Roan Kattouw wrote:
Brion Vibber schreef:
It's a bit cleaner in API terms, but I'm a bit leery of the way the functions were split up and errors returned with numerically-indexed arrays (plus I'm still very leery of having a change groups action in the API at all) so for now I've taken it back out.
Could you be more specific as to how the implementation could be changed to be of acceptable quality? Also, why don't you want changerights in the API?
The more privileged operations are in an undermaintained secondary interface, the more likely we are to have security problems. As such I should warn that I currently would not accept a ChangeRights api module at all, no matter how it's implemented.
In theory though, API and UI modules should *both* make clean calls to backend classes. An ideal API or UI module should never touch the database, for instance, nor check permissions.
-- brion vibber (brion @ wikimedia.org)