1<?php 2/** 3 * This program is free software; you can redistribute it and/or modify 4 * it under the terms of the GNU General Public License as published by 5 * the Free Software Foundation; either version 2 of the License, or 6 * (at your option) any later version. 7 * 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 * GNU General Public License for more details. 12 * 13 * You should have received a copy of the GNU General Public License along 14 * with this program; if not, write to the Free Software Foundation, Inc., 15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 16 * http://www.gnu.org/copyleft/gpl.html 17 */ 18 19namespace MediaWiki\Extension\OATHAuth\Api\Module; 20 21use ApiBase; 22use ApiQuery; 23use ApiQueryBase; 24use ApiResult; 25use MediaWiki\MediaWikiServices; 26use User; 27 28/** 29 * Query module to check if a user has OATH authentication enabled. 30 * 31 * Usage requires the 'oathauth-api-all' grant which is not given to any group 32 * by default. Use of this API is security sensitive and should not be granted 33 * lightly. Configuring a special 'oathauth' user group is recommended. 34 * 35 * @ingroup API 36 * @ingroup Extensions 37 */ 38class ApiQueryOATH extends ApiQueryBase { 39 /** 40 * @param ApiQuery $query 41 * @param string $moduleName 42 */ 43 public function __construct( $query, $moduleName ) { 44 parent::__construct( $query, $moduleName, 'oath' ); 45 } 46 47 public function execute() { 48 $params = $this->extractRequestParams(); 49 if ( $params['user'] === null ) { 50 $params['user'] = $this->getUser()->getName(); 51 } 52 53 $this->checkUserRightsAny( 'oathauth-api-all' ); 54 55 $user = User::newFromName( $params['user'] ); 56 if ( $user === false ) { 57 $this->dieWithError( 'noname' ); 58 } 59 60 $result = $this->getResult(); 61 $data = [ 62 ApiResult::META_BC_BOOLS => [ 'enabled' ], 63 'enabled' => false, 64 ]; 65 66 if ( !$user->isAnon() ) { 67 $userRepo = MediaWikiServices::getInstance()->getService( 'OATHUserRepository' ); 68 $authUser = $userRepo->findByUser( $user ); 69 $data['enabled'] = $authUser && 70 $authUser->getModule() !== null && 71 $authUser->getModule()->isEnabled( $authUser ); 72 } 73 $result->addValue( 'query', $this->getModuleName(), $data ); 74 } 75 76 /** 77 * @param array $params 78 * 79 * @return string 80 */ 81 public function getCacheMode( $params ) { 82 return 'private'; 83 } 84 85 public function isInternal() { 86 return true; 87 } 88 89 /** 90 * @return array 91 */ 92 public function getAllowedParams() { 93 return [ 94 'user' => [ 95 ApiBase::PARAM_TYPE => 'user', 96 ], 97 ]; 98 } 99 100 /** 101 * @return array 102 */ 103 protected function getExamplesMessages() { 104 return [ 105 'action=query&meta=oath' 106 => 'apihelp-query+oath-example-1', 107 'action=query&meta=oath&oathuser=Example' 108 => 'apihelp-query+oath-example-2', 109 ]; 110 } 111} 112