r101630 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r101629‎ \| r101630 \| r101631 >
Date:	15:30, 2 November 2011
Author:	ialex
Status:	resolved (Comments)
Tags:
Comment:	* Made PermissionsError exception accept an optional second parameter for the description of the errors (as returned by Title::getUserPermissionsErrors()) * PermissionsError now calls OutputPage::showPermissionsErrorPage() to display the error (this is needed to make the item above work correctly) * Removed the override of the HTML title in OutputPage::showPermissionsErrorPage() so that it shows "Permission errors - Sitename" instead of simply "Permission errors" for consistency with the other things * Pass the error array returned by Title::getUserPermissionsErrors() to PermissionsError where available * Converted direct calls to OutputPage::showPermissionsErrorPage() to throw an PermissionsError error instead * Added 'action-rollback' message that will be displayed when accessing action=rollback without sufficient rights * Changed getRestriction() in subclasses of Action to return null when they previously returned 'read' so that user rights can be check with Title::getUserPermissionsErrors() * Reordered checks to do first user rights, then block (if needed) and finally read only (also if needed) so that users don't think the error is temporary when they both don't have right and the database is locked
Modified paths:	/trunk/phase3/includes/Action.php (modified) (history) /trunk/phase3/includes/Article.php (modified) (history) /trunk/phase3/includes/Exception.php (modified) (history) /trunk/phase3/includes/FileDeleteForm.php (modified) (history) /trunk/phase3/includes/OutputPage.php (modified) (history) /trunk/phase3/includes/actions/HistoryAction.php (modified) (history) /trunk/phase3/includes/actions/InfoAction.php (modified) (history) /trunk/phase3/includes/actions/MarkpatrolledAction.php (modified) (history) /trunk/phase3/includes/actions/RawAction.php (modified) (history) /trunk/phase3/includes/actions/RevertAction.php (modified) (history) /trunk/phase3/includes/actions/RollbackAction.php (modified) (history) /trunk/phase3/includes/actions/WatchAction.php (modified) (history) /trunk/phase3/includes/specials/SpecialImport.php (modified) (history) /trunk/phase3/includes/specials/SpecialMovepage.php (modified) (history) /trunk/phase3/includes/specials/SpecialUserlogin.php (modified) (history) /trunk/phase3/includes/specials/SpecialUserrights.php (modified) (history) /trunk/phase3/languages/messages/MessagesEn.php (modified) (history) /trunk/phase3/languages/messages/MessagesQqq.php (modified) (history) /trunk/phase3/maintenance/language/messages.inc (modified) (history)

Diff [purge]

