Jump to content

API:Ochrana

From mediawiki.org
This page is a translated version of the page API:Protect and the translation is 100% complete.
Verze MediaWiki:
1.12

Požadavek POST pro změnu úrovně ochrany stránky.

Dokumentace API

action=protect

(main | protect)
  • This module requires read rights.
  • This module requires write rights.
  • This module only accepts POST requests.
  • Source: MediaWiki
  • License: GPL-2.0-or-later

Change the protection level of a page.

Specific parameters:
Other general parameters are available.
title

Title of the page to (un)protect. Cannot be used together with pageid.

pageid

ID of the page to (un)protect. Cannot be used together with title.

Type: integer
protections

List of protection levels, formatted action=level (e.g. edit=sysop). A level of all means everyone is allowed to take the action, i.e. no restriction.

Note: Any actions not listed will have restrictions removed.

This parameter is required.
Separate values with | or alternative.
Maximum number of values is 50 (500 for clients that are allowed higher limits).
expiry

Expiry timestamps. If only one timestamp is set, it'll be used for all protections. Use infinite, indefinite, infinity, or never, for a never-expiring protection.

Separate values with | or alternative.
Maximum number of values is 50 (500 for clients that are allowed higher limits).
Default: infinite
reason

Reason for (un)protecting.

Default: (empty)
tags

Change tags to apply to the entry in the protection log.

Values (separate with | or alternative): AWB, convenient-discussions
cascade

Enable cascading protection (i.e. protect transcluded templates and images used in this page). Ignored if none of the given protection levels support cascading.

Type: boolean (details)
watch
Deprecated.

If set, add the page being (un)protected to the current user's watchlist.

Type: boolean (details)
watchlist

Unconditionally add or remove the page from the current user's watchlist, use preferences (ignored for bot users) or do not change watch.

One of the following values: nochange, preferences, unwatch, watch
Default: preferences
watchlistexpiry

Watchlist expiry timestamp. Omit this parameter entirely to leave the current expiry unchanged.

Type: expiry (details)
token

A "csrf" token retrieved from action=query&meta=tokens

This parameter is required.


Příklad

Ochrana stránky se skládá z několika kroků:

  1. Přihlaste se jedním ze způsobů popsaných v API:Přihlášení .
  2. Získejte CSRF token . Tento token je stejný pro všechny stránky, ale mění se při každém přihlášení.
  3. Odešlete požadavek POST s tokenem CSRF za účelem ochrany stránky.

Níže uvedený ukázkový kód podrobně pokrývá třetí krok.

Požadavek POST

Chraňte hlavní stránku na nekonečnou dobu, aby ji mohli upravovat pouze automaticky potvrzení uživatelé a přesunout ji pouze sysopové.

Odpověď

{
    "protect": {
        "title": "Main Page",
        "reason": "",
        "protections": [
            {
                "edit": "autoconfirmed",
                "expiry": "infinite"
            },
            {
                "move": "sysop",
                "expiry": "infinite"
            }
        ]
    }
}

Ukázkový kód

Python

#!/usr/bin/python3

"""
    protect.py

    MediaWiki API Demos
    Demo of `Protect` module: Demo to change the edit protection
    level of a given page.

    MIT License
"""

import requests

S = requests.Session()

URL = "https://test.wikipedia.org/w/api.php"

# Step 1: Retrieve a login token
PARAMS_1 = {
    "action": "query",
    "meta": "tokens",
    "type": "login",
    "format": "json"
}

R = S.get(url=URL, params=PARAMS_1)
DATA = R.json()

LOGIN_TOKEN = DATA['query']['tokens']['logintoken']

# Step 2: Send a post request to login. Use of main account for login
# is not supported. Obtain credentials via Special:BotPasswords
# (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname &
# lgpassword
PARAMS_2 = {
    "action": "login",
    "lgname": "bot_user_name",
    "lgpassword": "bot_password",
    "lgtoken": LOGIN_TOKEN,
    "format": "json"
}

R = S.post(URL, data=PARAMS_2)

# Step 3: While logged in, retrieve a CSRF token
PARAMS_3 = {
    "action": "query",
    "meta": "tokens",
    "type": "csrf",
    "format": "json"
}

R = S.get(url=URL, params=PARAMS_3)
DATA = R.json()

CSRF_TOKEN = DATA["query"]["tokens"]["csrftoken"]

# Step 4: Send a post request to change edit protection level of a page
PARAMS_4 = {
    "title": "User:SSethi (WMF)/common.js",
    "protections": "edit=autoconfirmed|move=sysop",
    "expiry": "infinite",
    "token": CSRF_TOKEN,
    "action": "protect"
}

R = S.post(URL, data=PARAMS_4)
print(R.text)

PHP

<?php

/*
    protect.php

    MediaWiki API Demos
    Demo of `Protect` module: Demo to change the edit protection
	level of a given page.

