Merge pull request wikimedia-gadgets#888 from Amorymeltzer/morebits-c…

…srftoken morebits: Use csrftoken obtained via meta=tokens
wiki-ST47 · Mar 29, 2020 · 0bd6b92 · 0bd6b92
2 parents 3c50800 + 900f2e9
commit 0bd6b92
Show file tree

Hide file tree

Showing 3 changed files with 196 additions and 183 deletions.
diff --git a/modules/twinkleblock.js b/modules/twinkleblock.js
@@ -3,7 +3,7 @@
 
 (function($) {
 
-var api = new mw.Api(), relevantUserName;
+var relevantUserName;
 var menuFormattedNamespaces = $.extend({}, mw.config.get('wgFormattedNamespaces'));
 menuFormattedNamespaces[0] = '(Article)';
 
@@ -97,7 +97,7 @@ Twinkle.block.callback = function twinkleblockCallback() {
 };
 
 Twinkle.block.fetchUserInfo = function twinkleblockFetchUserInfo(fn) {
-
+	var api = new mw.Api();
 	api.get({
 		format: 'json',
 		action: 'query',
@@ -1434,19 +1434,14 @@ Twinkle.block.callback.evaluate = function twinkleblockCallbackEvaluate(e) {
 		blockoptions.allowusertalk = blockoptions.disabletalk ? undefined : true;
 
 		// execute block
-		api.getToken('block').then(function(token) {
-			statusElement.status('Processing...');
-			blockoptions.token = token;
-			var mbApi = new Morebits.wiki.api('Executing block', blockoptions, function() {
-				statusElement.info('Completed');
-				if (toWarn) {
-					Twinkle.block.callback.issue_template(templateoptions);
-				}
-			});
-			mbApi.post();
-		}, function() {
-			statusElement.error('Unable to fetch block token');
+		blockoptions.token = mw.user.tokens.get('csrfToken');
+		var mbApi = new Morebits.wiki.api('Executing block', blockoptions, function() {
+			statusElement.info('Completed');
+			if (toWarn) {
+				Twinkle.block.callback.issue_template(templateoptions);
+			}
 		});
+		mbApi.post();
 	} else if (toWarn) {
 		Morebits.simpleWindow.setButtonsEnabled(false);
 

diff --git a/modules/twinklefluff.js b/modules/twinklefluff.js
@@ -241,7 +241,9 @@ Twinkle.fluff.revert = function revertPage(type, vandal, autoRevert, rev, page)
 		'titles': pagename,
 		'rvlimit': 50, // intentionally limited
 		'rvprop': [ 'ids', 'timestamp', 'user', 'comment' ],
-		'intoken': 'edit'
+		'curtimestamp': '',
+		'meta': 'tokens',
+		'type': 'csrf'
 	};
 	var wikipedia_api = new Morebits.wiki.api('Grabbing data of earlier revisions', query, Twinkle.fluff.callbacks.main);
 	wikipedia_api.params = params;
@@ -259,8 +261,10 @@ Twinkle.fluff.revertToRevision = function revertToRevision(oldrev) {
 		'rvlimit': 1,
 		'rvstartid': oldrev,
 		'rvprop': [ 'ids', 'timestamp', 'user', 'comment' ],
-		'intoken': 'edit',
-		'format': 'xml'
+		'format': 'xml',
+		'curtimestamp': '',
+		'meta': 'tokens',
+		'type': 'csrf'
 	};
 	var wikipedia_api = new Morebits.wiki.api('Grabbing data of the earlier revision', query, Twinkle.fluff.callbacks.toRevision.main);
 	wikipedia_api.params = { rev: oldrev };
@@ -278,8 +282,8 @@ Twinkle.fluff.callbacks = {
 
 			var lastrevid = parseInt($(xmlDoc).find('page').attr('lastrevid'), 10);
 			var touched = $(xmlDoc).find('page').attr('touched');
-			var starttimestamp = $(xmlDoc).find('page').attr('starttimestamp');
-			var edittoken = $(xmlDoc).find('page').attr('edittoken');
+			var loadtimestamp = $(xmlDoc).find('api').attr('curtimestamp');
+			var csrftoken = $(xmlDoc).find('tokens').attr('csrftoken');
 			var revertToRevID = $(xmlDoc).find('rev').attr('revid');
 			var revertToUser = $(xmlDoc).find('rev').attr('user');
 
@@ -299,11 +303,11 @@ Twinkle.fluff.callbacks = {
 				'action': 'edit',
 				'title': mw.config.get('wgPageName'),
 				'summary': summary,
-				'token': edittoken,
+				'token': csrftoken,
 				'undo': lastrevid,
 				'undoafter': revertToRevID,
 				'basetimestamp': touched,
-				'starttimestamp': starttimestamp,
+				'starttimestamp': loadtimestamp,
 				'watchlist': Twinkle.getPref('watchRevertedPages').indexOf('torev') !== -1 ? 'watch' : undefined,
 				'minor': Twinkle.getPref('markRevertedPagesAsMinor').indexOf('torev') !== -1 ? true : undefined
 			};
@@ -322,8 +326,8 @@ Twinkle.fluff.callbacks = {
 
 		var lastrevid = parseInt($(xmlDoc).find('page').attr('lastrevid'), 10);
 		var touched = $(xmlDoc).find('page').attr('touched');
-		var starttimestamp = $(xmlDoc).find('page').attr('starttimestamp');
-		var edittoken = $(xmlDoc).find('page').attr('edittoken');
+		var loadtimestamp = $(xmlDoc).find('api').attr('curtimestamp');
+		var csrftoken = $(xmlDoc).find('tokens').attr('csrftoken');
 		var lastuser = $(xmlDoc).find('rev').attr('user');
 
 		var revs = $(xmlDoc).find('rev');
@@ -510,18 +514,18 @@ Twinkle.fluff.callbacks = {
 				$flagged.attr('stable_revid') >= self.params.goodid &&
 				$flagged.attr('pending_since')) {
 			self.params.reviewRevert = true;
-			self.params.edittoken = edittoken;
+			self.params.csrftoken = csrftoken;
 		}
 
 		query = {
 			'action': 'edit',
 			'title': self.params.pagename,
 			'summary': summary,
-			'token': edittoken,
+			'token': csrftoken,
 			'undo': lastrevid,
 			'undoafter': self.params.goodid,
 			'basetimestamp': touched,
-			'starttimestamp': starttimestamp,
+			'starttimestamp': loadtimestamp,
 			'watchlist': Twinkle.getPref('watchRevertedPages').indexOf(self.params.type) !== -1 ? 'watch' : undefined,
 			'minor': Twinkle.getPref('markRevertedPagesAsMinor').indexOf(self.params.type) !== -1 ? true : undefined
 		};
@@ -551,7 +555,7 @@ Twinkle.fluff.callbacks = {
 				var query = {
 					'action': 'review',
 					'revid': $edit.attr('newrevid'),
-					'token': apiobj.params.edittoken,
+					'token': apiobj.params.csrftoken,
 					'comment': Twinkle.getPref('summaryAd').trim()
 				};
 				var wikipedia_api = new Morebits.wiki.api('Automatically accepting your changes', query);