Index: trunk/phase3/maintenance/language/messages.inc
—	—	@@ -1181,6 +1181,7 @@
1182	1182	'action-suppressionlog',
1183	1183	'action-block',
1184	1184	'action-protect',
	1185	+ 'action-rollback',
1185	1186	'action-import',
1186	1187	'action-importupload',
1187	1188	'action-patrol',
Index: trunk/phase3/includes/Article.php
—	—	@@ -1302,6 +1302,19 @@
1303	1303	public function delete() {
1304	1304	global $wgOut, $wgRequest;
1305	1305
	1306	+ # This code desperately needs to be totally rewritten
	1307	+
	1308	+ # Check permissions
	1309	+ $permission_errors = $this->mTitle->getUserPermissionsErrors( 'delete', $this->getContext()->getUser() );
	1310	+ if ( count( $permission_errors ) ) {
	1311	+ throw new PermissionsError( 'delete', $permission_errors );
	1312	+ }
	1313	+
	1314	+ # Read-only check...
	1315	+ if ( wfReadOnly() ) {
	1316	+ throw new ReadOnlyError;
	1317	+ }
	1318	+
1306	1319	$confirm = $wgRequest->wasPosted() &&
1307	1320	$this->getContext()->getUser()->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) );
1308	1321
—	—	@@ -1320,24 +1333,6 @@
1321	1334	# Flag to hide all contents of the archived revisions
1322	1335	$suppress = $wgRequest->getVal( 'wpSuppress' ) && $this->getContext()->getUser()->isAllowed( 'suppressrevision' );
1323	1336
1324		~~- # This code desperately needs to be totally rewritten~~
1325		-
1326		~~- # Read-only check...~~
1327		~~- if ( wfReadOnly() ) {~~
1328		~~- $wgOut->readOnlyPage();~~
1329		-
1330		~~- return;~~
1331		~~- }~~
1332		-
1333		~~- # Check permissions~~
1334		~~- $permission_errors = $this->getTitle()->getUserPermissionsErrors( 'delete', $this->getContext()->getUser() );~~
1335		-
1336		~~- if ( count( $permission_errors ) > 0 ) {~~
1337		~~- $wgOut->showPermissionsErrorPage( $permission_errors );~~
1338		-
1339		~~- return;~~
1340		~~- }~~
1341		-
1342	1337	$wgOut->setPageTitle( wfMessage( 'delete-confirm', $this->getTitle()->getPrefixedText() ) );
1343	1338
1344	1339	# Better double-check that it hasn't been deleted yet!
Index: trunk/phase3/includes/OutputPage.php
—	—	@@ -1979,7 +1979,7 @@
1980	1980	* @param $action String: action that was denied or null if unknown
1981	1981	*/
1982	1982	public function showPermissionsErrorPage( $errors, $action = null ) {
1983		~~- $this->prepareErrorPage( $this->msg( 'permissionserrors' ), $this->msg( 'permissionserrors' ) );~~
	1983	+ $this->prepareErrorPage( $this->msg( 'permissionserrors' ) );
1984	1984
1985	1985	$this->addWikiText( $this->formatPermissionsErrorMessage( $errors, $action ) );
1986	1986	}
Index: trunk/phase3/includes/actions/InfoAction.php
—	—	@@ -30,7 +30,7 @@
31	31	}
32	32
33	33	public function getRestriction() {
34		~~- return 'read';~~
	34	+ return null;
35	35	}
36	36
37	37	protected function getDescription() {
Index: trunk/phase3/includes/actions/HistoryAction.php
—	—	@@ -24,7 +24,7 @@
25	25	}
26	26
27	27	public function getRestriction() {
28		~~- return 'read';~~
	28	+ return null;
29	29	}
30	30
31	31	public function requiresWrite() {
Index: trunk/phase3/includes/actions/MarkpatrolledAction.php
—	—	@@ -29,7 +29,7 @@
30	30	}
31	31
32	32	public function getRestriction() {
33		~~- return 'read';~~
	33	+ return null;
34	34	}
35	35
36	36	protected function getDescription() {
—	—	@@ -73,9 +73,8 @@
74	74	return;
75	75	}
76	76
77		~~- if ( !empty( $errors ) ) {~~
78		~~- $this->getOutput()->showPermissionsErrorPage( $errors );~~
79		~~- return;~~
