jenkins-bot has submitted this change and it was merged.
Change subject: Make a method to check permissions against only the specific
revision
......................................................................
Make a method to check permissions against only the specific revision
While it's generally ok to check against both the given revision and
the most recent, for history entries, we'll want to only check the
given revision.
Change-Id: Ia47fa864a0d85e06b0479810ba44c0f2562780a7
---
M includes/RevisionActionPermissions.php
1 file changed, 61 insertions(+), 20 deletions(-)
Approvals:
EBernhardson: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/RevisionActionPermissions.php
b/includes/RevisionActionPermissions.php
index 3aaccd3..a581f3f 100644
--- a/includes/RevisionActionPermissions.php
+++ b/includes/RevisionActionPermissions.php
@@ -54,25 +54,7 @@
* @return bool
*/
public function isAllowed( AbstractRevision $revision = null, $action )
{
- // Users must have the core 'edit' permission to perform any
write action in flow
- $performsWrites = $this->actions->getValue( $action,
'performs-writes' );
- if ( $performsWrites && ( !$this->user->isAllowed( 'edit' ) ||
$this->user->isBlocked() ) ) {
- return false;
- }
-
- $permission = $this->getPermission( $revision, $action );
-
- // If no permission is defined for this state, then the action
is not allowed
- // check if permission is set for this action
- if ( $permission === null ) {
- return false;
- }
-
- // Check if user is allowed to perform action against this
revision
- $allowed = call_user_func_array(
- array( $this->user, 'isAllowedAny' ),
- (array) $permission
- );
+ $allowed = $this->isRevisionAllowed( $revision, $action );
// if there was no revision object, it's pointless to find last
revision
if ( $revision === null ) {
@@ -91,7 +73,7 @@
$isLastRevision = $last->getRevisionId()->equals(
$revision->getRevisionId() );
return $allowed && ( $isLastRevision ||
$this->isAllowed( $last, $action ) );
- // If data is not in storage, just return that revision's status
+ // If data is not in storage, just return that
revision's status
} catch ( InvalidDataException $e ) {
return $allowed;
}
@@ -124,6 +106,65 @@
}
/**
+ * Check if a user is allowed to perform a certain action, only against
1
+ * specific revision (whereas the default isAllowed() will check if the
+ * given $action is allowed for both given and the most current
revision)
+ *
+ * @param AbstractRevision[optional] $revision
+ * @param string $action
+ * @return bool
+ */
+ public function isRevisionAllowed( AbstractRevision $revision = null,
$action ) {
+ // Users must have the core 'edit' permission to perform any
write action in flow
+ $performsWrites = $this->actions->getValue( $action,
'performs-writes' );
+ if ( $performsWrites && ( !$this->user->isAllowed( 'edit' ) ||
$this->user->isBlocked() ) ) {
+ return false;
+ }
+
+ $permission = $this->getPermission( $revision, $action );
+
+ // If no permission is defined for this state, then the action
is not allowed
+ // check if permission is set for this action
+ if ( $permission === null ) {
+ return false;
+ }
+
+ // Check if user is allowed to perform action against this
revision
+ return call_user_func_array(
+ array( $this->user, 'isAllowedAny' ),
+ (array) $permission
+ );
+ }
+
+ /**
+ * Check if a user is allowed to perform certain actions, only against 1
+ * specific revision (whereas the default isAllowed() will check if the
+ * given $action is allowed for both given and the most current
revision)
+ *
+ * @param AbstractRevision[optional] $revision
+ * @param string $action
+ * @param string[optional] $action2 Overloadable to check if either of
the provided actions are allowed
+ * @return bool
+ */
+ public function isRevisionAllowedAny( AbstractRevision $revision =
null, $action /* [, $action2 [, ... ]] */ ) {
+ $actions = func_get_args();
+ // Pull $revision out of the actions list
+ array_shift( $actions );
+ $allowed = false;
+
+ foreach ( $actions as $action ) {
+ $allowed |= $this->isRevisionAllowed( $revision,
$action );
+
+ // as soon as we've found one that is allowed, break
+ if ( $allowed ) {
+ break;
+ }
+ }
+
+ return $allowed;
+ }
+
+ /**
* Returns the permission specified in FlowActions for the given action
* against the given revision's moderation state.
*
--
To view, visit https://gerrit.wikimedia.org/r/112162
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ia47fa864a0d85e06b0479810ba44c0f2562780a7
Gerrit-PatchSet: 5
Gerrit-Project: mediawiki/extensions/Flow
Gerrit-Branch: master
Gerrit-Owner: Matthias Mullie <mmul...@wikimedia.org>
Gerrit-Reviewer: EBernhardson <ebernhard...@wikimedia.org>
Gerrit-Reviewer: Matthias Mullie <mmul...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
