r102187 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r102186‎ \| r102187 \| r102188 >
Date:	19:59, 6 November 2011
Author:	ialex
Status:	resolved (Comments)
Tags:	todo
Comment:	* Merged Title::userCanRead() check in Title::getUserPermissionsErrors() * (bug 26020) Setting $wgEmailConfirmToEdit to true no longer removes diffs from recent changes feeds * Added second parameter to Title::userCan() and Title::quickUserCan() to allow callers to pass the User object to use for checks; this changes Title::userCan()'s second parameter from "do expensive queries" flag to User, but all callers should have been updated in r102183 * Updated callers that might throw a PermissionsError to use getUserPermissionsErrors() instead and pass the error array to the exception * Refactored duplicate code in missingPermissionError() * Moved Title::isNamespaceProtected() a bit upper and Title::userCanRead() near Title::userCan() to have related functions in the same location * Some minor refactoring in permission-related functions in Title
Modified paths:	/trunk/phase3/RELEASE-NOTES-1.19 (modified) (history) /trunk/phase3/includes/Article.php (modified) (history) /trunk/phase3/includes/Title.php (modified) (history) /trunk/phase3/includes/Wiki.php (modified) (history) /trunk/phase3/includes/diff/DifferenceEngine.php (modified) (history)

Diff [purge]

