Ljonka has uploaded a new change for review.
https://gerrit.wikimedia.org/r/311421
Change subject: PermissionManager: fix prevent lockout implementation after
object/array conversion error, add default options to prevent manager lockout
......................................................................
PermissionManager: fix prevent lockout implementation after object/array
conversion error, add default options to prevent manager lockout
Change-Id: If619c6ff3e4363f9d5a84f32c30e7d6f9c676ae6
---
M PermissionManager/PermissionManager.class.php
M PermissionManager/PermissionManager.setup.php
M PermissionManager/extension.json
M PermissionManager/includes/PermissionValidator.php
M PermissionManager/includes/api/ApiPermissionManager.php
M PermissionManager/resources/BS.PermissionManager/data/Manager.js
6 files changed, 374 insertions(+), 221 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/BlueSpiceExtensions
refs/changes/21/311421/1
diff --git a/PermissionManager/PermissionManager.class.php
b/PermissionManager/PermissionManager.class.php
index a774721..74c0028 100644
--- a/PermissionManager/PermissionManager.class.php
+++ b/PermissionManager/PermissionManager.class.php
@@ -43,6 +43,7 @@
* @var string name of the virtual group which should be used to hold
the lockmode settings
*/
public static $sPmLockModeGroup = 'lockmode';
+
/**
* @var array
*/
@@ -84,13 +85,15 @@
'suppressredirect' => true,
'wikiadmin' => true
);
+
/**
* @var array
*/
public static $aGroups = array();
public static $aBuiltInGroups = array(
- 'autoconfirmed', 'emailconfirmed', 'bot', 'sysop',
'bureaucrat', 'developer'
+ 'autoconfirmed', 'emailconfirmed', 'bot', 'sysop',
'bureaucrat', 'developer'
);
+
/**
* @var array
*/
@@ -100,13 +103,13 @@
* Constructor of PermissionManager
*/
public function __construct() {
- wfProfileIn( 'BS::' . __METHOD__);
+ wfProfileIn( 'BS::' . __METHOD__ );
WikiAdmin::registerModule( 'PermissionManager', array(
- 'image' =>
'/extensions/BlueSpiceExtensions/WikiAdmin/resources/images/bs-btn_rechteverwaltung_v1.png',
- 'level' => 'wikiadmin',
- 'message' =>
'bs-permissionmanager-label',
- 'iconCls' => 'bs-icon-key'
- )
+ 'image' =>
'/extensions/BlueSpiceExtensions/WikiAdmin/resources/images/bs-btn_rechteverwaltung_v1.png',
+ 'level' => 'wikiadmin',
+ 'message' => 'bs-permissionmanager-label',
+ 'iconCls' => 'bs-icon-key'
+ )
);
wfProfileOut( 'BS::' . __METHOD__ );
}
@@ -235,8 +238,7 @@
*/
public static function getSchemaUpdates( $updater ) {
$updater->addExtensionTable(
- 'bs_permission_templates',
- __DIR__ . DS . 'db' . DS .
'PermissionManager.sql'
+ 'bs_permission_templates', __DIR__ . DS . 'db' . DS .
'PermissionManager.sql'
);
return true;
@@ -280,42 +282,42 @@
}
/*
- I could not figure out any circumstances when this would be needed!
- Hook: 'BSWikiAdminUserManagerBeforeUserListSend' was removed
- Groups have been queried by DB - why should there be a group lockmode?
- array( users => array(
- 1 => array(
- groups => array(
- 1 => array( 'group' => 'lockmode' )
- )
- )
- ))
- public function onBSWikiAdminUserManagerBeforeUserListSend(
$oUserManager, &$data ) {
- if ( !BsConfig::get( 'MW::PermissionManager::Lockmode' ) )
- return true;
+ I could not figure out any circumstances when this would be needed!
+ Hook: 'BSWikiAdminUserManagerBeforeUserListSend' was removed
+ Groups have been queried by DB - why should there be a group lockmode?
