[MediaWiki-commits] [Gerrit] BSTasksAPI: Added permission check - change (mediawiki...BlueSpiceFoundation)

Fri, 29 Jan 2016 02:36:07 -0800 

Pwirth has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/267229

Change subject: BSTasksAPI: Added permission check
......................................................................

BSTasksAPI: Added permission check

Change-Id: Ieae7ac714f4713eb62e8504e1fef8c7ce338ff0d
---
M includes/api/BSApiTasksBase.php
1 file changed, 24 insertions(+), 0 deletions(-)


  git pull 
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/BlueSpiceFoundation 
refs/changes/29/267229/1

diff --git a/includes/api/BSApiTasksBase.php b/includes/api/BSApiTasksBase.php
index 986a7d3..bf3a955 100644
--- a/includes/api/BSApiTasksBase.php
+++ b/includes/api/BSApiTasksBase.php
@@ -59,6 +59,7 @@
                        $oResult->errors['task'] = 'Task '.$aParams['task'].' 
not implemented';
                }
                else {
+                       $this->checkTaskPermission( $aParams['task'] );
                        $oResult = $this->$sMethod( 
$this->getParameter('taskData'), $aParams );
                }
 
@@ -144,4 +145,27 @@
                        
'api.php?action='.$this->getModuleName().'&task='.$this->aTasks[0].'&taskData={someKey:"someValue",isFalse:true}',
                );
        }
+
+       public function checkTaskPermission( $sTask ) {
+               $aTaskPermissions = $this->getRequiredTaskPermissions();
+               if( empty($aTaskPermissions[$sTask]) ) {
+                       return;
+               }
+               foreach( $aTaskPermissions[$sTask] as $sPermission ) {
+                       if( $this->getUser()->isAllowed( $sPermission ) ) {
+                               continue;
+                       }
+                       //TODO: Reflect permission in error message
+                       $this->dieUsageMsg( 'badaccess-groups' );
+               }
+       }
+
+       /**
+        * Returns an array of tasks and their required permissions
+        * array('taskname' => array('read', 'edit'))
+        * @return type
+        */
+       protected function getRequiredTaskPermissions() {
+               return array();
+       }
 }
\ No newline at end of file

-- 
To view, visit https://gerrit.wikimedia.org/r/267229
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ieae7ac714f4713eb62e8504e1fef8c7ce338ff0d
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/BlueSpiceFoundation
Gerrit-Branch: master
Gerrit-Owner: Pwirth <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to