	77	+ if ( count( $errors ) ) {
	78	+ throw new PermissionsErrorPage( 'patrol', $errors );
80	79	}
81	80
82	81	# Inform the user
Index: trunk/phase3/includes/actions/WatchAction.php
—	—	@@ -27,7 +27,7 @@
28	28	}
29	29
30	30	public function getRestriction() {
31		~~- return 'read';~~
	31	+ return null;
32	32	}
33	33
34	34	public function requiresUnblock() {
Index: trunk/phase3/includes/actions/RevertAction.php
—	—	@@ -35,7 +35,7 @@
36	36	}
37	37
38	38	public function getRestriction() {
39		~~- return 'read';~~
	39	+ return null;
40	40	}
41	41
42	42	public function show() {
Index: trunk/phase3/includes/actions/RawAction.php
—	—	@@ -25,7 +25,7 @@
26	26	}
27	27
28	28	public function getRestriction() {
29		~~- return 'read';~~
	29	+ return null;
30	30	}
31	31
32	32	public function requiresWrite() {
Index: trunk/phase3/includes/actions/RollbackAction.php
—	—	@@ -83,9 +83,7 @@
84	84	$out [] = $error;
85	85	}
86	86	}
87		~~- $this->getOutput()->showPermissionsErrorPage( $out );~~
88		-
89		~~- return;~~
	87	+ throw new PermissionsError( 'rollback', $out );
90	88	}
91	89
92	90	if ( $result == array( array( 'readonlytext' ) ) ) {
Index: trunk/phase3/includes/FileDeleteForm.php
—	—	@@ -41,18 +41,18 @@
42	42	*/
43	43	public function execute() {
44	44	global $wgOut, $wgRequest, $wgUser;
45		~~- $this->setHeaders();~~
46	45
47		~~- $permission_errors = $this->title->getUserPermissionsErrors('delete', $wgUser);~~
48		~~- if ( count( $permission_errors ) > 0 ) {~~
49		~~- $wgOut->showPermissionsErrorPage( $permission_errors );~~
50		~~- return;~~
	46	+ $permissionErrors = $this->title->getUserPermissionsErrors( 'delete', $wgUser );
	47	+ if ( count( $permissionErrors ) ) {
	48	+ throw new PermissionsError( 'delete', $permissionErrors );
51	49	}
52	50
53	51	if ( wfReadOnly() ) {
54	52	throw new ReadOnlyError;
55	53	}
56	54
	55	+ $this->setHeaders();
	56	+
57	57	$this->oldimage = $wgRequest->getText( 'oldimage', false );
58	58	$token = $wgRequest->getText( 'wpEditToken' );
59	59	# Flag to hide all contents of the archived revisions
Index: trunk/phase3/includes/specials/SpecialUserrights.php
—	—	@@ -99,24 +99,21 @@
100	100	$this->isself = true;
101	101	}
102	102
103		~~- $out = $this->getOutput();~~
104		-
105	103	if( !$this->userCanChangeRights( $user, true ) ) {
106	104	// @todo FIXME: There may be intermediate groups we can mention.
107		~~- $out->showPermissionsErrorPage( array( array(~~
108		~~- $user->isAnon()~~
109		~~- ? 'userrights-nologin'~~
110		~~- : 'userrights-notallowed' ) ) );~~
111		~~- return;~~
	105	+ $msg = $user->isAnon() ? 'userrights-nologin' : 'userrights-notallowed';
	106	+ throw new PermissionsError( null, array( array( $msg ) ) );
112	107	}
113	108
114	109	if ( wfReadOnly() ) {
115	110	throw new ReadOnlyError;
116	111	}
117	112
	113	+ $this->setHeaders();
118	114	$this->outputHeader();
	115	+
	116	+ $out = $this->getOutput();
119	117	$out->addModuleStyles( 'mediawiki.special' );
120		~~- $this->setHeaders();~~
121	118
122	119	// show the general form
123	120	if ( count( $available['add'] ) \|\| count( $available['remove'] ) ) {
Index: trunk/phase3/includes/specials/SpecialImport.php
—	—	@@ -60,10 +60,6 @@
61	61	throw new PermissionsError( 'import' );
62	62	}
63	63
64		~~- if ( wfReadOnly() ) {~~
65		~~- throw new ReadOnlyError;~~
66		~~- }~~
67		-
68	64	# @todo Allow Title::getUserPermissionsErrors() to take an array