+ array( users => array(
+ 1 => array(
+ groups => array(
+ 1 => array( 'group' => 'lockmode' )
+ )
+ )
+ ))
+ public function onBSWikiAdminUserManagerBeforeUserListSend(
$oUserManager, &$data ) {
+ if ( !BsConfig::get( 'MW::PermissionManager::Lockmode' ) )
+ return true;
- foreach ( $data[ 'users' ] as $keyname => $aUser ) {
- foreach ( $aUser as $index => $value ) {
- if ( is_array( $value ) ) {
- foreach ( $value as $indexof => $val ) {
- if ( is_array( $val ) ) {
- foreach ( $val as
$indexname => $groupName ) {
- if ( $indexname
== 'group' ) {
- if (
$groupName == BsGroupHelper::getLockModeGroup() ) {
-
unset( $data[ 'users' ][ $keyname ][ $index ][ $indexof ] );
-
$data[ 'users' ][ $keyname ][ $index ] = array_values( $data[ 'users' ][
$keyname ][ $index ] );
- }
- }
- }
- }
- }
- }
- }
- }
+ foreach ( $data[ 'users' ] as $keyname => $aUser ) {
+ foreach ( $aUser as $index => $value ) {
+ if ( is_array( $value ) ) {
+ foreach ( $value as $indexof => $val ) {
+ if ( is_array( $val ) ) {
+ foreach ( $val as $indexname => $groupName ) {
+ if ( $indexname == 'group' ) {
+ if ( $groupName == BsGroupHelper::getLockModeGroup() ) {
+ unset( $data[ 'users' ][ $keyname ][ $index ][ $indexof ] );
+ $data[ 'users' ][ $keyname ][ $index ] = array_values( $data[ 'users'
][ $keyname ][ $index ] );
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
- return true;
- }
- */
+ return true;
+ }
+ */
public static function setupLockmodePermissions() {
global $wgAdditionalGroups, $wgGroupPermissions,
$wgNamespacePermissionLockdown;
@@ -336,7 +338,7 @@
$bSave = true;
}
// reset sysop group permissions
- $wgGroupPermissions['sysop'] =
self::$aSysopDefaultPermissions;
+ $wgGroupPermissions[ 'sysop' ] =
self::$aSysopDefaultPermissions;
if ( is_array( $wgNamespacePermissionLockdown ) ) {
foreach ( $wgNamespacePermissionLockdown as
$iNsIndex => $aNsRights ) {
@@ -393,15 +395,15 @@
if ( isset( $wgNamespacePermissionLockdown[
$nsKey ][ $permissionName ] ) ) {
if ( !in_array(
self::$sPmLockModeGroup, $wgNamespacePermissionLockdown[ $nsKey ][
$permissionName ] ) ) {
$wgNamespacePermissionLockdown[
$nsKey ][ $permissionName ] = array_unique(
- array_merge(
$wgNamespacePermissionLockdown[ $nsKey ][ $permissionName ], array(
self::$sPmLockModeGroup )
- )
+ array_merge(
$wgNamespacePermissionLockdown[ $nsKey ][ $permissionName ], array(
self::$sPmLockModeGroup )
+ )
);
$bSave = true;
}
if ( !in_array( 'sysop',
$wgNamespacePermissionLockdown[ $nsKey ][ $permissionName ] ) ) {
$wgNamespacePermissionLockdown[
$nsKey ][ $permissionName ] = array_unique(
- array_merge(
$wgNamespacePermissionLockdown[ $nsKey ][ $permissionName ], array( 'sysop' )
- )
+ array_merge(
$wgNamespacePermissionLockdown[ $nsKey ][ $permissionName ], array( 'sysop' )
+ )
);
$bSave = true;
}
@@ -438,9 +440,9 @@
}
$aMetadata[] = array(
- 'id' => $iNSId,
- 'name' => $sNsText,
- 'hideable' => $iNSId !== NS_MAIN
+ 'id' => $iNSId,
+ 'name' => $sNsText,
+ 'hideable' => $iNSId !== NS_MAIN
);
}
@@ -463,7 +465,7 @@
foreach ( $aRights as $sRight ) {
if ( !isset( $bsgPermissionConfig[ $sRight ] )
) {
$bsgPermissionConfig[ $sRight ] = array(
- 'type' => 'namespace'
+ 'type' => 'namespace'
);
}
$aConfig = $bsgPermissionConfig[ $sRight ];
@@ -472,9 +474,7 @@
'hint' => wfMessage( 'right-' . $sRight
)->plain(),
'right' => $sRight,
'type' => $bGlobalPermission ? 2 : 1,
- 'typeHeader' => $bGlobalPermission
- ? wfMessage(
'bs-permissionmanager-grouping-global' )->plain()
- : wfMessage(
'bs-permissionmanager-grouping-local' )->plain()
+ 'typeHeader' => $bGlobalPermission ?
