Theopolisme has uploaded a new change for review.
https://gerrit.wikimedia.org/r/97358
Change subject: Perform checks before thanking via API
......................................................................
Perform checks before thanking via API
If the user attempts to thank an anonymous
user, a bot (when $wgThanksSendToBots is not true),
or him/herself, return an error. This is consistent
with the restrictions imposed in insertThankLink().
Bug: 56954
Change-Id: I9e8ae030a8ff1cc312bf98671e593c7367ca0ea2
---
M ApiThank.php
1 file changed, 41 insertions(+), 29 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/Thanks
refs/changes/58/97358/1
diff --git a/ApiThank.php b/ApiThank.php
index 6e108b2..d5137c1 100644
--- a/ApiThank.php
+++ b/ApiThank.php
@@ -39,39 +39,51 @@
}
// Get the user ID of the user who performed
the edit
- $recipient = $rev->getUser();
+ $recipientid = $rev->getUser();
- if ( !$recipient ) {
+ if ( $recipientid === 0 ) {
+ $this->dieUsage( 'Anonymous users
cannot be thanked', 'invalidrecipient' );
+ } elseif ( !$recipientid ) {
$this->dieUsage( 'No valid recipient
found', 'invalidrecipient' );
+ } elseif ( $agent->getId() === $recipientid ) {
+ $this->dieUsage( 'You cannot thank
yourself', 'invalidrecipient' );
} else {
- // Set the source of the thanks, e.g.
'diff' or 'history'
- if ( $params['source'] ) {
- $source = trim(
$params['source'] );
+ // Get the User object for the user who
performed the edit
+ $recipient = User::newFromId(
$recipientid );
+
+ // Do not allow agent to thank bots
($wgThanksSendToBots overrides this)
+ if ( !$wgThanksSendToBots && in_array(
'bot', $recipient->getGroups() ) ) {
+ $this->dieUsage( 'Bots cannot
be thanked', 'invalidrecipient' );
} else {
- $source = 'undefined';
- }
- // Create the notification via Echo
extension
- EchoEvent::create( array(
- 'type' => 'edit-thank',
- 'title' => $title,
- 'extra' => array(
- 'revid' =>
$rev->getId(),
- 'thanked-user-id' =>
$recipient,
- 'source' => $source,
- ),
- 'agent' => $agent,
- ) );
- // Mark the thank in session to prevent
duplicates (Bug 46690)
- $agent->getRequest()->setSessionData(
"thanks-thanked-{$rev->getId()}", true );
- // Set success message
- $result['success'] = '1';
- // Log it if we're supposed to log it
- if ( $wgThanksLogging ) {
- $logEntry = new ManualLogEntry(
'thanks', 'thank' );
- $logEntry->setPerformer( $agent
);
- $target = User::newFromId(
$recipient )->getUserPage();
- $logEntry->setTarget( $target );
- $logid = $logEntry->insert();
+ // Set the source of the
thanks, e.g. 'diff' or 'history'
+ if ( $params['source'] ) {
+ $source = trim(
$params['source'] );
+ } else {
+ $source = 'undefined';
+ }
+ // Create the notification via
Echo extension
+ EchoEvent::create( array(
+ 'type' => 'edit-thank',
+ 'title' => $title,
+ 'extra' => array(
+ 'revid' =>
$rev->getId(),
+
'thanked-user-id' => $recipientid,
+ 'source' =>
$source,
+ ),
+ 'agent' => $agent,
+ ) );
+ // Mark the thank in session to
prevent duplicates (Bug 46690)
+
$agent->getRequest()->setSessionData( "thanks-thanked-{$rev->getId()}", true );
+ // Set success message
+ $result['success'] = '1';
+ // Log it if we're supposed to
log it
+ if ( $wgThanksLogging ) {
+ $logEntry = new
ManualLogEntry( 'thanks', 'thank' );
+
$logEntry->setPerformer( $agent );
+ $target =
$recipient->getUserPage();
+ $logEntry->setTarget(
$target );
+ $logid =
$logEntry->insert();
+ }
}
}
} else {
--
To view, visit https://gerrit.wikimedia.org/r/97358
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I9e8ae030a8ff1cc312bf98671e593c7367ca0ea2
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/Thanks
Gerrit-Branch: master
Gerrit-Owner: Theopolisme <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
