[Gerrit] [FIX] Tokens: Return the csrf token and request correct site - change (pywikibot/core) - Pywikibot-commits

12 Sep 2014

jenkins-bot has submitted this change and it was merged.
Change subject: [FIX] Tokens: Return the csrf token and request correct site
......................................................................
[FIX] Tokens: Return the csrf token and request correct site
This fixes two major problems:
- When a token with the old name is requested (e.g. 'edit') it
  uses the new 'csrf' token instead and saves it as an 'csrf' token
  in the cache. So the request afterwards must return the 'csrf'
  and not 'edit' token (which doesn't exist)
- It must request with the current site and not the default site,
  otherwise the default site might return an invalid token or will
  emit warnings because it doesn't understand the new API (and the
  version check was with the intended and not the default site)
Instead of a warning, it only returns '+' if the user has not enough
rights with the new token system, so this is dropping all tokens
which only consist of those two letters.
Bug: 70760
Bug: 70766
Change-Id: I38e326c0f5382a585fba11bc6cbfba1a3dffaca5
---
M pywikibot/site.py
1 file changed, 11 insertions(+), 7 deletions(-)
Approvals:
  Mpaa: Looks good to me, approved
  jenkins-bot: Verified

diff --git a/pywikibot/site.py b/pywikibot/site.py
index eb7cf93..4fb586f 100644
--- a/pywikibot/site.py
+++ b/pywikibot/site.py
@@ -1185,9 +1185,16 @@
     def __init__(self, site):
         self.site = site
         self.site._tokens = {}
+        # TODO: Fetch that from the API with paraminfo
+        self.special_names = set(['deleteglobalaccount', 'patrol', 'rollback',
+                                  'setglobalaccountstatus', 'userrights',
+                                  'watch'])
def __getitem__(self, key):
         storage = self.site._tokens.setdefault(self.site.user(), {})
+        if (LV(self.site.version()) >= LV('1.24wmf19')
+                and key not in self.special_names):
+            key = 'csrf'
         if key not in storage:
             self.site.preload_tokens([key])
         return storage[key]
@@ -2295,20 +2302,17 @@
                 data = api.Request(site=self, action='tokens',
                                    type='|'.join(types)).submit()
             else:
-                # TODO: Fetch that from the API with paraminfo
-                special_names = set(['deleteglobalaccount', 'patrol', 'rollback',
-                                     'setglobalaccountstatus', 'userrights',
-                                     'watch'])
-                new_tokens = [token if token in special_names else 'csrf'
+                new_tokens = [token if token in self.tokens.special_names else 'csrf'
                               for token in types]
-                data = api.Request(action='query', meta='tokens',
+                data = api.Request(site=self, action='query', meta='tokens',
                                    type='|'.join(new_tokens)).submit()
                 if 'query' in data:
                     data = data['query']
if 'tokens' in data and data['tokens']:
                 storage.update(dict((key[:-5], val)
-                                    for key, val in data['tokens'].items()))
+                                    for key, val in data['tokens'].items()
+                                    if val != '+\'))
@deprecated("the 'tokens' property")
     def token(self, page, tokentype):
-- 
To view, visit https://gerrit.wikimedia.org/r/159991
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I38e326c0f5382a585fba11bc6cbfba1a3dffaca5
Gerrit-PatchSet: 3
Gerrit-Project: pywikibot/core
Gerrit-Branch: master
Gerrit-Owner: XZise CommodoreFabianus@gmx.de
Gerrit-Reviewer: Ladsgroup ladsgroup@gmail.com
Gerrit-Reviewer: Merlijn van Deen valhallasw@arctus.nl
Gerrit-Reviewer: Mpaa mpaa.wiki@gmail.com
Gerrit-Reviewer: jenkins-bot <>


    