wfMessage( 'bs-permissionmanager-grouping-global' )->plain() : wfMessage(
'bs-permissionmanager-grouping-local' )->plain()
);
}
}
@@ -508,9 +508,9 @@
$bSaveResult = PermissionTemplates::editTemplate( $iId,
$sName, $aPermissions, $sDescription );
}
$aResult = array(
- 'success' => false,
- 'msg' => $bSaveResult,
- 'id' => $iId
+ 'success' => false,
+ 'msg' => $bSaveResult,
+ 'id' => $iId
);
if ( $bSaveResult ) {
@@ -530,8 +530,8 @@
$bDeleteResult = false;
}
$aResult = array(
- 'success' => false,
- 'msg' => ''
+ 'success' => false,
+ 'msg' => ''
);
if ( $bDeleteResult ) {
@@ -553,8 +553,8 @@
return false;
}
- $aGroupPermissions = $data->groupPermission;
- $aLockdown = $data->permissionLockdown;
+ $aGroupPermissions = ( array ) $data->groupPermission;
+ $aLockdown = ( array ) $data->permissionLockdown;
$aResult = array();
$mStatus = wfRunHooks(
'BsPermissionManager::beforeSavePermissions', array( &$aLockdown,
&$aGroupPermissions, &$aResult ) );
@@ -568,11 +568,11 @@
}
if ( $mStatus === true ) {
- $mStatusWritePMSettings = self::writeGroupSettings(
(array)$aGroupPermissions, (array)$aLockdown );
+ $mStatusWritePMSettings = self::writeGroupSettings(
$aGroupPermissions, $aLockdown );
return $mStatusWritePMSettings;
}
- return false;
+ return $mStatus;
}
public static function getPermissionArray( $group = "", $timestamp = ""
) {
@@ -666,7 +666,7 @@
if ( !empty( $aPermissions ) ) {
continue;
}
- $aJsVars[ 'bsPermissionManagerGroupPermissions' ][
$sGroup ] = (object)array();
+ $aJsVars[ 'bsPermissionManagerGroupPermissions' ][
$sGroup ] = ( object ) array();
}
return $aJsVars;
@@ -681,7 +681,7 @@
* @param array $aGroupPermissions
* @return bool|String
*/
- protected static function preventPermissionLockout( &$aGroupPermissions
) {
+ protected static function preventPermissionLockout( $aGroupPermissions
) {
global $bsgPermissionConfig;
$aRights = User::getAllRights();
@@ -694,6 +694,7 @@
$bIsSet = false;
if ( is_array( $aGroupPermissions ) ) {
foreach ( $aGroupPermissions as
$sGroupName => $aDataset ) {
+ $aDataset = (array)$aDataset;
// no user can be in the lock
mode group so we don't care if it has the right or not
if ( $sGroupName ==
self::$sPmLockModeGroup ) {
continue;
@@ -705,8 +706,8 @@
}
if ( !$bIsSet ) {
return Message::newFromKey(
'bs-permissionmanager-error-lockout' )
- ->params(
$sRight )
- ->plain();
+ ->params( $sRight )
+ ->plain();
}
}
}
@@ -722,11 +723,11 @@
/* @var $oTemplate PermissionTemplates */
foreach ( $aTemplates as $oTemplate ) {
$aOutput[] = array(
- 'id' => $oTemplate->getId(),
- 'text' => $oTemplate->getName(),
- 'leaf' => true,
- 'description' =>
$oTemplate->getDescription(),
- 'ruleSet' =>
$oTemplate->getPermissions()
+ 'id' => $oTemplate->getId(),
+ 'text' => $oTemplate->getName(),
+ 'leaf' => true,
