On 1/4/08, Brion Vibber brion@wikimedia.org wrote:
In general I'm against duplicate code in the API -- that's absolutely the wrong way forward, and doubly so when doing any sort of 'write' or security-related operation.
Instead, existing mixed code should be refactored into clean back- and front-end sections.
When I did the work on Userrights, I did my best to ensure that the rights-changing code was as modular as possible (it's all abstracted into backend subroutines, which don't make any reference to the form itself). These, therefore, may be very easily moved out into wherever they should be, or you could even instantiate the Userrightsform class and call the methods on that (after making them public).