Index: trunk/phase3/RELEASE-NOTES-1.19
—	—	@@ -125,6 +125,8 @@
126	126	"create account" when the user cannot create an account
127	127	* (bug 31818) 'usercreated' message now supports GENDER
128	128	* (bug 32022) Our phpunit.php script can now be executed from another directory
	129	+* (bug 26020) Setting $wgEmailConfirmToEdit to true no longer removes diffs
	130	+ from recent changes feeds
129	131
130	132	=== API changes in 1.19 ===
131	133	* (bug 19838) siprop=interwikimap can now use the interwiki cache.
Index: trunk/phase3/includes/diff/DifferenceEngine.php
—	—	@@ -194,10 +194,14 @@
195	195	return;
196	196	}
197	197
198		~~- # mOldPage might not be set, see below.~~
199		~~- if ( !$this->mNewPage->userCanRead() \|\| ( $this->mOldPage && !$this->mOldPage->userCanRead() ) ) {~~
	198	+ $permErrors = $this->mNewPage->getUserPermissionsErrors( 'read', $wgUser );
	199	+ if ( $this->mOldPage ) { # mOldPage might not be set, see below.
	200	+ $permErrors = wfMergeErrorArrays( $permErrors,
	201	+ $this->mOldPage->getUserPermissionsErrors( 'read', $wgUser ) );
	202	+ }
	203	+ if ( count( $permErrors ) ) {
200	204	wfProfileOut( __METHOD__ );
201		~~- throw new PermissionsError( 'read' );~~
	205	+ throw new PermissionsError( 'read', $permErrors );
202	206	}
203	207
204	208	# If external diffs are enabled both globally and for the user,
Index: trunk/phase3/includes/Article.php
—	—	@@ -477,10 +477,11 @@
478	478	}
479	479
480	480	# Another whitelist check in case oldid is altering the title
481		~~- if ( !$this->getTitle()->userCanRead() ) {~~
	481	+ $permErrors = $this->getTitle()->getUserPermissionsErrors( 'read', $wgUser );
	482	+ if ( count( $permErrors ) ) {
482	483	wfDebug( __METHOD__ . ": denied on secondary read check\n" );
483	484	wfProfileOut( __METHOD__ );
484		~~- throw new PermissionsError( 'read' );~~
	485	+ throw new PermissionsError( 'read', $permErrors );
485	486	}
486	487
487	488	# Are we looking at an old revision
Index: trunk/phase3/includes/Wiki.php
—	—	@@ -146,8 +146,6 @@
147	147	$output->setPrintable();
148	148	}
149	149
150		~~- $pageView = false; // was an article or special page viewed?~~
151		-
152	150	wfRunHooks( 'BeforeInitialize',
153	151	array( &$title, null, &$output, &$user, $request, $this ) );
154	152
—	—	@@ -156,14 +154,23 @@
157	155	$title->isSpecial( 'Badtitle' ) )
158	156	{
159	157	$this->context->setTitle( SpecialPage::getTitleFor( 'Badtitle' ) );
	158	+ wfProfileOut( __METHOD__ );
160	159	throw new ErrorPageError( 'badtitle', 'badtitletext' );
161		~~- // If the user is not logged in, the Namespace:title of the article must be in~~
162		~~- // the Read array in order for the user to see it. (We have to check here to~~
163		~~- // catch special pages etc. We check again in Article::view())~~
164		~~- } elseif ( !$title->userCanRead() ) {~~
165		~~- throw new PermissionsError( 'read' );~~
	160	+ }
	161	+
	162	+ // Check user's permissions to read this page.
	163	+ // We have to check here to catch special pages etc.
	164	+ // We will check again in Article::view().
	165	+ $permErrors = $title->getUserPermissionsErrors( 'read', $user );
	166	+ if ( count( $permErrors ) ) {
	167	+ wfProfileOut( __METHOD__ );
	168	+ throw new PermissionsError( 'read', $permErrors );
	169	+ }
	170	+
	171	+ $pageView = false; // was an article or special page viewed?
	172	+
166	173	// Interwiki redirects
167		~~- } elseif ( $title->getInterwiki() != '' ) {~~
	174	+ if ( $title->getInterwiki() != '' ) {
168	175	$rdfrom = $request->getVal( 'rdfrom' );
169	176	if ( $rdfrom ) {
170	177	$url = $title->getFullURL( 'rdfrom=' . urlencode( $rdfrom ) );
Index: trunk/phase3/includes/Title.php
—	—	@@ -1134,6 +1134,26 @@
1135	1135	}
1136	1136
1137	1137	/**
	1138	+ * Determines if $user is unable to edit this page because it has been protected
	1139	+ * by $wgNamespaceProtection.
	1140	+ *
	1141	+ * @param $user User object to check permissions
	1142	+ * @return Bool
	1143	+ */
	1144	+ public function isNamespaceProtected( User $user ) {
	1145	+ global $wgNamespaceProtection;
	1146	+
	1147	+ if ( isset( $wgNamespaceProtection[$this->mNamespace] ) ) {
	1148	+ foreach ( (array)$wgNamespaceProtection[$this->mNamespace] as $right ) {