+ 'description' => $oTemplate->getDescription(),
+ 'ruleSet' => $oTemplate->getPermissions()
);
}
@@ -739,8 +740,8 @@
if ( wfReadOnly() ) {
global $wgReadOnly;
return array(
- 'success' => false,
- 'msg' => wfMessage( 'bs-readonly',
$wgReadOnly )->plain()
+ 'success' => false,
+ 'msg' => wfMessage( 'bs-readonly', $wgReadOnly
)->plain()
);
}
if ( BsCore::checkAccessAdmission( 'wikiadmin' ) === false )
@@ -759,9 +760,7 @@
foreach ( $aPermissions as $sPermission => $bValue ) {
$sSaveContent .=
"\$GLOBALS['wgGroupPermissions']['{$sGroup}']['{$sPermission}'] = " . ( $bValue
? 'true' : 'false' ) . ";\n";
// check if settings for the given group changed
- if ( !isset( $wgGroupPermissions[ $sGroup ] )
- || !isset( $wgGroupPermissions[
$sGroup ][ $sPermission ] )
- || $wgGroupPermissions[ $sGroup
][ $sPermission ] != $bValue ) {
+ if ( !isset( $wgGroupPermissions[ $sGroup ] )
|| !isset( $wgGroupPermissions[ $sGroup ][ $sPermission ] ) ||
$wgGroupPermissions[ $sGroup ][ $sPermission ] != $bValue ) {
$aDiffGroups[ $sGroup ] = true;
}
}
@@ -778,7 +777,7 @@
//$sNsCanonicalName does not always match the
constant name.
//Fallback to NS index or this will throw a
million notices
//on every page load.
- if( !defined( $sNsConstant ) ) {
+ if ( !defined( $sNsConstant ) ) {
$sNsConstant = $iNS;
}
foreach ( $aPermissions as $sPermission =>
$aGroups ) {
@@ -786,13 +785,12 @@
continue;
}
$sSaveContent .=
"\$GLOBALS['wgNamespacePermissionLockdown'][$sNsConstant]['$sPermission']"
- . " = array(" . ( count(
$aGroups ) ? "'" . implode( "','", $aGroups ) . "'" : '' ) . ");\n";
+ . " = array(" . ( count( $aGroups ) ?
"'" . implode( "','", $aGroups ) . "'" : '' ) . ");\n";
if ( $sPermission == 'read' ) {
$isReadLockdown = true;
}
// check if settings for any group
changed
- if ( isset(
$wgNamespacePermissionLockdown[ $sNsConstant ] )
- && isset(
$wgNamespacePermissionLockdown[ $sNsConstant ][ $sPermission ] )
+ if ( isset(
$wgNamespacePermissionLockdown[ $sNsConstant ] ) && isset(
$wgNamespacePermissionLockdown[ $sNsConstant ][ $sPermission ] )
) {
$aLocalDiffGroups = array_diff(
$aGroups, $wgNamespacePermissionLockdown[ $sNsConstant ][ $sPermission ] );
foreach ( $aLocalDiffGroups as
$sDiffGroup ) {
@@ -818,7 +816,7 @@
$oLogger->setPerformer( $oUser );
$oLogger->setTarget( $oTitle );
$oLogger->setParameters( array(
- '4::diffGroup' =>
$sDiffGroup
+ '4::diffGroup' => $sDiffGroup
) );
$oLogger->insert();
}
@@ -826,9 +824,9 @@
return array( 'success' => true );
} else {
return array(
- 'success' => false,
- // TODO SU (04.07.11 12:06): i18n
- 'msg' => 'Not able to create or write
"' . $bsgConfigFiles[ 'PermissionManager' ] . '".'
+ 'success' => false,
+ // TODO SU (04.07.11 12:06): i18n
+ 'msg' => 'Not able to create or write "' .
$bsgConfigFiles[ 'PermissionManager' ] . '".'