    MIT license
*/

$endPoint = "https://test.wikipedia.org/w/api.php";

$login_Token = getLoginToken(); // Step 1
loginRequest( $login_Token ); // Step 2
$csrf_Token = getCSRFToken(); // Step 3
protect( $csrf_Token ); // Step 4

// Step 1: GET request to fetch login token
function getLoginToken() {
	global $endPoint;

	$params1 = [
		"action" => "query",
		"meta" => "tokens",
		"type" => "login",
		"format" => "json"
	];

	$url = $endPoint . "?" . http_build_query( $params1 );

	$ch = curl_init( $url );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );

	$result = json_decode( $output, true );
	return $result["query"]["tokens"]["logintoken"];
}

// Step 2: POST request to log in. Use of main account for login is not
// supported. Obtain credentials via Special:BotPasswords
// (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & lgpassword
function loginRequest( $logintoken ) {
	global $endPoint;

	$params2 = [
		"action" => "login",
		"lgname" => "bot_user_name",
		"lgpassword" => "bot_password",
		"lgtoken" => $logintoken,
		"format" => "json"
	];

	$ch = curl_init();

	curl_setopt( $ch, CURLOPT_URL, $endPoint );
	curl_setopt( $ch, CURLOPT_POST, true );
	curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params2 ) );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );

}

// Step 3: GET request to fetch CSRF token
function getCSRFToken() {
	global $endPoint;

	$params3 = [
		"action" => "query",
		"meta" => "tokens",
		"format" => "json"
	];

	$url = $endPoint . "?" . http_build_query( $params3 );

	$ch = curl_init( $url );

	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );

	$result = json_decode( $output, true );
	return $result["query"]["tokens"]["csrftoken"];
}

// Step 4: POST request to change edit protection level of a page
function protect( $csrftoken ) {
	global $endPoint;

	$params4 = [
		"action" => "protect",
		"title" => "Sandbox",
		"protections" => "edit=autoconfirmed|move=sysop",
		"expiry" => "infinite",
		"token" => $csrftoken,
		"format" => "json"
	];

	$ch = curl_init();

	curl_setopt( $ch, CURLOPT_URL, $endPoint );
	curl_setopt( $ch, CURLOPT_POST, true );
	curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params4 ) );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );

	echo ( $output );
}

JavaScript

/*  
    protect.js
 
    MediaWiki API Demos
    Demo of `Protect` module: Demo to change the edit protection
	level of a given page.

    MIT license
*/

var request = require('request').defaults({jar: true}),
    url = "http://dev.wiki.local.wmftest.net:8080/w/api.php";

// Step 1: GET request to fetch login token
function getLoginToken() {
    var params_0 = {
        action: "query",
        meta: "tokens",
        type: "login",
        format: "json"
    };

    request.get({ url: url, qs: params_0 }, function (error, res, body) {
        if (error) {
            return;
        }
        var data = JSON.parse(body);
        loginRequest(data.query.tokens.logintoken);
    });
}

// Step 2: POST request to log in. 
// Use of main account for login is not
// supported. Obtain credentials via Special:BotPasswords
// (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & lgpassword
function loginRequest(login_token) {
    var params_1 = {
        action: "login",
        lgname: "bot_username",
        lgpassword: "bot_password",
        lgtoken: login_token,
        format: "json"
    };

    request.post({ url: url, form: params_1 }, function (error, res, body) {
        if (error) {
            return;
        }
        getCsrfToken();
    });
}

// Step 3: GET request to fetch CSRF token
function getCsrfToken() {
    var params_2 = {
        action: "query",
        meta: "tokens",
        format: "json"
    };

    request.get({ url: url, qs: params_2 }, function(error, res, body) {
        if (error) {
            return;
        }
        var data = JSON.parse(body);
        protect(data.query.tokens.csrftoken);
    });
}

// Step 4: POST request to change edit protection level of a page
function protect(csrf_token) {
    var params_3 = {
        action: "protect",
        title: "Sandbox",
        protections: "edit=autoconfirmed|move=sysop",
        expiry: "infinite",
        token: csrf_token,
        format: "json"
    };

    request.post({ url: url, form: params_3 }, function (error, res, body) {
        if (error) {
            return;
        }
        console.log(body);
    });
}

// Start From Step 1
getLoginToken();

MediaWiki JS

/*
	protect.js

	MediaWiki API Demos
	Demo of `Protect` module: Demo to change the edit protection
    level of a given page.

	MIT License
*/

var params = {
		action: 'protect',
		title: 'Sandbo2',
		protections: 'edit=autoconfirmed|move=sysop',
		expiry: 'infinite',
		format: 'json'
	},
	api = new mw.Api();

api.postWithToken( 'csrf', params ).done( function ( data ) {
	console.log( data );
} );

Možné chyby

Kromě standardních chybových zpráv:

Kód Popis
notitle The title parameter must be set.
notoken The token parameter must be set.
noprotections The protections parameter must be set.
invalidexpiry Invalid expiry time "expiry".
To znamená, že časové razítko vypršení platnosti bylo neplatně naformátováno nebo neexistuje (například 31. listopadu nebo 24:05). Tato chyba bude také vyvolána, když je platné datum před rokem 1970.
pastexpiry Expiry time "expiry" is in the past.
toofewexpiries number expiry timestamps were provided where number2 were needed.
Tato chyba je špatně pojmenována: Je také vyvolána, když zadáte příliš mnoho časů vypršení platnosti
cantedit Tuto stránku nemůžete chránit, protože ji nemůžete upravovat
create-titleexists Existing titles can't be protected with create.
missingtitle-createonly Missing titles can only be protected with create.
protect-invalidaction Invalid protection type "type".
protect-invalidlevel Invalid protection level "level".

Historie parametrů

  • v1.27: Představeno tags
  • v1.20: Představeno pageid
  • v1.17: Představeno watchlist Zastaralé watch
  • v1.15: Představeno watch

Další poznámky

  • Tento modul vyžaduje práva protect.
  • Pro MediaWiki verze 1.19 a starší můžete získat ochranný token prostřednictvím API:Informace .
  • Pro MediaWiki 1.20-1.23 můžete získat ochranný token na API:Tokens_(action) .

Související odkazy