Index: trunk/phase3/RELEASE-NOTES-1.19 |
— | — | @@ -125,6 +125,8 @@ |
126 | 126 | "create account" when the user cannot create an account |
127 | 127 | * (bug 31818) 'usercreated' message now supports GENDER |
128 | 128 | * (bug 32022) Our phpunit.php script can now be executed from another directory |
| 129 | +* (bug 26020) Setting $wgEmailConfirmToEdit to true no longer removes diffs |
| 130 | + from recent changes feeds |
129 | 131 | |
130 | 132 | === API changes in 1.19 === |
131 | 133 | * (bug 19838) siprop=interwikimap can now use the interwiki cache. |
Index: trunk/phase3/includes/diff/DifferenceEngine.php |
— | — | @@ -194,10 +194,14 @@ |
195 | 195 | return; |
196 | 196 | } |
197 | 197 | |
198 | | - # mOldPage might not be set, see below. |
199 | | - if ( !$this->mNewPage->userCanRead() || ( $this->mOldPage && !$this->mOldPage->userCanRead() ) ) { |
| 198 | + $permErrors = $this->mNewPage->getUserPermissionsErrors( 'read', $wgUser ); |
| 199 | + if ( $this->mOldPage ) { # mOldPage might not be set, see below. |
| 200 | + $permErrors = wfMergeErrorArrays( $permErrors, |
| 201 | + $this->mOldPage->getUserPermissionsErrors( 'read', $wgUser ) ); |
| 202 | + } |
| 203 | + if ( count( $permErrors ) ) { |
200 | 204 | wfProfileOut( __METHOD__ ); |
201 | | - throw new PermissionsError( 'read' ); |
| 205 | + throw new PermissionsError( 'read', $permErrors ); |
202 | 206 | } |
203 | 207 | |
204 | 208 | # If external diffs are enabled both globally and for the user, |
Index: trunk/phase3/includes/Article.php |
— | — | @@ -477,10 +477,11 @@ |
478 | 478 | } |
479 | 479 | |
480 | 480 | # Another whitelist check in case oldid is altering the title |
481 | | - if ( !$this->getTitle()->userCanRead() ) { |
| 481 | + $permErrors = $this->getTitle()->getUserPermissionsErrors( 'read', $wgUser ); |
| 482 | + if ( count( $permErrors ) ) { |
482 | 483 | wfDebug( __METHOD__ . ": denied on secondary read check\n" ); |
483 | 484 | wfProfileOut( __METHOD__ ); |
484 | | - throw new PermissionsError( 'read' ); |
| 485 | + throw new PermissionsError( 'read', $permErrors ); |
485 | 486 | } |
486 | 487 | |
487 | 488 | # Are we looking at an old revision |
Index: trunk/phase3/includes/Wiki.php |
— | — | @@ -146,8 +146,6 @@ |
147 | 147 | $output->setPrintable(); |
148 | 148 | } |
149 | 149 | |
150 | | - $pageView = false; // was an article or special page viewed? |
151 | | - |
152 | 150 | wfRunHooks( 'BeforeInitialize', |
153 | 151 | array( &$title, null, &$output, &$user, $request, $this ) ); |
154 | 152 | |
— | — | @@ -156,14 +154,23 @@ |
157 | 155 | $title->isSpecial( 'Badtitle' ) ) |
158 | 156 | { |
159 | 157 | $this->context->setTitle( SpecialPage::getTitleFor( 'Badtitle' ) ); |
| 158 | + wfProfileOut( __METHOD__ ); |
160 | 159 | throw new ErrorPageError( 'badtitle', 'badtitletext' ); |
161 | | - // If the user is not logged in, the Namespace:title of the article must be in |
162 | | - // the Read array in order for the user to see it. (We have to check here to |
163 | | - // catch special pages etc. We check again in Article::view()) |
164 | | - } elseif ( !$title->userCanRead() ) { |
165 | | - throw new PermissionsError( 'read' ); |
| 160 | + } |
| 161 | + |
| 162 | + // Check user's permissions to read this page. |
| 163 | + // We have to check here to catch special pages etc. |
| 164 | + // We will check again in Article::view(). |
| 165 | + $permErrors = $title->getUserPermissionsErrors( 'read', $user ); |
| 166 | + if ( count( $permErrors ) ) { |
| 167 | + wfProfileOut( __METHOD__ ); |
| 168 | + throw new PermissionsError( 'read', $permErrors ); |
| 169 | + } |
| 170 | + |
| 171 | + $pageView = false; // was an article or special page viewed? |
| 172 | + |
166 | 173 | // Interwiki redirects |
167 | | - } elseif ( $title->getInterwiki() != '' ) { |
| 174 | + if ( $title->getInterwiki() != '' ) { |
168 | 175 | $rdfrom = $request->getVal( 'rdfrom' ); |
169 | 176 | if ( $rdfrom ) { |
