jenkins-bot has submitted this change and it was merged.
Change subject: SpecialUndelete: Check permissions on a per-page basis
......................................................................
SpecialUndelete: Check permissions on a per-page basis
This will allow for hooks related to Title::userCan to
grant or revoke permissions based on the specific page
or namespace.
Bug: 14801
Change-Id: I02d8eb91cc5daff6e70b0dea3d2f58ed5fbfcf81
---
M includes/filerepo/file/ArchivedFile.php
M includes/specialpage/SpecialPage.php
M includes/specials/SpecialUndelete.php
3 files changed, 34 insertions(+), 10 deletions(-)
Approvals:
Brian Wolff: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/filerepo/file/ArchivedFile.php
b/includes/filerepo/file/ArchivedFile.php
index effa3ee..5b0d8e2 100644
--- a/includes/filerepo/file/ArchivedFile.php
+++ b/includes/filerepo/file/ArchivedFile.php
@@ -578,6 +578,7 @@
public function userCan( $field, User $user = null ) {
$this->load();
- return Revision::userCanBitfield( $this->deleted, $field, $user
);
+ $title = $this->getTitle();
+ return Revision::userCanBitfield( $this->deleted, $field,
$user, $title ? : null );
}
}
diff --git a/includes/specialpage/SpecialPage.php
b/includes/specialpage/SpecialPage.php
index 8fc28f8..c0a94af 100644
--- a/includes/specialpage/SpecialPage.php
+++ b/includes/specialpage/SpecialPage.php
@@ -39,7 +39,7 @@
// Minimum user level required to access this page, or "" for anyone.
// Also used to categorise the pages in Special:Specialpages
- private $mRestriction;
+ protected $mRestriction;
// Listed in Special:Specialpages?
private $mListed;
diff --git a/includes/specials/SpecialUndelete.php
b/includes/specials/SpecialUndelete.php
index 8acf8a2..cfadddb 100644
--- a/includes/specials/SpecialUndelete.php
+++ b/includes/specials/SpecialUndelete.php
@@ -720,10 +720,10 @@
$this->mUnsuppress = $request->getVal( 'wpUnsuppress' ) &&
$user->isAllowed( 'suppressrevision' );
$this->mToken = $request->getVal( 'token' );
- if ( $user->isAllowed( 'undelete' ) && !$user->isBlocked() ) {
+ if ( $this->isAllowed( 'undelete' ) && !$user->isBlocked() ) {
$this->mAllowed = true; // user can restore
$this->mCanView = true; // user can view content
- } elseif ( $user->isAllowed( 'deletedtext' ) ) {
+ } elseif ( $this->isAllowed( 'deletedtext' ) ) {
$this->mAllowed = false; // user cannot restore
$this->mCanView = true; // user can view content
$this->mRestore = false;
@@ -752,14 +752,35 @@
}
}
+ /**
+ * Checks whether a user is allowed the permission for the
+ * specific title if one is set.
+ *
+ * @param string $permission
+ * @param User $user
+ * @return bool
+ */
+ private function isAllowed( $permission, User $user = null ) {
+ $user = $user ? : $this->getUser();
+ if ( $this->mTargetObj !== null ) {
+ return $this->mTargetObj->userCan( $permission, $user );
+ } else {
+ return $user->isAllowed( $permission );
+ }
+ }
+
+ function userCanExecute( User $user ) {
+ return $this->isAllowed( $this->mRestriction, $user );
+ }
+
function execute( $par ) {
- $this->checkPermissions();
$user = $this->getUser();
$this->setHeaders();
$this->outputHeader();
$this->loadRequest( $par );
+ $this->checkPermissions(); // Needs to be after mTargetObj is
set
$out = $this->getOutput();
@@ -1458,12 +1479,14 @@
$ts = wfTimestamp( TS_MW, $row->fa_timestamp );
$user = $this->getUser();
- if ( $this->mAllowed && $row->fa_storage_key ) {
- $checkBox = Xml::check( 'fileid' . $row->fa_id );
+ $checkBox = '';
+ if ( $this->mCanView && $row->fa_storage_key ) {
+ if ( $this->mAllowed ) {
+ $checkBox = Xml::check( 'fileid' . $row->fa_id
);
+ }
$key = urlencode( $row->fa_storage_key );
$pageLink = $this->getFileLink( $file,
$this->getPageTitle(), $ts, $key );
} else {
- $checkBox = '';
$pageLink = $this->getLanguage()->userTimeAndDate( $ts,
$user );
}
$userLink = $this->getFileUser( $file );
@@ -1475,8 +1498,8 @@
$comment = $this->getFileComment( $file );
// Add show/hide deletion links if available
- $canHide = $user->isAllowed( 'deleterevision' );
- if ( $canHide || ( $file->getVisibility() && $user->isAllowed(
'deletedhistory' ) ) ) {
+ $canHide = $this->isAllowed( 'deleterevision' );
+ if ( $canHide || ( $file->getVisibility() && $this->isAllowed(
'deletedhistory' ) ) ) {
if ( !$file->userCan( File::DELETED_RESTRICTED, $user )
) {
// Revision was hidden from sysops
$revdlink = Linker::revDeleteLinkDisabled(
$canHide );
--
To view, visit https://gerrit.wikimedia.org/r/154868
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I02d8eb91cc5daff6e70b0dea3d2f58ed5fbfcf81
Gerrit-PatchSet: 5
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Legoktm <[email protected]>
Gerrit-Reviewer: Aaron Schulz <[email protected]>
Gerrit-Reviewer: Brian Wolff <[email protected]>
Gerrit-Reviewer: Jackmcbarn <[email protected]>
Gerrit-Reviewer: Legoktm <[email protected]>
Gerrit-Reviewer: Parent5446 <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
