Revert "Use CsrfTokenSet as CSRF token source"

This reverts commit 0d75fdb4f73ddbf4ad5f29e14258d58e507d55b4. Bug: T287542 Change-Id: Iedd3461869f973f8d621a39e6ad4674cbb577551
author: Kunal Mehta <legoktm@debian.org> 2021-08-04 23:54:11 -0700
committer: Kunal Mehta <legoktm@debian.org> 2021-08-05 15:48:26 -0700
commit: a85f569dd1c5efca1d0c64f824b27f9071aa93c6 (patch)
tree: 1894dab29db0518fd4c7ea9404dc2bbab9154f99 /includes/api/ApiQueryUsers.php
parent: b01945fb4e6fb9a1730982660b37e45b520edaf7 (diff)
download: mediawikicore-a85f569dd1c5efca1d0c64f824b27f9071aa93c6.tar.gz
mediawikicore-a85f569dd1c5efca1d0c64f824b27f9071aa93c6.zip
1 files changed, 1 insertions, 4 deletions
diff --git a/includes/api/ApiQueryUsers.php b/includes/api/ApiQueryUsers.php
index fecc56c9f55f..5dd07292416a 100644
--- a/includes/api/ApiQueryUsers.php
+++ b/includes/api/ApiQueryUsers.php
@@ -22,7 +22,6 @@
 
 use MediaWiki\Auth\AuthManager;
 use MediaWiki\Block\DatabaseBlock;
-use MediaWiki\Session\CsrfTokenSet;
 use MediaWiki\User\UserFactory;
 use MediaWiki\User\UserGroupManager;
 use MediaWiki\User\UserNameUtils;
@@ -134,9 +133,7 @@ class ApiQueryUsers extends ApiQueryBase {
 	public static function getUserrightsToken( User $actingUser, $targetUser ) {
 		// Since the permissions check for userrights is non-trivial,
 		// don't bother with it here
-		return ( new CsrfTokenSet( $actingUser->getRequest() ) )
-			->getToken( $targetUser->getName() )
-			->toString();
+		return $actingUser->getEditToken( $targetUser->getName() );
 	}
 
 	public function execute() {
author	Kunal Mehta <legoktm@debian.org>	2021-08-04 23:54:11 -0700
committer	Kunal Mehta <legoktm@debian.org>	2021-08-05 15:48:26 -0700
commit	a85f569dd1c5efca1d0c64f824b27f9071aa93c6 (patch)
tree	1894dab29db0518fd4c7ea9404dc2bbab9154f99 /includes/api/ApiQueryUsers.php
parent	b01945fb4e6fb9a1730982660b37e45b520edaf7 (diff)
download	mediawikicore-a85f569dd1c5efca1d0c64f824b27f9071aa93c6.tar.gz mediawikicore-a85f569dd1c5efca1d0c64f824b27f9071aa93c6.zip