);
}
}
@@ -861,4 +859,5 @@
unlink( $oldBackupFile );
}
}
+
}
diff --git a/PermissionManager/PermissionManager.setup.php
b/PermissionManager/PermissionManager.setup.php
index 1930c95..07d82e9 100644
--- a/PermissionManager/PermissionManager.setup.php
+++ b/PermissionManager/PermissionManager.setup.php
@@ -1,2 +1,107 @@
<?php
+if( !isset( $bsgPermissionManagerDefaultTemplates ) ) {
+ $bsgPermissionManagerDefaultTemplates = array();
+}
+
+$bsgConfigFiles['PermissionManager'] = BSCONFIGDIR . DS . 'pm-settings.php';
+
+//set config for Permissionmanager::preventPermissionLockout
+global $bsgPermissionConfig;
+$bsgPermissionConfig[ 'read' ][ 'preventLockout' ] = true;
+$bsgPermissionConfig[ 'wikiadmin' ][ 'preventLockout' ] = true;
+$bsgPermissionConfig[ 'edit' ][ 'preventLockout' ] = true;
+
+$bsgPermissionManagerDefaultTemplates = array(
+ //Not namespace specific
+ 'bs-permissionmanager-default-template-read-general-title' => array(
+ //BlueSpice
+ //TODO: Move to other extensions
+ 'files',
+ 'viewfiles',
+ 'searchfiles'
+
+ ),
+
+ 'bs-permissionmanager-default-template-read-title' => array(
+ //MediaWiki standard
+ 'read',
+
+ //BlueSpice
+ //TODO: Move to other extensions
+ 'readshoutbox',
+ 'universalexport-export',
+ 'universalexport-export-with-attachments'
+
+ ),
+
+ //Not namespace specific
+ 'bs-permissionmanager-default-template-edit-general-title' => array(
+ //MediaWiki standard
+ 'movefile',
+ 'move-rootuserpages',
+ 'upload',
+ 'reupload',
+ 'reupload-own',
+ 'reupload-shared',
+ 'upload_by_url',
+ 'writeapi',
+
+ //BlueSpice
+ //TODO: Move to other extensions
+ 'writeshoutbox'
+ ),
+
+ 'bs-permissionmanager-default-template-edit-title' => array(
+ //MediaWiki standard
+ 'edit',
+ 'create',
+ 'createtalk',
+ 'move',
+ 'move-subbpages',
+ 'delete',
+
+ //BlueSpice
+ //TODO: Move to other extensions
+ 'writeshoutbox'
+ ),
+
+ 'bs-permissionmanager-default-template-admin-title' => array(
+ //MediaWiki standard
+ 'bigdelete',
+ 'browsearchive',
+ 'createaccount',
+ 'deletedtext',
+ 'deletedhistory',
+ 'protect',
+ 'editprotected',
+ 'block',
+ 'rollback',
+ 'import',
+ 'userrights',
+
+ //BlueSpice
+ //TODO: Move to other extensions
+ 'wikiadmin',
+ 'editadmin', // still in use?
+ 'useradmin' // still in use?
+ ),
+
+ 'bs-permissionmanager-default-template-quality-title' => array(
+ //MediaWiki FlaggedRevs
+ //TODO: Move to other extensions
+ 'autoreview',
+ 'review',
+ 'unreviewdpages',
+ 'validate',
+
+ //BlueSpice
+ //TODO: Move to other extensions
+ 'responsibleeditors-changeresponsibility',
+ 'responsibleeditors-takeresponsibility',
+ 'responsibleeditors-viewspecialpage',
+ 'workflowview',
+ 'workflowedit', // still in use?
