Dominic.sauer has uploaded a new change for review.
https://gerrit.wikimedia.org/r/215305
Change subject: Add permission check for mark as exception
......................................................................
Add permission check for mark as exception
Change-Id: I210f16346f51f7e806ef009c01627ff104bcc721
---
M api/GetViolations.php
M includes/Violations/DispatchingViolationContext.php
M includes/Violations/ViolationContext.php
3 files changed, 48 insertions(+), 6 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/WikidataQuality
refs/changes/05/215305/1
diff --git a/api/GetViolations.php b/api/GetViolations.php
index 8563686..71192a6 100755
--- a/api/GetViolations.php
+++ b/api/GetViolations.php
@@ -6,8 +6,12 @@
use DataValues\Serializers;
use Doctrine\Instantiator\Exception\UnexpectedValueException;
use Wikibase\Api\ApiWikibase;
+use Wikibase\DataModel\Entity\EntityId;
use Wikibase\DataModel\Entity\EntityIdParser;
+use Wikibase\Lib\Store\EntityRevisionLookup;
+use Wikibase\Lib\Store\StorageException;
use Wikibase\Repo\WikibaseRepo;
+use Wikibase\Repo\Store\EntityPermissionChecker;
use WikibaseQuality\Violations\DispatchingViolationContext;
use WikibaseQuality\Violations\Violation;
use WikibaseQuality\Violations\ViolationQuery;
@@ -47,6 +51,11 @@
*/
private $violationContext;
+ /**
+ * @var EntityPermissionChecker
+ */
+ private $permissionChecker;
+
/**
* @param ApiMain $main
* @param string $name
@@ -59,6 +68,7 @@
$this->violationSerializer =
WikibaseQualityFactory::getDefaultInstance()->getViolationSerializer();
$this->entityIdParser =
WikibaseRepo::getDefaultInstance()->getEntityIdParser();
$this->violationContext =
WikibaseQualityFactory::getDefaultInstance()->getDispatchingViolationContext();
+ $this->permissionChecker =
WikibaseRepo::getDefaultInstance()->getEntityPermissionChecker();
}
/**
@@ -72,7 +82,10 @@
$entityId = $this->entityIdParser->parse( $params['entityId'] );
$violations = $this->getViolationsOfEntity( $entityId );
- $this->writeResultOutput( $violations );
+
+ $permissionStatus = $this->checkExceptionPermission( $entityId );
+
+ $this->writeResultOutput( $violations, $permissionStatus );
}
/**
@@ -91,14 +104,15 @@
/**
* @param Violation[] $violations
+ * @param bool $permissionStatus
*/
- private function writeResultOutput( array $violations ) {
+ private function writeResultOutput( array $violations,
$permissionStatus ) {
$output = array();
if ( count( $violations ) > 0 ) {
foreach ( $violations as $violation ) {
try {
$shortMessage = $this->violationContext->getShortMessage(
$violation );
- $longMessage = $this->violationContext->getLongMessage(
$violation );
+ $longMessage = $this->violationContext->getLongMessage(
$violation, $permissionStatus );
$iconPath = $this->violationContext->getIconPath(
$violation );
}
catch( UnexpectedValueException $e ) {
@@ -151,4 +165,30 @@
'action=wdqagetviolations&entityId=Q76' =>
'apihelp-wdqagetviolations-examples-1'
);
}
+
+
+ /**
+ * Checks the permission for marking an violation as exception
+ *
+ * @param EntityId $entityId
+ *
+ * @return bool
+ * @codeCoverageIgnore
+ */
+ private function checkExceptionPermission( EntityId $entityId ) {
+ $user = \RequestContext::getMain()->getUser();
+ $baseRevisionId = EntityRevisionLookup::LATEST_FROM_MASTER;
+ $status = false;
+ try {
+ $entityRev = $this->getEntityRevisionLookup()->getEntityRevision(
$entityId, $baseRevisionId );
+ $entity = $entityRev->getEntity();
+ // At this point only change/edit rights should be checked
+ $status = $this->permissionChecker->getPermissionStatusForEntity(
$user, 'wikibase-violation-exception', $entity );
+ } catch ( StorageException $ex ) {
+ $this->dieException( $ex, 'no-such-entity' );
+ }
+
+ return $status->isOK();
+ }
+
}
\ No newline at end of file
diff --git a/includes/Violations/DispatchingViolationContext.php
b/includes/Violations/DispatchingViolationContext.php
index b01f167..e8c5f87 100755
--- a/includes/Violations/DispatchingViolationContext.php
+++ b/includes/Violations/DispatchingViolationContext.php
@@ -86,11 +86,12 @@
* Returns human readable message for given violation of this context.
*
* @param Violation $violation
+ * @param bool $permissionStatus
* @return string
*/
- public function getLongMessage( Violation $violation ) {
+ public function getLongMessage( Violation $violation, $permissionStatus ) {
- return $this->getContextOf( $violation )->getLongMessage( $violation );
+ return $this->getContextOf( $violation )->getLongMessage( $violation,
$permissionStatus );
}
/**
diff --git a/includes/Violations/ViolationContext.php
b/includes/Violations/ViolationContext.php
index 180ebb2..5ee486b 100755
--- a/includes/Violations/ViolationContext.php
+++ b/includes/Violations/ViolationContext.php
@@ -68,7 +68,8 @@
* Returns human readable long message for given violation of this context.
*
* @param Violation $violation
+ * @param bool $permissionStatus
* @return string
*/
- public function getLongMessage( Violation $violation );
+ public function getLongMessage( Violation $violation, $permissionStatus );
}
\ No newline at end of file
--
To view, visit https://gerrit.wikimedia.org/r/215305
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I210f16346f51f7e806ef009c01627ff104bcc721
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/WikidataQuality
Gerrit-Branch: master
Gerrit-Owner: Dominic.sauer <dominic.sa...@yahoo.de>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
