1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
<?php
namespace MediaWiki\Rest\BasicAccess;
use MediaWiki\Rest\Handler;
use MediaWiki\Rest\RequestInterface;
/**
* A request authorizer which checks needsReadAccess() and needsWriteAccess() in the
* handler and calls isReadAllowed() and/or isWriteAllowed() in the subclass
* accordingly.
*
* @internal
*/
abstract class BasicRequestAuthorizer {
protected RequestInterface $request;
protected Handler $handler;
/**
* @param RequestInterface $request
* @param Handler $handler
*/
public function __construct( RequestInterface $request, Handler $handler ) {
$this->request = $request;
$this->handler = $handler;
}
/**
* @see BasicAuthorizerInterface::authorize()
* @return string|null If the request is denied, the string error code. If
* the request is allowed, null.
*/
public function authorize() {
if ( $this->handler->needsReadAccess() && !$this->isReadAllowed() ) {
return 'rest-read-denied';
}
if ( $this->handler->needsWriteAccess() && !$this->isWriteAllowed() ) {
return 'rest-write-denied';
}
return null;
}
/**
* Check if the current user is allowed to read from the wiki
*
* @return bool
*/
abstract protected function isReadAllowed();
/**
* Check if the current user is allowed to write to the wiki
*
* @return bool
*/
abstract protected function isWriteAllowed();
}
|