+ )
+) + $bsgPermissionManagerDefaultTemplates;
+
wfLoadExtension( 'BlueSpiceExtensions/PermissionManager' );
\ No newline at end of file
diff --git a/PermissionManager/extension.json b/PermissionManager/extension.json
index a3fef57..90809cc 100644
--- a/PermissionManager/extension.json
+++ b/PermissionManager/extension.json
@@ -95,8 +95,7 @@
}
},
"Hooks": {
- "LoadExtensionSchemaUpdates":
"PermissionManager::getSchemaUpdates",
- "BsPermissionManager::beforeSavePermissions":
"PermissionValidator::beforeSavePermissionsValidateGlobalRead"
+ "LoadExtensionSchemaUpdates":
"PermissionManager::getSchemaUpdates"
},
"manifest_version": 1
}
diff --git a/PermissionManager/includes/PermissionValidator.php
b/PermissionManager/includes/PermissionValidator.php
index 100fe96..db08a21 100644
--- a/PermissionManager/includes/PermissionValidator.php
+++ b/PermissionManager/includes/PermissionValidator.php
@@ -9,15 +9,60 @@
*/
public static function beforeSavePermissionsValidateGlobalRead(
&$aLockdown, &$aGroupPermissions, &$aResult ) {
$arrGroupPermissions = ( array ) $aGroupPermissions;
//important for access, because object->* wouldnt work
+ print_r($arrGroupPermissions[ '*' ]->read );
$boolReadGlobal = (isset( $arrGroupPermissions[ '*' ]->read ))
? $arrGroupPermissions[ '*' ]->read : false;
$boolReadUser = (isset( $arrGroupPermissions[ 'user' ]->read ))
? $arrGroupPermissions[ 'user' ]->read : false;
$boolReadSysop = (isset( $arrGroupPermissions[ 'sysop' ]->read
)) ? $arrGroupPermissions[ 'sysop' ]->read : false;
$boolGlobalRead = ($boolReadGlobal || $boolReadUser ||
$boolReadSysop);
+
+
if(!$boolGlobalRead) {
$aResult = array(
'success' => false,
- 'msg' => wfMessage(
'bs-permissionmanager-error-lockout', 'read' )->plain()
+ 'message' => wfMessage(
'bs-permissionmanager-error-lockout', 'read' )->plain()
+ );
+ }
+ return true;
+ }
+
+ /**
+ * check if wikiadmin permission on global level is set minimum for
group sysop
+ * @param array $aLockdown
+ * @param array $aGroupPermissions
+ */
+ public static function beforeSavePermissionsValidateGlobalWikiadmin(
&$aLockdown, &$aGroupPermissions, &$aResult ) {
+ $arrGroupPermissions = ( array ) $aGroupPermissions;
//important for access, because object->* wouldnt work
+ $boolReadGlobal = (isset( $arrGroupPermissions[ '*'
]->wikiadmin )) ? $arrGroupPermissions[ '*' ]->wikiadmin : false;
+ $boolReadUser = (isset( $arrGroupPermissions[ 'user'
]->wikiadmin )) ? $arrGroupPermissions[ 'user' ]->wikiadmin : false;
+ $boolReadSysop = (isset( $arrGroupPermissions[ 'sysop'
]->wikiadmin )) ? $arrGroupPermissions[ 'sysop' ]->wikiadmin : false;
+ $boolGlobalRead = ($boolReadGlobal || $boolReadUser ||
$boolReadSysop);
+
+ if(!$boolGlobalRead) {
+ $aResult = array(
+ 'success' => false,
+ 'msg' => wfMessage(
'bs-permissionmanager-error-lockout', 'wikiadmin' )->plain()
+ );
+ }
+ return true;
+ }
+
+ /**
+ * check if edit permission on global level is set minimum for group
sysop
+ * @param array $aLockdown
+ * @param array $aGroupPermissions
+ */
+ public static function beforeSavePermissionsValidateGlobalEdit(
&$aLockdown, &$aGroupPermissions, &$aResult ) {
+ $arrGroupPermissions = ( array ) $aGroupPermissions;
//important for access, because object->* wouldnt work
+ $boolReadGlobal = (isset( $arrGroupPermissions[ '*' ]->edit ))
? $arrGroupPermissions[ '*' ]->edit : false;
+ $boolReadUser = (isset( $arrGroupPermissions[ 'user' ]->edit ))
? $arrGroupPermissions[ 'user' ]->edit : false;
+ $boolReadSysop = (isset( $arrGroupPermissions[ 'sysop' ]->edit
)) ? $arrGroupPermissions[ 'sysop' ]->edit : false;
+ $boolGlobalRead = ($boolReadGlobal || $boolReadUser ||
$boolReadSysop);
+
+ if(!$boolGlobalRead) {
+ $aResult = array(
+ 'success' => false,
+ 'msg' => wfMessage(
'bs-permissionmanager-error-lockout', 'edit' )->plain()