	1149	+ if ( $right != '' && !$user->isAllowed( $right ) ) {
	1150	+ return true;
	1151	+ }
	1152	+ }
	1153	+ }
	1154	+ return false;
	1155	+ }
	1156	+
	1157	+ /**
1138	1158	* Is this a conversion table for the LanguageConverter?
1139	1159	*
1140	1160	* @return Bool
—	—	@@ -1169,6 +1189,17 @@
1170	1190	}
1171	1191
1172	1192	/**
	1193	+ * Can $wgUser read this page?
	1194	+ *
	1195	+ * @deprecated in 1.19; use userCan(), quickUserCan() or getUserPermissionsErrors() instead
	1196	+ * @return Bool
	1197	+ * @todo fold these checks into userCan()
	1198	+ */
	1199	+ public function userCanRead() {
	1200	+ return $this->userCan( 'read' );
	1201	+ }
	1202	+
	1203	+ /**
1173	1204	* Can $wgUser perform $action on this page?
1174	1205	* This skips potentially expensive cascading permission checks
1175	1206	* as well as avoids expensive error formatting
—	—	@@ -1179,42 +1210,27 @@
1180	1211	* May provide false positives, but should never provide a false negative.
1181	1212	*
1182	1213	* @param $action String action that permission needs to be checked for
	1214	+ * @param $user User to check (since 1.19)
1183	1215	* @return Bool
1184	1216	*/
1185		~~- public function quickUserCan( $action ) {~~
1186		~~- return $this->userCan( $action, false );~~
	1217	+ public function quickUserCan( $action, $user = null ) {
	1218	+ return $this->userCan( $action, $user, false );
1187	1219	}
1188	1220
1189	1221	/**
1190		~~- * Determines if $user is unable to edit this page because it has been protected~~
1191		~~- * by $wgNamespaceProtection.~~
1192		- *
1193		~~- * @param $user User object to check permissions~~
1194		~~- * @return Bool~~
1195		~~- */~~
1196		~~- public function isNamespaceProtected( User $user ) {~~
1197		~~- global $wgNamespaceProtection;~~
1198		-
1199		~~- if ( isset( $wgNamespaceProtection[$this->mNamespace] ) ) {~~
1200		~~- foreach ( (array)$wgNamespaceProtection[$this->mNamespace] as $right ) {~~
1201		~~- if ( $right != '' && !$user->isAllowed( $right ) ) {~~
1202		~~- return true;~~
1203		~~- }~~
1204		~~- }~~
1205		~~- }~~
1206		~~- return false;~~
1207		~~- }~~
1208		-
1209		- /**
1210	1222	* Can $wgUser perform $action on this page?
1211	1223	*
1212	1224	* @param $action String action that permission needs to be checked for
	1225	+ * @param $user User to check (since 1.19)
1213	1226	* @param $doExpensiveQueries Bool Set this to false to avoid doing unnecessary queries.
1214	1227	* @return Bool
1215	1228	*/
1216		~~- public function userCan( $action, $doExpensiveQueries = true ) {~~
1217		~~- global $wgUser;~~
1218		~~- return ( $this->getUserPermissionsErrorsInternal( $action, $wgUser, $doExpensiveQueries, true ) === array() );~~
	1229	+ public function userCan( $action, $user = null, $doExpensiveQueries = true ) {
	1230	+ if ( !$user instanceof User ) {
	1231	+ global $wgUser;
	1232	+ $user = $wgUser;
	1233	+ }
	1234	+ return !count( $this->getUserPermissionsErrorsInternal( $action, $user, $doExpensiveQueries, true ) );
1219	1235	}
1220	1236
1221	1237	/**
—	—	@@ -1300,24 +1316,7 @@
1301	1317	$errors[] = array( 'cant-move-to-user-page' );
1302	1318	}
1303	1319	} elseif ( !$user->isAllowed( $action, $ns ) ) {
1304		~~- // We avoid expensive display logic for quickUserCan's and such~~
1305		~~- $groups = false;~~
1306		~~- if ( !$short ) {~~
1307		~~- $groups = array_map( array( 'User', 'makeGroupLinkWiki' ),~~
1308		~~- User::getGroupsWithPermission( $action, $ns ) );~~
1309		~~- }~~
1310		-
1311		~~- if ( $groups ) {~~
1312		~~- global $wgLang;~~
1313		~~- $return = array(~~
1314		~~- 'badaccess-groups',~~
1315		~~- $wgLang->commaList( $groups ),~~
1316		~~- count( $groups )~~
1317		~~- );~~
1318		~~- } else {~~
1319		~~- $return = array( 'badaccess-group0' );~~
1320		~~- }~~
1321		~~- $errors[] = $return;~~
	1320	+ $errors[] = $this->missingPermissionError( $action, $short );
1322	1321	}
1323	1322
1324	1323	return $errors;
—	—	@@ -1392,7 +1391,7 @@
1393	1392	private function checkSpecialsAndNSPermissions( $action, $user, $errors, $doExpensiveQueries, $short ) {
1394	1393	# Only 'createaccount' and 'execute' can be performed on
1395	1394	# special pages, which don't actually exist in the DB.
1396		~~- $specialOKActions = array( 'createaccount', 'execute' );~~
