mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/Echo
synced 2024-12-11 15:38:37 +00:00
3513c642dd
Creates a new push-subscription-manager group and an associated right, manage-all-push-subscriptions. The purpose of this is to allow privileged accounts to purge expired subscriptions from the database on behalf of other users. A user with this right will be permitted to delete any subscription from the DB based on the token alone. For all other users, deletion requests will be limited to those associated with the requesting user's central ID. This right will be granted to a bot account on Metawiki associated with the Wikimedia push notifications service, and the push notifications service account will make push subscription delete requests to the API for subscriptions for which vendor APIs return bad subscription responses. Additionally, the providertoken parameter to ApiPushSubscriptionDelete is updated to allow multiple providertoken values. Bug: T259148 Change-Id: Ia6c17588ee94e6be74e5e3a75eb33e38f172fc93
116 lines
2.7 KiB
PHP
116 lines
2.7 KiB
PHP
<?php
|
|
|
|
namespace EchoPush\Api;
|
|
|
|
use ApiBase;
|
|
use ApiMain;
|
|
use ApiUsageException;
|
|
use EchoPush\SubscriptionManager;
|
|
use EchoPush\Utils;
|
|
use EchoServices;
|
|
use Wikimedia\ParamValidator\ParamValidator;
|
|
|
|
class ApiEchoPushSubscriptionsDelete extends ApiBase {
|
|
|
|
/** @var ApiBase */
|
|
private $parent;
|
|
|
|
/** @var SubscriptionManager */
|
|
private $subscriptionManager;
|
|
|
|
/**
|
|
* Static entry point for initializing the module
|
|
* @param ApiBase $parent Parent module
|
|
* @param string $name Module name
|
|
* @return ApiEchoPushSubscriptionsDelete
|
|
*/
|
|
public static function factory( ApiBase $parent, string $name ):
|
|
ApiEchoPushSubscriptionsDelete {
|
|
$subscriptionManager = EchoServices::getInstance()->getPushSubscriptionManager();
|
|
$module = new self( $parent->getMain(), $name, $subscriptionManager );
|
|
$module->parent = $parent;
|
|
return $module;
|
|
}
|
|
|
|
/**
|
|
* @param ApiMain $mainModule
|
|
* @param string $moduleName
|
|
* @param SubscriptionManager $subscriptionManager
|
|
*/
|
|
public function __construct(
|
|
ApiMain $mainModule,
|
|
string $moduleName,
|
|
SubscriptionManager $subscriptionManager
|
|
) {
|
|
parent::__construct( $mainModule, $moduleName );
|
|
$this->subscriptionManager = $subscriptionManager;
|
|
}
|
|
|
|
/**
|
|
* Entry point for executing the module.
|
|
* @inheritDoc
|
|
*/
|
|
public function execute(): void {
|
|
$tokens = $this->getParameter( 'providertoken' );
|
|
$userId = null;
|
|
|
|
// Restrict deletion to the user's own token(s) if not a push subscription manager
|
|
try {
|
|
$this->checkUserRightsAny( 'manage-all-push-subscriptions' );
|
|
} catch ( ApiUsageException $e ) {
|
|
$userId = Utils::getPushUserId( $this->getUser() );
|
|
}
|
|
|
|
$numRowsDeleted = $this->subscriptionManager->delete( $tokens, $userId );
|
|
if ( $numRowsDeleted == 0 ) {
|
|
$this->dieWithError( 'apierror-echo-push-token-not-found' );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get the parent module.
|
|
* @return ApiBase
|
|
*/
|
|
public function getParent(): ApiBase {
|
|
return $this->parent;
|
|
}
|
|
|
|
/** @inheritDoc */
|
|
protected function getAllowedParams(): array {
|
|
return [
|
|
'providertoken' => [
|
|
ParamValidator::PARAM_TYPE => 'string',
|
|
ParamValidator::PARAM_REQUIRED => true,
|
|
ParamValidator::PARAM_ISMULTI => true,
|
|
],
|
|
];
|
|
}
|
|
|
|
/** @inheritDoc */
|
|
protected function getExamplesMessages(): array {
|
|
return [
|
|
"action=echopushsubscriptions&command=delete&providertoken=ABC123" =>
|
|
"apihelp-echopushsubscriptions+delete-example"
|
|
];
|
|
}
|
|
|
|
// The parent module already enforces these but they make documentation nicer.
|
|
|
|
/** @inheritDoc */
|
|
public function isWriteMode(): bool {
|
|
return true;
|
|
}
|
|
|
|
/** @inheritDoc */
|
|
public function mustBePosted(): bool {
|
|
return true;
|
|
}
|
|
|
|
/** @inheritDoc */
|
|
public function isInternal(): bool {
|
|
// experimental!
|
|
return true;
|
|
}
|
|
|
|
}
|