);
}
return true;
diff --git a/PermissionManager/includes/api/ApiPermissionManager.php
b/PermissionManager/includes/api/ApiPermissionManager.php
index 218ee96..33ea500 100644
--- a/PermissionManager/includes/api/ApiPermissionManager.php
+++ b/PermissionManager/includes/api/ApiPermissionManager.php
@@ -1,127 +1,132 @@
-<?php
-
-/*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
-
-class ApiPermissionManager extends BSApiTasksBase {
-
- protected $aTasks = array( 'savePermissions', 'permissions',
'setTemplateData', 'deleteTemplate' );
-
- public function getTaskDataDefinitions() {
- return array(
- "setTemplateData" => array(
- "id" => array(
- "type" => "int",
- "required" => true,
- "default" => ''
- ),
- "text" => array(
- "type" => "string",
- "required" => true,
- "default" => ''
- ),
- "leaf" => array(
- "type" => "boolean",
- "required" => true,
- "default" => ''
- ),
- "ruleSet" => array(
- "type" => "array",
- "required" => true,
- "default" => ''
- ),
- "description" => array(
- "type" => "string",
- "required" => true,
- "default" => ''
- )
- ),
- "deleteTemplate" => array(
- "id" => array(
- "type" => "int",
- "required" => true,
- "default" => ''
- )
- ),
- "savePermissions" => array(
- "groupPermission" => array(
- "type" => "array",
- "required" => true,
- "default" => ''
- ),
- "permissionLockdown" => array(
- "type" => "array",
- "required" => true,
- "default" => ''
- ),
- )
- );
- }
-
- protected function getRequiredTaskPermissions() {
- return array(
- 'deleteTemplate' => array( 'wikiadmin' ),
- 'permissions' => array( 'wikiadmin' ),
- 'savePermissions' => array( 'wikiadmin' ),
- 'setTemplateData' => array( 'wikiadmin' ),
- );
- }
-
- protected function task_savePermissions( $oData ) {
- $oRet = $this->makeStandardReturn();
- $arrRes = PermissionManager::savePermissions( $oData );
- $oRet->payload = $arrRes;
- $oRet->success = $arrRes[ "success" ];
-
- return $oRet;
- }
-
- protected function task_setTemplateData( $oTaskData ) {
- $oRet = $this->makeStandardReturn();
- $arrRes = PermissionManager::setTemplateData( $oTaskData );
- $oRet->payload = $arrRes;
- $oRet->success = $arrRes[ "success" ];
-
- return $oRet;
- }
-
- protected function task_deleteTemplate( $oData ) {
- $oRet = $this->makeStandardReturn();
- $arrRes = PermissionManager::deleteTemplate( $oData->id );
- $oRet->payload = $arrRes;
- $oRet->success = $arrRes[ "success" ];
-
- return $oRet;
- }
-
- protected function task_permissions( $oData ) {
- $oRet = $this->makeStandardReturn();
- //is revision requested by timestamp? default = current
- $arrData = array();
- if ( !isset( $oData->revision ) ) {
- //remove old permissions and override by including file
- $arrData = PermissionManager::getPermissionArray(
$oData->group );
- } else {
- $arrData = PermissionManager::getPermissionArray(
$oData->group, $oData->revision );
- }
-
- //return permissions for requested revision
- $arrResult = array(
- 'result' => 'Success',
- 'data' => $arrData
- );
- $oRet->success = true;
- //todo: add xml output handler, actualy this is only working
for json
- $oRet->payload = $arrResult;
-
- return $oRet;
- }
-
- public function __construct( $main, $action ) {
- parent::__construct( $main, $action );
- }
-
-}
+<?php
+
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+
+class ApiPermissionManager extends BSApiTasksBase {
+
+ protected $aTasks = array( 'savePermissions', 'permissions',
'setTemplateData', 'deleteTemplate' );
+
+ public function getTaskDataDefinitions() {
+ return array(
+ "setTemplateData" => array(
+ "id" => array(
+ "type" => "int",
+ "required" => true,
+ "default" => ''
+ ),
+ "text" => array(
+ "type" => "string",
+ "required" => true,
+ "default" => ''
+ ),
+ "leaf" => array(
+ "type" => "boolean",
+ "required" => true,
+ "default" => ''
