46 lines
909 B
PHP
46 lines
909 B
PHP
<?php
|
|
|
|
class CommentDeleteAPI extends ApiBase {
|
|
|
|
public function execute() {
|
|
$user = $this->getUser();
|
|
|
|
$comment = Comment::newFromID( $this->getMain()->getVal( 'commentID' ) );
|
|
// Blocked users cannot delete comments, and neither can unprivileged ones.
|
|
// Also check for database read-only status
|
|
if (
|
|
$user->isBlocked() ||
|
|
!(
|
|
$user->isAllowed( 'commentadmin' ) ||
|
|
$user->isAllowed( 'comment-delete-own' ) && $comment->isOwner( $user )
|
|
) ||
|
|
wfReadOnly()
|
|
) {
|
|
return true;
|
|
}
|
|
|
|
$comment->delete();
|
|
|
|
$result = $this->getResult();
|
|
$result->addValue( $this->getModuleName(), 'ok', 'ok' );
|
|
return true;
|
|
}
|
|
|
|
public function needsToken() {
|
|
return 'csrf';
|
|
}
|
|
|
|
public function isWriteMode() {
|
|
return true;
|
|
}
|
|
|
|
public function getAllowedParams() {
|
|
return [
|
|
'commentID' => [
|
|
ApiBase::PARAM_REQUIRED => true,
|
|
ApiBase::PARAM_TYPE => 'integer'
|
|
]
|
|
];
|
|
}
|
|
}
|