API:保護
Appearance
このページは MediaWiki 操作 API の説明文書の一部です。 |
MediaWiki バージョン: | ≧ 1.12 |
ページの保護レベルを変更するPOST リクエストです。
APIの説明文書
例
Protecting a page is a multi-step process:
- Log in using one of the methods described in API:ログイン .
- Get a CSRF token . This token is the same for all pages, but changes at every login.
- Send a POST request with the CSRF token in order to protect the page.
The sample code below covers the third step in detail.
POST リクエスト
Protect the Main Page for an infinite of time to allow only autoconfirmed users to edit it and only sysops to move it.
api.php? action=protect& title=Main_Page& protections=edit=autoconfirmed|move=sysop& expiry=infinite& token=123ABC [ApiSandbox で試用する]
レスポンス
{
"protect": {
"title": "Main Page",
"reason": "",
"protections": [
{
"edit": "autoconfirmed",
"expiry": "infinite"
},
{
"move": "sysop",
"expiry": "infinite"
}
]
}
}
サンプル コード
Python
#!/usr/bin/python3
"""
protect.py
MediaWiki API Demos
Demo of `Protect` module: Demo to change the edit protection
level of a given page.
MIT License
"""
import requests
S = requests.Session()
URL = "https://test.wikipedia.org/w/api.php"
# Step 1: Retrieve a login token
PARAMS_1 = {
"action": "query",
"meta": "tokens",
"type": "login",
"format": "json"
}
R = S.get(url=URL, params=PARAMS_1)
DATA = R.json()
LOGIN_TOKEN = DATA['query']['tokens']['logintoken']
# Step 2: Send a post request to login. Use of main account for login
# is not supported. Obtain credentials via Special:BotPasswords
# (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname &
# lgpassword
PARAMS_2 = {
"action": "login",
"lgname": "bot_user_name",
"lgpassword": "bot_password",
"lgtoken": LOGIN_TOKEN,
"format": "json"
}
R = S.post(URL, data=PARAMS_2)
# Step 3: While logged in, retrieve a CSRF token
PARAMS_3 = {
"action": "query",
"meta": "tokens",
"type": "csrf",
"format": "json"
}
R = S.get(url=URL, params=PARAMS_3)
DATA = R.json()
CSRF_TOKEN = DATA["query"]["tokens"]["csrftoken"]
# Step 4: Send a post request to change edit protection level of a page
PARAMS_4 = {
"title": "User:SSethi (WMF)/common.js",
"protections": "edit=autoconfirmed|move=sysop",
"expiry": "infinite",
"token": CSRF_TOKEN,
"action": "protect"
}
R = S.post(URL, data=PARAMS_4)
print(R.text)
PHP
<?php
/*
protect.php
MediaWiki API Demos
Demo of `Protect` module: Demo to change the edit protection
level of a given page.
MIT license
*/
$endPoint = "https://test.wikipedia.org/w/api.php";
$login_Token = getLoginToken(); // Step 1
loginRequest( $login_Token ); // Step 2
$csrf_Token = getCSRFToken(); // Step 3
protect( $csrf_Token ); // Step 4
// Step 1: GET request to fetch login token
function getLoginToken() {
global $endPoint;
$params1 = [
"action" => "query",
"meta" => "tokens",
"type" => "login",
"format" => "json"
];
$url = $endPoint . "?" . http_build_query( $params1 );
$ch = curl_init( $url );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );
$output = curl_exec( $ch );
curl_close( $ch );
$result = json_decode( $output, true );
return $result["query"]["tokens"]["logintoken"];
}
// Step 2: POST request to log in. Use of main account for login is not
// supported. Obtain credentials via Special:BotPasswords
// (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & lgpassword
function loginRequest( $logintoken ) {
global $endPoint;
$params2 = [
"action" => "login",
"lgname" => "bot_user_name",
"lgpassword" => "bot_password",
"lgtoken" => $logintoken,
"format" => "json"
];
$ch = curl_init();
curl_setopt( $ch, CURLOPT_URL, $endPoint );
curl_setopt( $ch, CURLOPT_POST, true );
curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params2 ) );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );
$output = curl_exec( $ch );
curl_close( $ch );
}
// Step 3: GET request to fetch CSRF token
function getCSRFToken() {
global $endPoint;
$params3 = [
"action" => "query",
"meta" => "tokens",
"format" => "json"
];
$url = $endPoint . "?" . http_build_query( $params3 );
$ch = curl_init( $url );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );
$output = curl_exec( $ch );
curl_close( $ch );
$result = json_decode( $output, true );
return $result["query"]["tokens"]["csrftoken"];
}
// Step 4: POST request to change edit protection level of a page
function protect( $csrftoken ) {
global $endPoint;
$params4 = [
"action" => "protect",
"title" => "Sandbox",
"protections" => "edit=autoconfirmed|move=sysop",
"expiry" => "infinite",
"token" => $csrftoken,
"format" => "json"
];
$ch = curl_init();
curl_setopt( $ch, CURLOPT_URL, $endPoint );
curl_setopt( $ch, CURLOPT_POST, true );
curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params4 ) );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );
$output = curl_exec( $ch );
curl_close( $ch );
echo ( $output );
}
JavaScript
/*
protect.js
MediaWiki API Demos
Demo of `Protect` module: Demo to change the edit protection
level of a given page.