+ ),
+ "ruleSet" => array(
+ "type" => "array",
+ "required" => true,
+ "default" => ''
+ ),
+ "description" => array(
+ "type" => "string",
+ "required" => true,
+ "default" => ''
+ )
+ ),
+ "deleteTemplate" => array(
+ "id" => array(
+ "type" => "int",
+ "required" => true,
+ "default" => ''
+ )
+ ),
+ "savePermissions" => array(
+ "groupPermission" => array(
+ "type" => "array",
+ "required" => true,
+ "default" => ''
+ ),
+ "permissionLockdown" => array(
+ "type" => "array",
+ "required" => true,
+ "default" => ''
+ ),
+ )
+ );
+ }
+
+ protected function getRequiredTaskPermissions() {
+ return array(
+ 'deleteTemplate' => array( 'wikiadmin' ),
+ 'permissions' => array( 'wikiadmin' ),
+ 'savePermissions' => array( 'wikiadmin' ),
+ 'setTemplateData' => array( 'wikiadmin' ),
+ );
+ }
+
+ protected function task_savePermissions( $oData ) {
+ $oRet = $this->makeStandardReturn();
+ $oRet->success = true;
+ $arrRes = PermissionManager::savePermissions( $oData );
+
+ if ( $arrRes !== true && ( !isset( $arrRes['success'] ) ||
$arrRes['success'] !== true ) ) {
+ $oRet->errors[] = $arrRes;
+ $oRet->message = "Error: " . $arrRes;
+ $oRet->success = false;
+ }
+
+ return $oRet;
+ }
+
+ protected function task_setTemplateData( $oTaskData ) {
+ $oRet = $this->makeStandardReturn();
+ $arrRes = PermissionManager::setTemplateData( $oTaskData );
+ $oRet->payload = $arrRes;
+ $oRet->success = $arrRes[ "success" ];
+
+ return $oRet;
+ }
+
+ protected function task_deleteTemplate( $oData ) {
+ $oRet = $this->makeStandardReturn();
+ $arrRes = PermissionManager::deleteTemplate( $oData->id );
+ $oRet->payload = $arrRes;
+ $oRet->success = $arrRes[ "success" ];
+
+ return $oRet;
+ }
+
+ protected function task_permissions( $oData ) {
+ $oRet = $this->makeStandardReturn();
+ //is revision requested by timestamp? default = current
+ $arrData = array();
+ if ( !isset( $oData->revision ) ) {
+ //remove old permissions and override by including file
+ $arrData = PermissionManager::getPermissionArray(
$oData->group );
+ } else {
+ $arrData = PermissionManager::getPermissionArray(
$oData->group, $oData->revision );
+ }
+
+ //return permissions for requested revision
+ $arrResult = array(
+ 'result' => 'Success',
+ 'data' => $arrData
+ );
+ $oRet->success = true;
+ //todo: add xml output handler, actualy this is only working
for json
+ $oRet->payload = $arrResult;
+
+ return $oRet;
+ }
+
+ public function __construct( $main, $action ) {
+ parent::__construct( $main, $action );
+ }
+
+}
diff --git a/PermissionManager/resources/BS.PermissionManager/data/Manager.js
b/PermissionManager/resources/BS.PermissionManager/data/Manager.js
index 931d591..cc3231a 100644
--- a/PermissionManager/resources/BS.PermissionManager/data/Manager.js
+++ b/PermissionManager/resources/BS.PermissionManager/data/Manager.js
@@ -487,9 +487,8 @@
}
).done(function (response) {
//var result = Ext.JSON.decode(response.responseText);
- var result = response.payload;
- if (result.success === true) {
+ if (response.success === true) {
caller.unmask();
mw.notify( mw.msg(
'bs-permissionmanager-save-success' ), { title: mw.msg(
'bs-extjs-title-success' ) } );
@@ -522,15 +521,16 @@
} else {
caller.unmask();
bs.util.alert( 'bs-pm-save-error', {
- text: result.msg
+ text: result.message
});
}
}).fail( function ( response ) {
- var result = response.payload;
caller.unmask();
+ /*
bs.util.alert( 'bs-pm-save-error', {
- text: result.msg
+ text: response.message
} );
+ */
} );
}
--
To view, visit https://gerrit.wikimedia.org/r/311421
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: If619c6ff3e4363f9d5a84f32c30e7d6f9c676ae6
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/BlueSpiceExtensions
Gerrit-Branch: master
Gerrit-Owner: Ljonka <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