	1395	+ $specialOKActions = array( 'createaccount', 'execute', 'read' );
1397	1396	if ( NS_SPECIAL == $this->mNamespace && !in_array( $action, $specialOKActions ) ) {
1398	1397	$errors[] = array( 'ns-specialprotected' );
1399	1398	}
—	—	@@ -1456,13 +1455,10 @@
1457	1456	}
1458	1457	if ( $right != '' && !$user->isAllowed( $right, $this->mNamespace ) ) {
1459	1458	// Users with 'editprotected' permission can edit protected pages
1460		~~- if ( $action == 'edit' && $user->isAllowed( 'editprotected', $this->mNamespace ) ) {~~
1461		~~- // Users with 'editprotected' permission cannot edit protected pages~~
1462		~~- // with cascading option turned on.~~
1463		~~- if ( $this->mCascadeRestriction ) {~~
1464		~~- $errors[] = array( 'protectedpagetext', $right );~~
1465		~~- }~~
1466		~~- } else {~~
	1459	+ // without cascading option turned on.
	1460	+ if ( $action != 'edit' \|\| !$user->isAllowed( 'editprotected', $this->mNamespace )
	1461	+ \|\| $this->mCascadeRestriction )
	1462	+ {
1467	1463	$errors[] = array( 'protectedpagetext', $right );
1468	1464	}
1469	1465	}
—	—	@@ -1570,21 +1566,19 @@
1571	1567	* @return Array list of errors
1572	1568	*/
1573	1569	private function checkUserBlock( $action, $user, $errors, $doExpensiveQueries, $short ) {
1574		~~- if( !$doExpensiveQueries ) {~~
	1570	+ // Account creation blocks handled at userlogin.
	1571	+ // Unblocking handled in SpecialUnblock
	1572	+ if( !$doExpensiveQueries \|\| in_array( $action, array( 'createaccount', 'unblock' ) ) ) {
1575	1573	return $errors;
1576	1574	}
1577	1575
1578	1576	global $wgContLang, $wgLang, $wgEmailConfirmToEdit;
1579	1577
1580		~~- if ( $wgEmailConfirmToEdit && !$user->isEmailConfirmed() && $action != 'createaccount' ) {~~
	1578	+ if ( $wgEmailConfirmToEdit && !$user->isEmailConfirmed() ) {
1581	1579	$errors[] = array( 'confirmedittext' );
1582	1580	}
1583	1581
1584		~~- if ( in_array( $action, array( 'read', 'createaccount', 'unblock' ) ) ){~~
1585		~~- // Edit blocks should not affect reading.~~
1586		~~- // Account creation blocks handled at userlogin.~~
1587		~~- // Unblocking handled in SpecialUnblock~~
1588		~~- } elseif( ( $action == 'edit' \|\| $action == 'create' ) && !$user->isBlockedFrom( $this ) ){~~
	1582	+ if ( ( $action == 'edit' \|\| $action == 'create' ) && !$user->isBlockedFrom( $this ) ) {
1589	1583	// Don't block the user from editing their own talk page unless they've been
1590	1584	// explicitly blocked from that too.
1591	1585	} elseif( $user->isBlocked() && $user->mBlock->prevents( $action ) !== false ) {
—	—	@@ -1626,6 +1620,128 @@
1627	1621	}
1628	1622
1629	1623	/**
	1624	+ * Check that the user is allowed to read this page.
	1625	+ *
	1626	+ * @param $action String the action to check
	1627	+ * @param $user User to check
	1628	+ * @param $errors Array list of current errors
	1629	+ * @param $doExpensiveQueries Boolean whether or not to perform expensive queries
	1630	+ * @param $short Boolean short circuit on first error
	1631	+ *
	1632	+ * @return Array list of errors
	1633	+ */
	1634	+ private function checkReadPermissions( $action, $user, $errors, $doExpensiveQueries, $short ) {
	1635	+ static $useShortcut = null;
	1636	+
	1637	+ # Initialize the $useShortcut boolean, to determine if we can skip quite a bit of code below
	1638	+ if ( is_null( $useShortcut ) ) {
	1639	+ global $wgGroupPermissions, $wgRevokePermissions;
	1640	+ $useShortcut = true;
	1641	+ if ( empty( $wgGroupPermissions['*']['read'] ) ) {
	1642	+ # Not a public wiki, so no shortcut
	1643	+ $useShortcut = false;
	1644	+ } elseif ( !empty( $wgRevokePermissions ) ) {
	1645	+ /**
	1646	+ * Iterate through each group with permissions being revoked (key not included since we don't care
	1647	+ * what the group name is), then check if the read permission is being revoked. If it is, then
	1648	+ * we don't use the shortcut below since the user might not be able to read, even though anon
	1649	+ * reading is allowed.
	1650	+ */
	1651	+ foreach ( $wgRevokePermissions as $perms ) {
	1652	+ if ( !empty( $perms['read'] ) ) {
	1653	+ # We might be removing the read right from the user, so no shortcut
	1654	+ $useShortcut = false;
	1655	+ break;
	1656	+ }
	1657	+ }
	1658	+ }
	1659	+ }
