mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-12-21 01:42:45 +00:00
cee8e14cf1
This is consistent with the "anti-DoS" measures on other API modules. Although this may not be a serious DoS vector, it makes sense to restrict this module. Moreover, it's also consistent with Special:AbuseFilter/tools (which is the corresponding web interface), which requires the same user rights. Bug: T238451 Change-Id: Id09fd57195d71884674ac0470f137ca30c56e13c
43 lines
931 B
PHP
43 lines
931 B
PHP
<?php
|
|
|
|
class ApiAbuseFilterEvalExpression extends ApiBase {
|
|
/**
|
|
* @see ApiBase::execute()
|
|
*/
|
|
public function execute() {
|
|
// "Anti-DoS"
|
|
if ( !AbuseFilter::canViewPrivate( $this->getUser() ) ) {
|
|
$this->dieWithError( 'apierror-abusefilter-canteval', 'permissiondenied' );
|
|
}
|
|
|
|
$params = $this->extractRequestParams();
|
|
|
|
$result = AbuseFilter::evaluateExpression( $params['expression'] );
|
|
|
|
$this->getResult()->addValue( null, $this->getModuleName(), [ 'result' => $result ] );
|
|
}
|
|
|
|
/**
|
|
* @see ApiBase::getAllowedParams()
|
|
* @return array
|
|
*/
|
|
public function getAllowedParams() {
|
|
return [
|
|
'expression' => [
|
|
ApiBase::PARAM_REQUIRED => true,
|
|
],
|
|
];
|
|
}
|
|
|
|
/**
|
|
* @see ApiBase::getExamplesMessages()
|
|
* @return array
|
|
*/
|
|
protected function getExamplesMessages() {
|
|
return [
|
|
'action=abusefilterevalexpression&expression=lcase("FOO")'
|
|
=> 'apihelp-abusefilterevalexpression-example-1',
|
|
];
|
|
}
|
|
}
|