Jump to content

API: Assert

From mediawiki.org
This page is a translated version of the page API:Assert and the translation is 3% complete.
Outdated translations are marked like this.
Versione MediaWiki:
1.23

The assert parameter of the Action API can be set on any API request to verify certain conditions before the requested action is executed.

The available options are:

  • assert=anon: Check that you are acting as an IP user . This prevents accidental use of a registered account. Since MediaWiki 1.35change 572374
  • assert=user: Check that you are using a registered account (either "named" or temporary). This prevents accidental fallback to an IP user.
  • assert=bot: Controlla che l'account abbia i diritti di utente "bot". This prevents your script from interacting with wikis where your bot does not have the bot flag.
  • assertuser=...: Check that you are logged-in with the expected user name. Since MediaWiki 1.28

Note that temporary users satisfy assert=user, and fail assert=anon.

Possible errors

Se il comando assert fallisce, vengono restituiti i codici di errore $1 o $2.

  • assertanonfailed
  • assertuserfailed
  • assertbotfailed
  • assertnameduserfailed

Rationale and use cases

These parameters are intended as a second line of defense against several kinds of problems:

Bot operator errors

It's easy for a simple operator error to cause a lot of bad edits, such as the bot running on the wrong wiki or under the wrong username, especially if you're running more than one bot task. The assert=bot and assertuser=... parameters are intended to help prevent those mistakes.

Login session expiration

After logging in, the cookies you receive are only valid for 30 days by default, after which time your bot will become logged out, and may continue working with its actions being attributed to the IP address or a temporary username (if logged-out users are allowed to perform them).

The assert=user parameter is intended to prevent this.

Switching user accounts

Interactive tools (in the browser) using the API to edit often want to make sure the user understands how their work will be attributed.

When the user logs in or out in another browser tab (or their login session expires), this won't be immediately reflected in the tool's interface, but the new login session will be used for saving actions. The assertuser=... and assert=anon parameters are intended to allow detecting this scenario and displaying an appropriate message before continuing.


Controllare se si è connessi

Se si vuole semplicemente verificare se si è connessi all'API, si può inviare una richiesta con i parametri action=query&assert=user. Questo farà in modo di ricevere una risposta vuota ({} nel formato JSON) se si è effettivamente connessi, o l'errore assertuserfailed in caso contrario.

Normalmente non è necessario farlo. Invece, aggiungere il parametro assert=user a tutte le richieste che dovrebbero essere effettuate da un utente connesso.