170 | 177 | $url = $title->getFullURL( 'rdfrom=' . urlencode( $rdfrom ) ); |
Index: trunk/phase3/includes/Title.php |
— | — | @@ -1134,6 +1134,26 @@ |
1135 | 1135 | } |
1136 | 1136 | |
1137 | 1137 | /** |
| 1138 | + * Determines if $user is unable to edit this page because it has been protected |
| 1139 | + * by $wgNamespaceProtection. |
| 1140 | + * |
| 1141 | + * @param $user User object to check permissions |
| 1142 | + * @return Bool |
| 1143 | + */ |
| 1144 | + public function isNamespaceProtected( User $user ) { |
| 1145 | + global $wgNamespaceProtection; |
| 1146 | + |
| 1147 | + if ( isset( $wgNamespaceProtection[$this->mNamespace] ) ) { |
| 1148 | + foreach ( (array)$wgNamespaceProtection[$this->mNamespace] as $right ) { |
| 1149 | + if ( $right != '' && !$user->isAllowed( $right ) ) { |
| 1150 | + return true; |
| 1151 | + } |
| 1152 | + } |
| 1153 | + } |
| 1154 | + return false; |
| 1155 | + } |
| 1156 | + |
| 1157 | + /** |
1138 | 1158 | * Is this a conversion table for the LanguageConverter? |
1139 | 1159 | * |
1140 | 1160 | * @return Bool |
— | — | @@ -1169,6 +1189,17 @@ |
1170 | 1190 | } |
1171 | 1191 | |
1172 | 1192 | /** |
| 1193 | + * Can $wgUser read this page? |
| 1194 | + * |
| 1195 | + * @deprecated in 1.19; use userCan(), quickUserCan() or getUserPermissionsErrors() instead |
| 1196 | + * @return Bool |
| 1197 | + * @todo fold these checks into userCan() |
| 1198 | + */ |
| 1199 | + public function userCanRead() { |
| 1200 | + return $this->userCan( 'read' ); |
| 1201 | + } |
| 1202 | + |
| 1203 | + /** |
1173 | 1204 | * Can $wgUser perform $action on this page? |
1174 | 1205 | * This skips potentially expensive cascading permission checks |
1175 | 1206 | * as well as avoids expensive error formatting |
— | — | @@ -1179,42 +1210,27 @@ |
1180 | 1211 | * May provide false positives, but should never provide a false negative. |
1181 | 1212 | * |
1182 | 1213 | * @param $action String action that permission needs to be checked for |
| 1214 | + * @param $user User to check (since 1.19) |
1183 | 1215 | * @return Bool |
1184 | 1216 | */ |
1185 | | - public function quickUserCan( $action ) { |
1186 | | - return $this->userCan( $action, false ); |
| 1217 | + public function quickUserCan( $action, $user = null ) { |
| 1218 | + return $this->userCan( $action, $user, false ); |
1187 | 1219 | } |
1188 | 1220 | |
1189 | 1221 | /** |
1190 | | - * Determines if $user is unable to edit this page because it has been protected |
1191 | | - * by $wgNamespaceProtection. |
1192 | | - * |
1193 | | - * @param $user User object to check permissions |
1194 | | - * @return Bool |
1195 | | - */ |
1196 | | - public function isNamespaceProtected( User $user ) { |
1197 | | - global $wgNamespaceProtection; |
1198 | | - |
1199 | | - if ( isset( $wgNamespaceProtection[$this->mNamespace] ) ) { |
1200 | | - foreach ( (array)$wgNamespaceProtection[$this->mNamespace] as $right ) { |
1201 | | - if ( $right != '' && !$user->isAllowed( $right ) ) { |
1202 | | - return true; |
1203 | | - } |
1204 | | - } |
1205 | | - } |
1206 | | - return false; |
1207 | | - } |
1208 | | - |
1209 | | - /** |
1210 | 1222 | * Can $wgUser perform $action on this page? |
1211 | 1223 | * |
1212 | 1224 | * @param $action String action that permission needs to be checked for |
| 1225 | + * @param $user User to check (since 1.19) |
1213 | 1226 | * @param $doExpensiveQueries Bool Set this to false to avoid doing unnecessary queries. |
1214 | 1227 | * @return Bool |
1215 | 1228 | */ |
1216 | | - public function userCan( $action, $doExpensiveQueries = true ) { |
1217 | | - global $wgUser; |
1218 | | - return ( $this->getUserPermissionsErrorsInternal( $action, $wgUser, $doExpensiveQueries, true ) === array() ); |
| 1229 | + public function userCan( $action, $user = null, $doExpensiveQueries = true ) { |
| 1230 | + if ( !$user instanceof User ) { |
| 1231 | + global $wgUser; |
| 1232 | + $user = $wgUser; |
| 1233 | + } |
| 1234 | + return !count( $this->getUserPermissionsErrorsInternal( $action, $user, $doExpensiveQueries, true ) ); |
