this->dieUsageMsg( array( 'create-titleexists' ) );
  76                         }
  77                         if ( !$titleObj->exists() && $p[0] != 'create' ) {
  78                                 $this->dieUsageMsg( array( 'missingtitle-createonly' ) );
  79                         }
  80
  81                         if ( !in_array( $p[0], $restrictionTypes ) && $p[0] != 'create' ) {
  82                                 $this->dieUsageMsg( array( 'protect-invalidaction', $p[0] ) );
  83                         }
  84                         if ( !in_array( $p[1], $wgRestrictionLevels ) && $p[1] != 'all' ) {
  85                                 $this->dieUsageMsg( array( 'protect-invalidlevel', $p[1] ) );
  86                         }
  87
  88                         if ( in_array( $expiry[$i], array( 'infinite', 'indefinite', 'never' ) ) ) {
  89                                 $expiryarray[$p[0]] = Block::infinity();
  90                         } else {
  91                                 $exp = strtotime( $expiry[$i] );
  92                                 if ( $exp < 0 || !$exp ) {
  93                                         $this->dieUsageMsg( array( 'invalidexpiry', $expiry[$i] ) );
  94                                 }
  95
  96                                 $exp = wfTimestamp( TS_MW, $exp );
  97                                 if ( $exp < wfTimestampNow() ) {
  98                                         $this->dieUsageMsg( array( 'pastexpiry', $expiry[$i] ) );
  99                                 }
 100                                 $expiryarray[$p[0]] = $exp;
 101                         }
 102                         $resultProtections[] = array( $p[0] => $protections[$p[0]],
 103                                         'expiry' => ( $expiryarray[$p[0]] == Block::infinity() ?
 104                                                                 'infinite' :
 105                                                                 wfTimestamp( TS_ISO_8601, $expiryarray[$p[0]] ) ) );
 106                 }
 107
 108                 $cascade = $params['cascade'];
 109                 $articleObj = new Article( $titleObj );
 110
 111                 $watch = $params['watch'] ? 'watch' : $params['watchlist'];
 112                 $this->setWatch( $watch, $titleObj );
 113
 114                 if ( $titleObj->exists() ) {
 115                         $ok = $articleObj->updateRestrictions( $protections, $params['reason'], $cascade, $expiryarray );
 116                 } else {
 117                         $ok = $titleObj->updateTitleProtection( $protections['create'], $params['reason'], $expiryarray['create'] );
 118                 }
 119                 if ( !$ok ) {
 120                         // This is very weird. Maybe the article was deleted or the user was blocked/desysopped in the meantime?
 121                         // Just throw an unknown error in this case, as it's very likely to be a race condition
 122                         $this->dieUsageMsg( array() );
 123                 }
 124                 $res = array(
 125                         'title' => $titleObj->getPrefixedText(),
 126                         'reason' => $params['reason']
 127                 );
 128                 if ( $cascade ) {
 129                         $res['cascade'] = '';
 130                 }
 131                 $res['protections'] = $resultProtections;
 132                 $this->getResult()->setIndexedTagName( $res['protections'], 'protection' );
 133                 $this->getResult()->addValue( null, $this->getModuleName(), $res );
 134         }
 135
 136         public function mustBePosted() {
 137                 return true;
 138         }
 139
 140         public function isWriteMode() {
 141                 return true;
 142         }
 143
 144         public function getAllowedParams() {
 145                 return array(
 146                         'title' => array(
 147                                 ApiBase::PARAM_TYPE => 'string',
 148                                 ApiBase::PARAM_REQUIRED => true
 149                         ),
 150                         'token' => null,
 151                         'protections' => array(
 152                                 ApiBase::PARAM_ISMULTI => true,
 153                                 ApiBase::PARAM_REQUIRED => true,
 154                         ),
 155                         'expiry' => array(
 156                                 ApiBase::PARAM_ISMULTI => true,
 157                                 ApiBase::PARAM_ALLOW_DUPLICATES => true,
 158                                 ApiBase::PARAM_DFLT => 'infinite',
 159                         ),
 160                         'reason' => '',
 161                         'cascade' => false,
 162                         'watch' => array(
 163                                 ApiBase::PARAM_DFLT => false,
 164                                 ApiBase::PARAM_DEPRECATED => true,
 165                         ),
 166                         'watchlist' => array(
 167                                 ApiBase::PARAM_DFLT => 'preferences',
 168                                 ApiBase::PARAM_TYPE => array(
 169                                         'watch',
 170                                         'unwatch',
 171                                         'preferences',
 172                                         'nochange'
 173                                 ),
 174                         ),
 175                 );
 176         }
 177
 178         public function getParamDescription() {
 179                 return array(
 180                         'title' => 'Title of the page you want to (un)protect',
 181                         'token' => 'A protect token previously retrieved through prop=info',
 182                         'protections' => 'Pipe-separated list of protection levels, formatted action=group (e.g. edit=sysop)',
 183                         'expiry' => array( 'Expiry timestamps. If only one timestamp is set, it\'ll be used for all protections.',
 184                                         'Use \'infinite\', \'indefinite\' or \'never\', for a neverexpiring protection.' ),
 185                         'reason' => 'Reason for (un)protecting (optional)',
 186                         'cascade' => array( 'Enable cascading protection (i.e. protect pages included in this page)',
 187                                         'Ignored if not all protection levels are \'sysop\' or \'protect\'' ),
 188                         'watch' => 'If set, add the page being (un)protected to your watchlist',
 189                         'watchlist' => 'Unconditionally add or remove the page from your watchlist, use preferences or do not change watch',
 190                 );
 191         }
 192
 193         public function getDescription() {
 194                 return 'Change the protection level of a page';
 195         }
 196
 197         public function getPossibleErrors() {
 198                 return array_merge( parent::getPossibleErrors(), array(
 199                         array( 'invalidtitle', 'title' ),
 200                         array( 'toofewexpiries', 'noofexpiries', 'noofprotections' ),
 201                         array( 'create-titleexists' ),
 202                         array( 'missingtitle-createonly' ),
 203                         array( 'protect-invalidaction', 'action' ),
 204                         array( 'protect-invalidlevel', 'level' ),
 205                         array( 'invalidexpiry', 'expiry' ),
 206                         array( 'pastexpiry', 'expiry' ),
 207                 ) );
 208         }
 209
 210         public function needsToken() {
 211                 return true;
 212         }
 213
 214         public function getTokenSalt() {
 215                 return '';
 216         }
 217
 218         protected function getExamples() {
 219                 return array(
 220                         'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=sysop|move=sysop&cascade=&expiry=20070901163000|never',
 221                         'api.php?action=protect&title=Main%20Page&token=123ABC&protections=edit=all|move=all&reason=Lifting%20restrictions'
 222                 );
 223         }
 224
 225         public function getVersion() {
 226                 return __CLASS__ . ': $Id$';
 227         }
 228 }