69	65	# @todo FIXME: Title::checkSpecialsAndNSPermissions() has a very wierd expectation of what
70	66	# getUserPermissionsErrors() might actually be used for, hence the 'ns-specialprotected'
—	—	@@ -78,11 +74,14 @@
79	75	)
80	76	);
81	77
82		~~- if( $errors ){~~
83		~~- $this->getOutput()->showPermissionsErrorPage( $errors );~~
84		~~- return;~~
	78	+ if ( $errors ) {
	79	+ throw new PermissionsError( 'import', $errors );
85	80	}
86	81
	82	+ if ( wfReadOnly() ) {
	83	+ throw new ReadOnlyError;
	84	+ }
	85	+
87	86	$request = $this->getRequest();
88	87	if ( $request->wasPosted() && $request->getVal( 'action' ) == 'submit' ) {
89	88	$this->doImport();
Index: trunk/phase3/includes/specials/SpecialUserlogin.php
—	—	@@ -953,14 +953,14 @@
954	954	// Block signup here if in readonly. Keeps user from
955	955	// going through the process (filling out data, etc)
956	956	// and being informed later.
957		~~- if ( wfReadOnly() ) {~~
958		~~- throw new ReadOnlyError;~~
	957	+ $permErrors = $titleObj->getUserPermissionsErrors( 'createaccount', $user, true );
	958	+ if ( count( $permErrors ) ) {
	959	+ throw new PermissionsError( 'createaccount', $permErrors );
959	960	} elseif ( $user->isBlockedFromCreateAccount() ) {
960	961	$this->userBlockedMessage( $user->isBlockedFromCreateAccount() );
961	962	return;
962		~~- } elseif ( count( $permErrors = $titleObj->getUserPermissionsErrors( 'createaccount', $user, true ) )>0 ) {~~
963		~~- $this->getOutput()->showPermissionsErrorPage( $permErrors, 'createaccount' );~~
964		~~- return;~~
	963	+ } elseif ( wfReadOnly() ) {
	964	+ throw new ReadOnlyError;
965	965	}
966	966	}
967	967
Index: trunk/phase3/includes/specials/SpecialMovepage.php
—	—	@@ -74,8 +74,7 @@
75	75	if( !empty( $permErrors ) ) {
76	76	// Auto-block user's IP if the account was "hard" blocked
77	77	$user->spreadAnyEditBlock();
78		~~- $this->getOutput()->showPermissionsErrorPage( $permErrors );~~
79		~~- return;~~
	78	+ throw new PermissionsError( 'move', $permErrors );
80	79	}
81	80
82	81	$def = !$request->wasPosted();
Index: trunk/phase3/includes/Action.php
—	—	@@ -200,18 +200,25 @@
201	201	* @throws ErrorPageError
202	202	*/
203	203	protected function checkCanExecute( User $user ) {
204		~~- if ( $this->requiresWrite() && wfReadOnly() ) {~~
205		~~- throw new ReadOnlyError();~~
	204	+ $right = $this->getRestriction();
	205	+ if ( $right !== null ) {
	206	+ $errors = $this->getTitle()->getUserPermissionsErrors( $right, $user );
	207	+ if ( count( $errors ) ) {
	208	+ throw new PermissionsError( $right, $errors );
	209	+ }
206	210	}
207	211
208		~~- if ( $this->getRestriction() !== null && !$user->isAllowed( $this->getRestriction() ) ) {~~
209		~~- throw new PermissionsError( $this->getRestriction() );~~
210		~~- }~~
211		-
212	212	if ( $this->requiresUnblock() && $user->isBlocked() ) {
213	213	$block = $user->mBlock;
214	214	throw new UserBlockedError( $block );
215	215	}
	216	+
	217	+ // This should be checked at the end so that the user won't think the
	218	+ // error is only temporary when he also don't have the rights to execute
	219	+ // this action
	220	+ if ( $this->requiresWrite() && wfReadOnly() ) {
	221	+ throw new ReadOnlyError();
	222	+ }
216	223	}
217	224
218	225	/**
Index: trunk/phase3/includes/Exception.php
—	—	@@ -276,34 +276,35 @@
277	277	* @ingroup Exception
278	278	*/
279	279	class PermissionsError extends ErrorPageError {
280		~~- public $permission;~~