MIT license
*/
var request = require('request').defaults({jar: true}),
url = "http://dev.wiki.local.wmftest.net:8080/w/api.php";
// Step 1: GET request to fetch login token
function getLoginToken() {
var params_0 = {
action: "query",
meta: "tokens",
type: "login",
format: "json"
};
request.get({ url: url, qs: params_0 }, function (error, res, body) {
if (error) {
return;
}
var data = JSON.parse(body);
loginRequest(data.query.tokens.logintoken);
});
}
// Step 2: POST request to log in.
// Use of main account for login is not
// supported. Obtain credentials via Special:BotPasswords
// (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & lgpassword
function loginRequest(login_token) {
var params_1 = {
action: "login",
lgname: "bot_username",
lgpassword: "bot_password",
lgtoken: login_token,
format: "json"
};
request.post({ url: url, form: params_1 }, function (error, res, body) {
if (error) {
return;
}
getCsrfToken();
});
}
// Step 3: GET request to fetch CSRF token
function getCsrfToken() {
var params_2 = {
action: "query",
meta: "tokens",
format: "json"
};
request.get({ url: url, qs: params_2 }, function(error, res, body) {
if (error) {
return;
}
var data = JSON.parse(body);
protect(data.query.tokens.csrftoken);
});
}
// Step 4: POST request to change edit protection level of a page
function protect(csrf_token) {
var params_3 = {
action: "protect",
title: "Sandbox",
protections: "edit=autoconfirmed|move=sysop",
expiry: "infinite",
token: csrf_token,
format: "json"
};
request.post({ url: url, form: params_3 }, function (error, res, body) {
if (error) {
return;
}
console.log(body);
});
}
// Start From Step 1
getLoginToken();
MediaWiki JS
/*
protect.js
MediaWiki API Demos
Demo of `Protect` module: Demo to change the edit protection
level of a given page.
MIT License
*/
var params = {
action: 'protect',
title: 'Sandbo2',
protections: 'edit=autoconfirmed|move=sysop',
expiry: 'infinite',
format: 'json'
},
api = new mw.Api();
api.postWithToken( 'csrf', params ).done( function ( data ) {
console.log( data );
} );
起こりうるエラー
In addition to the standard error messages:
コード | 情報 |
---|---|
notitle | パラメーター title を設定してください。 |
notoken | パラメーター token を設定してください。 |
noprotections | パラメーター protections を設定してください。 |
invalidexpiry | Invalid expiry time "expiry". This means the expiry timestamp was invalidly formatted or is nonexistent (like November 31 or 24:05). This error will also be thrown when a valid date is before 1970.
|
pastexpiry | Expiry time "expiry" is in the past. |
toofewexpiries | number expiry timestamps were provided where number2 were needed. This error is misnamed: it's also thrown when you specify too many expiry times
|
cantedit | You can't protect this page because you can't edit it |
create-titleexists | Existing titles can't be protected with create. |
missingtitle-createonly | Missing titles can only be protected with create. |
protect-invalidaction | Invalid protection type "type". |
protect-invalidlevel | Invalid protection level "level". |
パラメーターの履歴
- v1.27:
tags
を導入しました - v1.20:
pageid
を導入しました - v1.17:
watchlist
を導入しました。watch
を廃止予定にしました - v1.15:
watch
を導入しました
追加的な注記
- このモジュールは
protect
権限を必要とします。
- For MediaWiki versions 1.19 and earlier, you can obtain a protect token through API:情報 .
- For MediaWiki 1.20-1.23, you can obtain a protect token through API:tokens (操作) .
関連項目
- API:保護されたページ名 - Get a list of titles protected from creation.