API:Restricting API usage/de

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page API:Restricting API usage and the translation is 23% complete.
Other languages:
Deutsch • ‎English • ‎Türkçe • ‎dansk • ‎español • ‎français • ‎polski • ‎русский • ‎ไทย • ‎中文 • ‎日本語 • ‎한국어
MediaWiki Action API
Grundlagen
Authentifizierung
Benutzerkonten und Benutzer
Seitenoperationen
Suche
Entwicklerwerkzeuge
Tutorials
v · d · e

There are several ways to restrict usage of (certain parts of) the API to certain groups of users, or to disable it altogether. Some of these require changing group permissions.

Deaktivieren der gesamten API

You can disable the API as a whole by setting $wgEnableAPI = false; in LocalSettings.php . The API is enabled by default.

This configuration setting was deprecated starting with MediaWiki 1.31.0 and will be removed in future versions meaning that disabling the API will no longer be possible.

Deaktivieren der Schreib-API

You can disable all write modules by setting $wgEnableWriteAPI = false; in LocalSettings.php. The write API is enabled by default as of MediaWiki 1.14, and disabled by default in older versions.

This configuration setting was deprecated starting with MediaWiki 1.31.0 and will be removed in future versions meaning that disabling the write API will no longer be possible.

Zugriff auf die Schreib-API einschränken

You can deny certain groups the right to use the write API by denying them the writeapi right. By default, all groups have the writeapi right. However, both the writeapi right and $wgEnableWriteAPI = true; are required in order to use the write API.

Module deaktivieren

You can disable individual modules for all users by adding a line to LocalSettings.php. Exactly what to add depends on the type of module you want to disable:

Beispiel

To disable anyone who isn't a sysop from using action=edit: 

if ( !in_array( 'sysop', $wgUser->getGroups() ) ) {
	$wgAPIModules['edit'] = 'ApiDisabled';
}

To limit the access of an API action, add the following hook for ApiCheckCanExecute : 

static function onApiCheckCanExecute( $module, $user, &$message ) {
    $moduleName = $module->getModuleName();
    if (
        $moduleName == 'action' &&
        !in_array( 'right', $user->getRights() )
    ) {
        $message = 'apierror-action-notallowed';
        return false;
    }
    return true;
}

Replace 'action', 'right' and 'apierror-action-notallowed' with the appropriate values.

Retrieved from "https://www.mediawiki.org/w/index.php?title=API:Restricting_API_usage/de&oldid=3841634"