	1660	+
	1661	+ # Shortcut for public wikis, allows skipping quite a bit of code
	1662	+ if ( $useShortcut ) {
	1663	+ return $errors;
	1664	+ }
	1665	+
	1666	+ # If the user is allowed to read pages, he is allowed to read all pages
	1667	+ if ( $user->isAllowed( 'read', $this->mNamespace ) ) {
	1668	+ return $errors;
	1669	+ }
	1670	+
	1671	+ # Always grant access to the login page.
	1672	+ # Even anons need to be able to log in.
	1673	+ if ( $this->isSpecial( 'Userlogin' ) \|\| $this->isSpecial( 'ChangePassword' ) ) {
	1674	+ return $errors;
	1675	+ }
	1676	+
	1677	+ # Time to check the whitelist
	1678	+ global $wgWhitelistRead;
	1679	+
	1680	+ # Only to these checks is there's something to check against
	1681	+ if ( is_array( $wgWhitelistRead ) && count( $wgWhitelistRead ) ) {
	1682	+ # Check for explicit whitelisting
	1683	+ $name = $this->getPrefixedText();
	1684	+ $dbName = $this->getPrefixedDBKey();
	1685	+
	1686	+ // Check with and without underscores
	1687	+ if ( in_array( $name, $wgWhitelistRead, true ) \|\| in_array( $dbName, $wgWhitelistRead, true ) ) {
	1688	+ return $errors;
	1689	+ }
	1690	+
	1691	+ # Old settings might have the title prefixed with
	1692	+ # a colon for main-namespace pages
	1693	+ if ( $this->getNamespace() == NS_MAIN ) {
	1694	+ if ( in_array( ':' . $name, $wgWhitelistRead ) ) {
	1695	+ return $errors;
	1696	+ }
	1697	+ }
	1698	+
	1699	+ # If it's a special page, ditch the subpage bit and check again
	1700	+ if ( $this->isSpecialPage() ) {
	1701	+ $name = $this->getDBkey();
	1702	+ list( $name, /* $subpage */ ) = SpecialPageFactory::resolveAlias( $name );
	1703	+ if ( $name !== false ) {
	1704	+ $pure = SpecialPage::getTitleFor( $name )->getPrefixedText();
	1705	+ if ( in_array( $pure, $wgWhitelistRead, true ) ) {
	1706	+ return $errors;
	1707	+ }
	1708	+ }
	1709	+ }
	1710	+ }
	1711	+
	1712	+ $errors[] = $this->missingPermissionError( $action, $short );
	1713	+ return $errors;
	1714	+ }
	1715	+
	1716	+ /**
	1717	+ * Get a description array when the user doesn't have the right to perform
	1718	+ * $action (i.e. when User::isAllowed() returns false)
	1719	+ *
	1720	+ * @param $action String the action to check
	1721	+ * @param $short Boolean short circuit on first error
	1722	+ * @return Array list of errors
	1723	+ */
	1724	+ private function missingPermissionError( $action, $short ) {
	1725	+ // We avoid expensive display logic for quickUserCan's and such
	1726	+ if ( $short ) {
	1727	+ return array( 'badaccess-group0' );
	1728	+ }
	1729	+
	1730	+ $groups = array_map( array( 'User', 'makeGroupLinkWiki' ),
	1731	+ User::getGroupsWithPermission( $action, $this->mNamespace ) );
	1732	+
	1733	+ if ( count( $groups ) ) {
	1734	+ global $wgLang;
	1735	+ return array(
	1736	+ 'badaccess-groups',
	1737	+ $wgLang->commaList( $groups ),
	1738	+ count( $groups )
	1739	+ );
	1740	+ } else {
	1741	+ return array( 'badaccess-group0' );
	1742	+ }
	1743	+ }
	1744	+
	1745	+ /**
1630	1746	* Can $user perform $action on this page? This is an internal function,
1631	1747	* which checks ONLY that previously checked by userCan (i.e. it leaves out
1632	1748	* checks on wfReadOnly() and blocks)
—	—	@@ -1639,20 +1755,28 @@
1640	1756	protected function getUserPermissionsErrorsInternal( $action, $user, $doExpensiveQueries = true, $short = false ) {
1641	1757	wfProfileIn( __METHOD__ );
1642	1758
	1759	+ # Read has special handling
	1760	+ if ( $action == 'read' ) {
	1761	+ $checks = array(
	1762	+ 'checkPermissionHooks',
	1763	+ 'checkReadPermissions',
	1764	+ );
	1765	+ } else {
	1766	+ $checks = array(
	1767	+ 'checkQuickPermissions',
	1768	+ 'checkPermissionHooks',
	1769	+ 'checkSpecialsAndNSPermissions',
	1770	+ 'checkCSSandJSPermissions',
	1771	+ 'checkPageRestrictions',
	1772	+ 'checkCascadingSourcesRestrictions',
	1773	+ 'checkActionPermissions',
	1774	+ 'checkUserBlock'
	1775	+ );
	1776	+ }
	1777	+
1643	1778	$errors = array();
1644		~~- $checks = array(~~
1645		~~- 'checkQuickPermissions',~~
1646		~~- 'checkPermissionHooks',~~
1647		~~- 'checkSpecialsAndNSPermissions',~~
1648		~~- 'checkCSSandJSPermissions',~~
1649		~~- 'checkPageRestrictions',~~
1650		~~- 'checkCascadingSourcesRestrictions',~~
1651		~~- 'checkActionPermissions',~~
