| Index: trunk/extensions/MoodBar/ApiQueryMoodBarComments.php |
| — | — | @@ -6,7 +6,7 @@ |
| 7 | 7 | } |
| 8 | 8 | |
| 9 | 9 | public function execute() { |
| 10 | | - global $wgLang; |
| | 10 | + global $wgLang, $wgUser; |
| 11 | 11 | $params = $this->extractRequestParams(); |
| 12 | 12 | $prop = array_flip( $params['prop'] ); |
| 13 | 13 | |
| — | — | @@ -38,6 +38,10 @@ |
| 39 | 39 | $this->addWhereRange( 'mbf_id', $params['dir'], null, null ); |
| 40 | 40 | $this->addOption( 'LIMIT', $params['limit'] + 1 ); |
| 41 | 41 | |
| | 42 | + if ( ! $wgUser->isAllowed( 'moodbar-admin' ) ) { |
| | 43 | + $this->addWhereFld( 'mbf_hidden_state', 0 ); |
| | 44 | + } |
| | 45 | + |
| 42 | 46 | $res = $this->select( __METHOD__ ); |
| 43 | 47 | $result = $this->getResult(); |
| 44 | 48 | $count = 0; |
| Index: trunk/extensions/MoodBar/SpecialFeedbackDashboard.php |
| — | — | @@ -392,6 +392,8 @@ |
| 393 | 393 | * @return array( 'rows' => array( row, row, ... ), 'olderRow' => row|null, 'newerRow' => row|null ) |
| 394 | 394 | */ |
| 395 | 395 | public function doQuery( $filters, $limit, $offset, $backwards ) { |
| | 396 | + global $wgUser; |
| | 397 | + |
| 396 | 398 | $dbr = wfGetDB( DB_SLAVE ); |
| 397 | 399 | |
| 398 | 400 | // Set $conds based on $filters |
| — | — | @@ -411,6 +413,8 @@ |
| 412 | 414 | } |
| 413 | 415 | if ( isset( $filters['id'] ) ) { |
| 414 | 416 | $conds['mbf_id'] = $filters['id']; |
| | 417 | + } elseif ( !$wgUser->isAllowed('moodbar-admin') ) { |
| | 418 | + $conds['mbf_hidden_state'] = 0; |
| 415 | 419 | } |
| 416 | 420 | |
| 417 | 421 | // Process $offset |