jenkins-bot has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/362239 )
Change subject: Remove permission check logic from some Api classes
......................................................................
Remove permission check logic from some Api classes
EntityPermissionChecker implementation should take care of
what specific MediaWiki permissions are relevant. Api classes
should should specify what kind of actions they are request
permission to.
Also removes "entity exists" checks from Api\EditEntity,
and makes it simply require "edit" permission.
EntityPermissionChecker determines whether creating a new
entity (unlike editing the existing one) requires some
extra permissions.
Bug: T166586
Change-Id: I7868f0336f51c17276cb4c56e592424b60034702
---
M repo/includes/Api/EditEntity.php
M repo/includes/Api/ModifyEntity.php
M repo/includes/Api/ModifyTerm.php
M repo/includes/Api/SetAliases.php
M repo/includes/Store/WikiPageEntityStorePermissionChecker.php
5 files changed, 7 insertions(+), 37 deletions(-)
Approvals:
Daniel Kinzler: Looks good to me, approved
Addshore: Looks good to me, but someone else must approve
jenkins-bot: Verified
diff --git a/repo/includes/Api/EditEntity.php b/repo/includes/Api/EditEntity.php
index 21a7390..63a2dcd 100644
--- a/repo/includes/Api/EditEntity.php
+++ b/repo/includes/Api/EditEntity.php
@@ -150,28 +150,6 @@
}
/**
- * @param EntityDocument $entity
- *
- * @throws InvalidArgumentException
- * @return string[] A list of permissions
- */
- protected function getRequiredPermissions( EntityDocument $entity ) {
- $permissions = $this->isWriteMode() ? [ 'read', 'edit' ] : [
'read' ];
-
- if ( !$this->entityExists( $entity->getId() ) ) {
- $permissions[] = 'createpage';
-
- switch ( $entity->getType() ) {
- case 'property':
- $permissions[] = $entity->getType() .
'-create'; //property-create
- break;
- }
- }
-
- return $permissions;
- }
-
- /**
* @param EntityId $entityId
*
* @return bool
diff --git a/repo/includes/Api/ModifyEntity.php
b/repo/includes/Api/ModifyEntity.php
index a766425..7bb82bd 100644
--- a/repo/includes/Api/ModifyEntity.php
+++ b/repo/includes/Api/ModifyEntity.php
@@ -287,7 +287,7 @@
* @return string[]
*/
protected function getRequiredPermissions( EntityDocument $entity ) {
- return $this->isWriteMode() ? [ 'read', 'edit' ] : [ 'read' ];
+ return [ EntityPermissionChecker::ACTION_EDIT ];
}
private function addToOutput( EntityDocument $entity, Status $status,
$oldRevId = null ) {
diff --git a/repo/includes/Api/ModifyTerm.php b/repo/includes/Api/ModifyTerm.php
index 8c05532c..c6b744a 100644
--- a/repo/includes/Api/ModifyTerm.php
+++ b/repo/includes/Api/ModifyTerm.php
@@ -4,6 +4,7 @@
use InvalidArgumentException;
use Wikibase\DataModel\Entity\EntityDocument;
+use Wikibase\Repo\Store\EntityPermissionChecker;
use Wikibase\Repo\WikibaseRepo;
use Wikibase\Summary;
@@ -43,9 +44,7 @@
* @return string[] A list of permissions
*/
protected function getRequiredPermissions( EntityDocument $entity ) {
- $permissions = $this->isWriteMode() ? [ 'read', 'edit' ] : [
'read' ];
- $permissions[] = $entity->getType() . '-term';
- return $permissions;
+ return [ EntityPermissionChecker::ACTION_EDIT_TERMS ];
}
/**
diff --git a/repo/includes/Api/SetAliases.php b/repo/includes/Api/SetAliases.php
index 00485c9..39f068c 100644
--- a/repo/includes/Api/SetAliases.php
+++ b/repo/includes/Api/SetAliases.php
@@ -5,6 +5,7 @@
use ApiMain;
use ApiUsageException;
use InvalidArgumentException;
+use Wikibase\Repo\Store\EntityPermissionChecker;
use Wikibase\Summary;
use Wikibase\Repo\ChangeOp\ChangeOp;
use Wikibase\Repo\ChangeOp\ChangeOpAliases;
@@ -66,9 +67,7 @@
* @return string[] A list of permissions
*/
protected function getRequiredPermissions( EntityDocument $entity ) {
- $permissions = $this->isWriteMode() ? [ 'read', 'edit' ] : [
'read' ];
- $permissions[] = $entity->getType() . '-term';
- return $permissions;
+ return [ EntityPermissionChecker::ACTION_EDIT_TERMS ];
}
/**
diff --git a/repo/includes/Store/WikiPageEntityStorePermissionChecker.php
b/repo/includes/Store/WikiPageEntityStorePermissionChecker.php
index 8df144f..0831a7f 100644
--- a/repo/includes/Store/WikiPageEntityStorePermissionChecker.php
+++ b/repo/includes/Store/WikiPageEntityStorePermissionChecker.php
@@ -167,10 +167,7 @@
}
private function getMediaWikiPermissionsToCheck( $action, $entityType )
{
- if ( $action === EntityPermissionChecker::ACTION_CREATE ||
- // TODO: temporarily handle MW create permissions here,
until all users are adjusted
- $action === 'createpage' || $action ===
'property-create'
- ) {
+ if ( $action === EntityPermissionChecker::ACTION_CREATE ) {
$entityTypeSpecificCreatePermission = $entityType .
'-create';
$permissions = [ 'read', 'edit', 'createpage' ];
@@ -180,10 +177,7 @@
return $permissions;
}
- if ( $action === EntityPermissionChecker::ACTION_EDIT_TERMS ||
- // TODO: temporarily handle MW permissions here, until
all users are adjusted
- $action === 'item-term' || $action === 'property-term'
- ) {
+ if ( $action === EntityPermissionChecker::ACTION_EDIT_TERMS ) {
$entityTypeSpecificEditTermsPermission = $entityType .
'-term';
$permissions = [ 'read', 'edit' ];
--
To view, visit https://gerrit.wikimedia.org/r/362239
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I7868f0336f51c17276cb4c56e592424b60034702
Gerrit-PatchSet: 11
Gerrit-Project: mediawiki/extensions/Wikibase
Gerrit-Branch: master
Gerrit-Owner: WMDE-leszek <[email protected]>
Gerrit-Reviewer: Addshore <[email protected]>
Gerrit-Reviewer: Aleksey Bekh-Ivanov (WMDE) <[email protected]>
Gerrit-Reviewer: Daniel Kinzler <[email protected]>
Gerrit-Reviewer: Thiemo Mättig (WMDE) <[email protected]>
Gerrit-Reviewer: WMDE-leszek <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