1652		~~- 'checkUserBlock'~~
1653		~~- );~~
1654		-
1655	1779	while( count( $checks ) > 0 &&
1656		~~- !( $short && count( $errors ) > 0 ) ) {~~
	1780	+ !( $short && count( $errors ) > 0 ) ) {
1657	1781	$method = array_shift( $checks );
1658	1782	$errors = $this->$method( $action, $user, $errors, $doExpensiveQueries, $short );
1659	1783	}
—	—	@@ -1788,102 +1912,6 @@
1789	1913	}
1790	1914
1791	1915	/**
1792		~~- * Can $wgUser read this page?~~
1793		- *
1794		~~- * @return Bool~~
1795		~~- * @todo fold these checks into userCan()~~
1796		~~- */~~
1797		~~- public function userCanRead() {~~
1798		~~- global $wgUser, $wgGroupPermissions;~~
1799		-
1800		~~- static $useShortcut = null;~~
1801		-
1802		~~- # Initialize the $useShortcut boolean, to determine if we can skip quite a bit of code below~~
1803		~~- if ( is_null( $useShortcut ) ) {~~
1804		~~- global $wgRevokePermissions;~~
1805		~~- $useShortcut = true;~~
1806		~~- if ( empty( $wgGroupPermissions['*']['read'] ) ) {~~
1807		~~- # Not a public wiki, so no shortcut~~
1808		~~- $useShortcut = false;~~
1809		~~- } elseif ( !empty( $wgRevokePermissions ) ) {~~
1810		- /**
1811		~~- * Iterate through each group with permissions being revoked (key not included since we don't care~~
1812		~~- * what the group name is), then check if the read permission is being revoked. If it is, then~~
1813		~~- * we don't use the shortcut below since the user might not be able to read, even though anon~~
1814		~~- * reading is allowed.~~
1815		~~- */~~
1816		~~- foreach ( $wgRevokePermissions as $perms ) {~~
1817		~~- if ( !empty( $perms['read'] ) ) {~~
1818		~~- # We might be removing the read right from the user, so no shortcut~~
1819		~~- $useShortcut = false;~~
1820		~~- break;~~
1821		~~- }~~
1822		~~- }~~
1823		~~- }~~
1824		~~- }~~
1825		-
1826		~~- $result = null;~~
1827		~~- wfRunHooks( 'userCan', array( &$this, &$wgUser, 'read', &$result ) );~~
1828		~~- if ( $result !== null ) {~~
1829		~~- return $result;~~
1830		~~- }~~
1831		-
1832		~~- # Shortcut for public wikis, allows skipping quite a bit of code~~
1833		~~- if ( $useShortcut ) {~~
1834		~~- return true;~~
1835		~~- }~~
1836		-
1837		~~- if ( $wgUser->isAllowed( 'read' ) ) {~~
1838		~~- return true;~~
1839		~~- } else {~~
1840		~~- global $wgWhitelistRead;~~
1841		-
1842		~~- # Always grant access to the login page.~~
1843		~~- # Even anons need to be able to log in.~~
1844		~~- if ( $this->isSpecial( 'Userlogin' ) \|\| $this->isSpecial( 'ChangePassword' ) ) {~~
1845		~~- return true;~~
1846		~~- }~~
1847		-
1848		~~- # Bail out if there isn't whitelist~~
1849		~~- if ( !is_array( $wgWhitelistRead ) ) {~~
1850		~~- return false;~~
1851		~~- }~~
1852		-
1853		~~- # Check for explicit whitelisting~~
1854		~~- $name = $this->getPrefixedText();~~
1855		~~- $dbName = $this->getPrefixedDBKey();~~
1856		~~- // Check with and without underscores~~
1857		~~- if ( in_array( $name, $wgWhitelistRead, true ) \|\| in_array( $dbName, $wgWhitelistRead, true ) )~~
1858		~~- return true;~~
1859		-
1860		~~- # Old settings might have the title prefixed with~~
1861		~~- # a colon for main-namespace pages~~
1862		~~- if ( $this->getNamespace() == NS_MAIN ) {~~
1863		~~- if ( in_array( ':' . $name, $wgWhitelistRead ) ) {~~
1864		~~- return true;~~
1865		~~- }~~
1866		~~- }~~
1867		-
1868		~~- # If it's a special page, ditch the subpage bit and check again~~
1869		~~- if ( $this->isSpecialPage() ) {~~
1870		~~- $name = $this->getDBkey();~~
1871		~~- list( $name, /* $subpage */ ) = SpecialPageFactory::resolveAlias( $name );~~
1872		~~- if ( $name === false ) {~~
1873		~~- # Invalid special page, but we show standard login required message~~
1874		~~- return false;~~
1875		~~- }~~
1876		-
1877		~~- $pure = SpecialPage::getTitleFor( $name )->getPrefixedText();~~
1878		~~- if ( in_array( $pure, $wgWhitelistRead, true ) ) {~~
1879		~~- return true;~~
1880		~~- }~~
1881		~~- }~~
1882		-
1883		~~- }~~
1884		~~- return false;~~
1885		~~- }~~
1886		-
1887		- /**
1888	1916	* Is this the mainpage?
1889	1917	* @note Title::newFromText seams to be sufficiently optimized by the title
1890	1918	* cache that we don't need to over-optimize by doing direct comparisons and

