For MediaWiki (recent comments | status changes | tags | authors | states | release notes)
Index: trunk/phase3/includes/api/ApiMain.php =================================================================== --- trunk/phase3/includes/api/ApiMain.php (revision 35398) +++ trunk/phase3/includes/api/ApiMain.php (revision 35399) @@ -179,12 +179,19 @@ } /** - * This method will simply cause an error if the write mode was disabled for this api. + * This method will simply cause an error if the write mode was disabled + * or if the current user doesn't have the right to use it */ public function requestWriteMode() { + global $wgUser; if (!$this->mEnableWrite) - $this->dieUsage('Editing of this site is disabled. Make sure the $wgEnableWriteAPI=true; ' . - 'statement is included in the site\'s LocalSettings.php file', 'noapiwrite'); + $this->dieUsage('Editing of this wiki through the API' . + ' is disabled. Make sure the $wgEnableWriteAPI=true; ' . + 'statement is included in the wiki\'s ' . + 'LocalSettings.php file', 'noapiwrite'); + if (!$wgUser->isAllowed('writeapi')) + $this->dieUsage('You\'re not allowed to edit this ' . + 'wiki through the API', 'writeapidenied'); } /** Index: trunk/phase3/includes/DefaultSettings.php =================================================================== --- trunk/phase3/includes/DefaultSettings.php (revision 35398) +++ trunk/phase3/includes/DefaultSettings.php (revision 35399) @@ -1083,6 +1083,7 @@ $wgGroupPermissions['*' ]['edit'] = true; $wgGroupPermissions['*' ]['createpage'] = true; $wgGroupPermissions['*' ]['createtalk'] = true; +$wgGroupPermissions['*' ]['writeapi'] = true; // Implicit group for all logged-in accounts $wgGroupPermissions['user' ]['move'] = true; @@ -1090,6 +1091,7 @@ $wgGroupPermissions['user' ]['edit'] = true; $wgGroupPermissions['user' ]['createpage'] = true; $wgGroupPermissions['user' ]['createtalk'] = true; +$wgGroupPermissions['user' ]['writeapi'] = true; $wgGroupPermissions['user' ]['upload'] = true; $wgGroupPermissions['user' ]['reupload'] = true; $wgGroupPermissions['user' ]['reupload-shared'] = true; @@ -1107,6 +1109,7 @@ $wgGroupPermissions['bot' ]['autopatrol'] = true; $wgGroupPermissions['bot' ]['suppressredirect'] = true; $wgGroupPermissions['bot' ]['apihighlimits'] = true; +$wgGroupPermissions['bot' ]['writeapi'] = true; #$wgGroupPermissions['bot' ]['editprotected'] = true; // can edit all protected pages without cascade protection enabled // Most extra permission abilities go to this group
