Jump to content

API:Assert

From mediawiki.org
This page is a translated version of the page API:Assert and the translation is 3% complete.
Outdated translations are marked like this.
MediaWiki Version:
1.23

The assert parameter of the Action API can be set on any API request to verify certain conditions before the requested action is executed.

The available options are:

  • assert=anon: Check that you are acting as an IP user . This prevents accidental use of a registered account. Seit MediaWiki 1.35change 572374
  • assert=user: Check that you are using a registered account (either "named" or temporary). This prevents accidental fallback to an IP user.
  • assert=bot: Prüft, ob das Konto die "Bot"-Benutzerrechte hat This prevents your script from interacting with wikis where your bot does not have the bot flag.
  • assertuser=...: Check that you are logged-in with the expected user name. Seit MediaWiki 1.28

Note that temporary users satisfy assert=user, and fail assert=anon.

Possible errors

Wenn die Prüfung fehlschlägt, werden die Fehlercodes $1 oder $2 ausgegeben.

  • assertanonfailed
  • assertuserfailed
  • assertbotfailed
  • assertnameduserfailed

Rationale and use cases

These parameters are intended as a second line of defense against several kinds of problems:

Bot operator errors

It's easy for a simple operator error to cause a lot of bad edits, such as the bot running on the wrong wiki or under the wrong username, especially if you're running more than one bot task. The assert=bot and assertuser=... parameters are intended to help prevent those mistakes.

Login session expiration

After logging in, the cookies you receive are only valid for 30 days by default, after which time your bot will become logged out, and may continue working with its actions being attributed to the IP address or a temporary username (if logged-out users are allowed to perform them).

The assert=user parameter is intended to prevent this.

Switching user accounts

Interactive tools (in the browser) using the API to edit often want to make sure the user understands how their work will be attributed.

When the user logs in or out in another browser tab (or their login session expires), this won't be immediately reflected in the tool's interface, but the new login session will be used for saving actions. The assertuser=... and assert=anon parameters are intended to allow detecting this scenario and displaying an appropriate message before continuing.


Prüfen, ob du eingeloggt bist

Wenn du einfach nur prüfen willst, ob du in die Action API eingeloggt bist, kannst du eine Anfrage mit den Parametern action=query&assert=user stellen. Das gibt eine einfache leere Antwort ({} im JSON-Format) zurück, falls man tatsächlich eingeloggt ist, sonst den assertuserfailed-Fehler.

Normalerweise braucht man das nicht zu machen. Man kann stattdessen den assert=user-Parameter an alle Anfragen anhängen, die von einem eingeloggten Benutzer gestellt werden sollten.