Page MenuHomePhabricator
Create Task
Maniphest T260924

Question: What rights are used by the Core REST API user contributions endpoints?
Closed, ResolvedPublic
Actions

Description

To support OAuth clients created via the API Portal, we'll need to consider the rights used by the Core REST API user contributions endpoints.

For example, the PageHistoryCountHandler uses the bot right.

Event Timeline

apaskulin created this task.Aug 20 2020, 4:32 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 20 2020, 4:32 PM
Pchelolo subscribed.Aug 20 2020, 6:33 PM

What do you mean by "rights used"? Which permissions should the user using the endpoint have?

For example, the PageHistoryCountHandler uses the bot right.

It looks up users that have the 'bot' permission, but the user using the endpoint doesn't need to have a 'bot' right to use it.

apaskulin closed this task as Resolved.Aug 20 2020, 8:30 PM
apaskulin claimed this task.

This was a mistake in my understanding, which @Pchelolo helped me with offline :)

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits