Jump to content

Manual:Hooks/getUserPermissionsErrorsExpensive

From mediawiki.org
getUserPermissionsErrorsExpensive
Available from version 1.12.0
Same as getUserPermissionsErrors as but called only if expensive checks are enabled
Define function:
public static function ongetUserPermissionsErrorsExpensive( $title, $user, $action, &$result ) { ... }
Attach hook: In extension.json:
{
	"Hooks": {
		"getUserPermissionsErrorsExpensive": "MediaWiki\\Extension\\MyExtension\\Hooks::ongetUserPermissionsErrorsExpensive"
	}
}
Called from: File(s): Permissions/PermissionManager.php
Interface: getUserPermissionsErrorsExpensiveHook.php

For more information about attaching hooks, see Manual:Hooks .
For examples of extensions using this hook, see Category:getUserPermissionsErrorsExpensive extensions.

Details

[edit]
  • $title: Title object being checked against
  • $user : Current user object
  • $action: Action being checked
  • &$result: User permissions error to add, in a format understood by PermissionManager::resultToError() like [ 'error-message-name', $parameter ]. If none, return true. Otherwise, the error message is passed all the way to PermissionManager::userCan() and then used in whatever way the calling code wants.

Differences from getUserPermissionsErrors

[edit]

Both hooks are typically run when checking for proper permissions in Title.php . When it is desireable to skip potentially expensive cascading permission checks, only getUserPermissionsErrors is run. This behavior is suitable for nonessential UI controls in common cases, but not for functional access control. This behavior may provide false positives, but should never provide a false negative.