API:API 사용 제한

This page is a translated version of the page API:Restricting API usage and the translation is 18% complete.

이 문서는 MediaWiki Action API 문서의 부분입니다.

There are several ways to restrict usage of (certain parts of) the API to certain groups of users, or to disable it altogether. Some of these require changing group permissions.

Restricting access to the write API

You can deny certain groups the right to use the write API by denying them the writeapi right. By default, all groups have the writeapi right.

모듈 비활성화

You can disable individual modules for all users by adding a line to LocalSettings.php. Exactly what to add depends on the type of module you want to disable:

For action= modules, use $wgAPIModules ['modulename'] = 'ApiDisabled';

For prop= modules, use $wgAPIPropModules ['modulename'] = 'ApiQueryDisabled';

For list= modules, use $wgAPIListModules ['modulename'] = 'ApiQueryDisabled';

For meta= modules, use $wgAPIMetaModules ['modulename'] = 'ApiQueryDisabled';

예시

To disable anyone who isn't a sysop from using action=edit:

if ( !in_array( 'sysop', $wgUser->getGroups() ) ) {
	$wgAPIModules['edit'] = 'ApiDisabled';
}

To limit the access of an API action, add the following hook for ApiCheckCanExecute :

static function onApiCheckCanExecute( $module, $user, &$message ) {
    $moduleName = $module->getModuleName();
    if (
        $moduleName == 'action' &&
        !in_array( 'right', $user->getRights() )
    ) {
        $message = 'apierror-action-notallowed';
        return false;
    }
    return true;
}

Replace 'action', 'right' and 'apierror-action-notallowed' with the appropriate values.