	280	+ public $permission, $errors;
281	281
282		~~- function __construct( $permission ) {~~
	282	+ function __construct( $permission, $errors = array() ) {
283	283	global $wgLang;
284	284
285	285	$this->permission = $permission;
286	286
287		~~- $groups = array_map(~~
288		~~- array( 'User', 'makeGroupLinkWiki' ),~~
289		~~- User::getGroupsWithPermission( $this->permission )~~
290		~~- );~~
	287	+ if ( !count( $errors ) ) {
	288	+ $groups = array_map(
	289	+ array( 'User', 'makeGroupLinkWiki' ),
	290	+ User::getGroupsWithPermission( $this->permission )
	291	+ );
291	292
292		~~- if( $groups ) {~~
293		~~- parent::__construct(~~
294		~~- 'badaccess',~~
295		~~- 'badaccess-groups',~~
296		~~- array(~~
297		~~- $wgLang->commaList( $groups ),~~
298		~~- count( $groups )~~
299		~~- )~~
300		~~- );~~
301		~~- } else {~~
302		~~- parent::__construct(~~
303		~~- 'badaccess',~~
304		~~- 'badaccess-group0'~~
305		~~- );~~
	293	+ if ( $groups ) {
	294	+ $errors[] = array( 'badaccess-groups', $wgLang->commaList( $groups ), count( $groups ) );
	295	+ } else {
	296	+ $errors[] = array( 'badaccess-group0' );
	297	+ }
306	298	}
	299	+
	300	+ $this->errors = $errors;
307	301	}
	302	+
	303	+ function report() {
	304	+ global $wgOut;
	305	+
	306	+ $wgOut->showPermissionsErrorPage( $this->errors, $this->permission );
	307	+ $wgOut->output();
	308	+ }
308	309	}
309	310
310	311	/**
Index: trunk/phase3/languages/messages/MessagesQqq.php
—	—	@@ -1684,6 +1684,7 @@
1685	1685	'action-suppressionlog' => '{{Doc-action\|suppressionlog}}',
1686	1686	'action-block' => '{{Doc-action\|block}}',
1687	1687	'action-protect' => '{{Doc-action\|protect}}',
	1688	+'action-rollback' => '{{Doc-action\|rollback}}',
1688	1689	'action-import' => '{{Doc-action\|import}}',
1689	1690	'action-importupload' => '{{Doc-action\|importupload}}',
1690	1691	'action-patrol' => '{{Doc-action\|patrol}}',
Index: trunk/phase3/languages/messages/MessagesEn.php
—	—	@@ -2016,6 +2016,7 @@
2017	2017	'action-suppressionlog' => 'view this private log',
2018	2018	'action-block' => 'block this user from editing',
2019	2019	'action-protect' => 'change protection levels for this page',
	2020	+'action-rollback' => 'quickly rollback the edits of the last user who edited a particular page',
2020	2021	'action-import' => 'import this page from another wiki',
2021	2022	'action-importupload' => 'import this page from a file upload',
2022	2023	'action-patrol' => "mark others' edit as patrolled",

Follow-up revisions

Revision	Commit summary	Author	Date
r101967	Per Platonides, fix for r101630: correct class name	ialex	06:59, 4 November 2011

Comments

#Comment by Platonides (talk | contribs) 23:02, 3 November 2011

You're throwing a PermissionsErrorPage in includes/actions/MarkpatrolledAction.php line 77 but that class doesn't exist.

#Comment by IAlex (talk | contribs) 07:00, 4 November 2011

Fixed in r101967.

Status & tagging log

01:36, 13 June 2012 Krinkle (talk | contribs) changed the tags for r101630 [removed: skinning]
12:38, 24 December 2011 Nikerabbit (talk | contribs) changed the status of r101630 [removed: new added: resolved]
03:24, 23 December 2011 RobLa-WMF (talk | contribs) changed the tags for r101630 [added: skinning]
07:00, 4 November 2011 IAlex (talk | contribs) changed the status of r101630 [removed: fixme added: new]
23:02, 3 November 2011 Platonides (talk | contribs) changed the status of r101630 [removed: new added: fixme]