includes/api/ApiOptions.php

   1 <?php
   2 /**
   3  *
   4  *
   5  * Created on Apr 15, 2012
   6  *
   7  * Copyright © 2012 Szymon Świerkosz beau@adres.pl
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License along
  20  * with this program; if not, write to the Free Software Foundation, Inc.,
  21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  22  * http://www.gnu.org/copyleft/gpl.html
  23  *
  24  * @file
  25  */
  26
  27 /**
  28  * API module that facilitates the changing of user's preferences.
  29  * Requires API write mode to be enabled.
  30  *
  31  * @ingroup API
  32  */
  33 class ApiOptions extends ApiBase {
  34         /**
  35          * Changes preferences of the current user.
  36          */
  37         public function execute() {
  38                 if ( $this->getUser()->isAnon() ) {
  39                         $this->dieWithError(
  40                                 [ 'apierror-mustbeloggedin', $this->msg( 'action-editmyoptions' ) ], 'notloggedin'
  41                         );
  42                 }
  43
  44                 $this->checkUserRightsAny( 'editmyoptions' );
  45
  46                 $params = $this->extractRequestParams();
  47                 $changed = false;
  48
  49                 if ( isset( $params['optionvalue'] ) && !isset( $params['optionname'] ) ) {
  50                         $this->dieWithError( [ 'apierror-missingparam', 'optionname' ] );
  51                 }
  52
  53                 // Load the user from the master to reduce CAS errors on double post (T95839)
  54                 $user = $this->getUser()->getInstanceForUpdate();
  55                 if ( !$user ) {
  56                         $this->dieWithError(
  57                                 [ 'apierror-mustbeloggedin', $this->msg( 'action-editmyoptions' ) ], 'notloggedin'
  58                         );
  59                 }
  60
  61                 if ( $params['reset'] ) {
  62                         $user->resetOptions( $params['resetkinds'], $this->getContext() );
  63                         $changed = true;
  64                 }
  65
  66                 $changes = [];
  67                 if ( count( $params['change'] ) ) {
  68                         foreach ( $params['change'] as $entry ) {
  69                                 $array = explode( '=', $entry, 2 );
  70                                 $changes[$array[0]] = isset( $array[1] ) ? $array[1] : null;
  71                         }
  72                 }
  73                 if ( isset( $params['optionname'] ) ) {
  74                         $newValue = isset( $params['optionvalue'] ) ? $params['optionvalue'] : null;
  75                         $changes[$params['optionname']] = $newValue;
  76                 }
  77                 if ( !$changed && !count( $changes ) ) {
  78                         $this->dieWithError( 'apierror-nochanges' );
  79                 }
  80
  81                 $prefs = Preferences::getPreferences( $user, $this->getContext() );
  82                 $prefsKinds = $user->getOptionKinds( $this->getContext(), $changes );
  83
  84                 $htmlForm = null;
  85                 foreach ( $changes as $key => $value ) {
  86                         switch ( $prefsKinds[$key] ) {
  87                                 case 'registered':
  88                                         // Regular option.
  89                                         if ( $htmlForm === null ) {
  90                                                 // We need a dummy HTMLForm for the validate callback...
  91                                                 $htmlForm = new HTMLForm( [], $this );
  92                                         }
  93                                         $field = HTMLForm::loadInputFromParameters( $key, $prefs[$key], $htmlForm );
  94                                         $validation = $field->validate( $value, $user->getOptions() );
  95                                         break;
  96                                 case 'registered-multiselect':
  97                                 case 'registered-checkmatrix':
  98                                         // A key for a multiselect or checkmatrix option.
  99                                         $validation = true;
 100                                         $value = $value !== null ? (bool)$value : null;
 101                                         break;
 102                                 case 'userjs':
 103                                         // Allow non-default preferences prefixed with 'userjs-', to be set by user scripts
 104                                         if ( strlen( $key ) > 255 ) {
 105                                                 $validation = $this->msg( 'apiwarn-validationfailed-keytoolong', Message::numParam( 255 ) );
 106                                         } elseif ( preg_match( '/[^a-zA-Z0-9_-]/', $key ) !== 0 ) {
 107                                                 $validation = $this->msg( 'apiwarn-validationfailed-badchars' );
 108                                         } else {
 109                                                 $validation = true;
 110                                         }
 111                                         break;
 112                                 case 'special':
 113                                         $validation = $this->msg( 'apiwarn-validationfailed-cannotset' );
 114                                         break;
 115                                 case 'unused':
 116                                 default:
 117                                         $validation = $this->msg( 'apiwarn-validationfailed-badpref' );
 118                                         break;
 119                         }
 120                         if ( $validation === true ) {
 121                                 $user->setOption( $key, $value );
 122                                 $changed = true;
 123                         } else {
 124                                 $this->addWarning( [ 'apiwarn-validationfailed', wfEscapeWikitext( $key ), $validation ] );
 125                         }
 126                 }
 127
 128                 if ( $changed ) {
 129                         // Commit changes
 130                         $user->saveSettings();
 131                 }
 132
 133                 $this->getResult()->addValue( null, $this->getModuleName(), 'success' );
 134         }
 135
 136         public function mustBePosted() {
 137                 return true;
 138         }
 139
 140         public function isWriteMode() {
 141                 return true;
 142         }
 143
 144         public function getAllowedParams() {
 145                 $optionKinds = User::listOptionKinds();
 146                 $optionKinds[] = 'all';
 147
 148                 return [
 149                         'reset' => false,
 150                         'resetkinds' => [
 151                                 ApiBase::PARAM_TYPE => $optionKinds,
 152                                 ApiBase::PARAM_DFLT => 'all',
 153                                 ApiBase::PARAM_ISMULTI => true
 154                         ],
 155                         'change' => [
 156                                 ApiBase::PARAM_ISMULTI => true,
 157                         ],
 158                         'optionname' => [
 159                                 ApiBase::PARAM_TYPE => 'string',
 160                         ],
 161                         'optionvalue' => [
 162                                 ApiBase::PARAM_TYPE => 'string',
 163                         ],
 164                 ];
 165         }
 166
 167         public function needsToken() {
 168                 return 'csrf';
 169         }
 170
 171         public function getHelpUrls() {
 172                 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Options';
 173         }
 174
 175         protected function getExamplesMessages() {
 176                 return [
 177                         'action=options&reset=&token=123ABC'
 178                                 => 'apihelp-options-example-reset',
 179                         'action=options&change=skin=vector|hideminor=1&token=123ABC'
 180                                 => 'apihelp-options-example-change',
 181                         'action=options&reset=&change=skin=monobook&optionname=nickname&' .
 182                                 'optionvalue=[[User:Beau|Beau]]%20([[User_talk:Beau|talk]])&token=123ABC'
 183                                 => 'apihelp-options-example-complex',
 184                 ];
 185         }
 186 }