API:Restricting API usage/ko
 | 이 문서는 MediaWiki Action API 문서의 부분입니다. |
There are several ways to restrict usage of (certain parts of) the API to certain groups of users, or to disable it altogether. Some of these require changing group permissions.
Disabling general access
There is no dedicated user permission for accessing the API. To disable API access for a specific user group, you can disable read permissions for that group. For instance, to disallow anonymous requests,
$wgGroupPermissions['*']['read'] = false;
Note that some API modules may be available regardless. If access is successfully prevented, the API output will usually show the error code 'readapidenied'.
모듈 비활성화
You can disable individual modules for all users by adding a line to LocalSettings.php.
Exactly what to add depends on the type of module you want to disable:
- For
action=modules, use$wgAPIModules['modulename'] = 'ApiDisabled';
- For
prop=modules, use$wgAPIPropModules['modulename'] = 'ApiQueryDisabled';
- For
list=modules, use$wgAPIListModules['modulename'] = 'ApiQueryDisabled';
- For
meta=modules, use$wgAPIMetaModules['modulename'] = 'ApiQueryDisabled';
예시
To disable anyone from using action=edit:
$wgAPIModules['edit'] = 'ApiDisabled';
To limit the access of an API action, add the following hook for ApiCheckCanExecute:
static function onApiCheckCanExecute( $module, $user, &$message ) {
$moduleName = $module->getModuleName();
if (
$moduleName == 'action' &&
!in_array( 'right', $user->getRights() )
) {
$message = 'apierror-action-notallowed';
return false;
}
return true;
}
Replace 'action', 'right' and 'apierror-action-notallowed' with the appropriate values.