Follow-up revisions

Revision	Commit summary	Author	Date
r102880	Quick fix for r102187 breakage	nikerabbit	08:31, 13 November 2011
r102886	Follow-up r102187: fixed two remaining hooks that were expecting 'read' to no...	ialex	09:16, 13 November 2011
r102896	Per Nikerabbit, follow-up r102187: added RELEASE-NOTES entry about the fact t...	ialex	14:11, 13 November 2011
r105851	Reverted r92364 (per-namespace permissions)....	tstarling	06:03, 12 December 2011
r106504	Per Aaron, fix typo in r102187	ialex	13:10, 17 December 2011
r108175	Per request of Aaron Schulz, follow-up r102187: added new 'TitleReadWhitelist...	ialex	20:29, 5 January 2012

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r102183	Removed second parameter to Title::userCan() and changed it to quickUserCan()...	ialex	18:16, 6 November 2011

Comments

#Comment by Nikerabbit (talk | contribs) 08:28, 13 November 2011

This broke Translate extension (unable to view translated pages because no right to read).

#Comment by IAlex (talk | contribs) 09:17, 13 November 2011

Remaining fixed in r102886.

#Comment by Nikerabbit (talk | contribs) 09:42, 13 November 2011

Shouldn't there be at least release notes entry?

#Comment by Siebrand (talk | contribs) 12:48, 7 December 2011

Done in r102896.

#Comment by Aaron Schulz (talk | contribs) 04:52, 17 December 2011

+		# Only to these checks is there's something to check against

Typo.

#Comment by IAlex (talk | contribs) 13:11, 17 December 2011

Fixed in r106504.

#Comment by Aaron Schulz (talk | contribs) 05:13, 17 December 2011

Using 'userCan' hook to set $result = true to *allow* some pages to be visible no longer seems to work...

#Comment by Aaron Schulz (talk | contribs) 05:36, 17 December 2011

I guess a hook should be added to extensions to check if $wgTitle is whitelisted to allow this functionality again.

#Comment by Aaron Schulz (talk | contribs) 19:07, 5 January 2012

Note that https://www.mediawiki.org/wiki/Extension:FlaggedRevs/Restricting_unapproved_revisions is broken due to this change.

#Comment by IAlex (talk | contribs) 20:30, 5 January 2012

Done in r108175.

Status & tagging log

17:24, 17 December 2011 Aaron Schulz (talk | contribs) changed the tags for r102187 [added: todo]
04:52, 17 December 2011 Aaron Schulz (talk | contribs) changed the status of r102187 [removed: new added: resolved]
09:17, 13 November 2011 IAlex (talk | contribs) changed the status of r102187 [removed: fixme added: new]
08:28, 13 November 2011 Nikerabbit (talk | contribs) changed the status of r102187 [removed: new added: fixme]