1219 | 1235 | } |
1220 | 1236 | |
1221 | 1237 | /** |
— | — | @@ -1300,24 +1316,7 @@ |
1301 | 1317 | $errors[] = array( 'cant-move-to-user-page' ); |
1302 | 1318 | } |
1303 | 1319 | } elseif ( !$user->isAllowed( $action, $ns ) ) { |
1304 | | - // We avoid expensive display logic for quickUserCan's and such |
1305 | | - $groups = false; |
1306 | | - if ( !$short ) { |
1307 | | - $groups = array_map( array( 'User', 'makeGroupLinkWiki' ), |
1308 | | - User::getGroupsWithPermission( $action, $ns ) ); |
1309 | | - } |
1310 | | - |
1311 | | - if ( $groups ) { |
1312 | | - global $wgLang; |
1313 | | - $return = array( |
1314 | | - 'badaccess-groups', |
1315 | | - $wgLang->commaList( $groups ), |
1316 | | - count( $groups ) |
1317 | | - ); |
1318 | | - } else { |
1319 | | - $return = array( 'badaccess-group0' ); |
1320 | | - } |
1321 | | - $errors[] = $return; |
| 1320 | + $errors[] = $this->missingPermissionError( $action, $short ); |
1322 | 1321 | } |
1323 | 1322 | |
1324 | 1323 | return $errors; |
— | — | @@ -1392,7 +1391,7 @@ |
1393 | 1392 | private function checkSpecialsAndNSPermissions( $action, $user, $errors, $doExpensiveQueries, $short ) { |
1394 | 1393 | # Only 'createaccount' and 'execute' can be performed on |
1395 | 1394 | # special pages, which don't actually exist in the DB. |
1396 | | - $specialOKActions = array( 'createaccount', 'execute' ); |
| 1395 | + $specialOKActions = array( 'createaccount', 'execute', 'read' ); |
1397 | 1396 | if ( NS_SPECIAL == $this->mNamespace && !in_array( $action, $specialOKActions ) ) { |
1398 | 1397 | $errors[] = array( 'ns-specialprotected' ); |
1399 | 1398 | } |
— | — | @@ -1456,13 +1455,10 @@ |
1457 | 1456 | } |
1458 | 1457 | if ( $right != '' && !$user->isAllowed( $right, $this->mNamespace ) ) { |
1459 | 1458 | // Users with 'editprotected' permission can edit protected pages |
1460 | | - if ( $action == 'edit' && $user->isAllowed( 'editprotected', $this->mNamespace ) ) { |
1461 | | - // Users with 'editprotected' permission cannot edit protected pages |
1462 | | - // with cascading option turned on. |
1463 | | - if ( $this->mCascadeRestriction ) { |
1464 | | - $errors[] = array( 'protectedpagetext', $right ); |
1465 | | - } |
1466 | | - } else { |
| 1459 | + // without cascading option turned on. |
| 1460 | + if ( $action != 'edit' || !$user->isAllowed( 'editprotected', $this->mNamespace ) |
| 1461 | + || $this->mCascadeRestriction ) |
| 1462 | + { |
1467 | 1463 | $errors[] = array( 'protectedpagetext', $right ); |
1468 | 1464 | } |
1469 | 1465 | } |
— | — | @@ -1570,21 +1566,19 @@ |
1571 | 1567 | * @return Array list of errors |
1572 | 1568 | */ |
1573 | 1569 | private function checkUserBlock( $action, $user, $errors, $doExpensiveQueries, $short ) { |
1574 | | - if( !$doExpensiveQueries ) { |
| 1570 | + // Account creation blocks handled at userlogin. |
| 1571 | + // Unblocking handled in SpecialUnblock |
| 1572 | + if( !$doExpensiveQueries || in_array( $action, array( 'createaccount', 'unblock' ) ) ) { |
1575 | 1573 | return $errors; |
1576 | 1574 | } |
1577 | 1575 | |
1578 | 1576 | global $wgContLang, $wgLang, $wgEmailConfirmToEdit; |
1579 | 1577 | |
1580 | | - if ( $wgEmailConfirmToEdit && !$user->isEmailConfirmed() && $action != 'createaccount' ) { |
| 1578 | + if ( $wgEmailConfirmToEdit && !$user->isEmailConfirmed() ) { |
1581 | 1579 | $errors[] = array( 'confirmedittext' ); |
1582 | 1580 | } |
1583 | 1581 | |
1584 | | - if ( in_array( $action, array( 'read', 'createaccount', 'unblock' ) ) ){ |
1585 | | - // Edit blocks should not affect reading. |
1586 | | - // Account creation blocks handled at userlogin. |
1587 | | - // Unblocking handled in SpecialUnblock |
1588 | | - } elseif( ( $action == 'edit' || $action == 'create' ) && !$user->isBlockedFrom( $this ) ){ |
| 1582 | + if ( ( $action == 'edit' || $action == 'create' ) && !$user->isBlockedFrom( $this ) ) { |
1589 | 1583 | // Don't block the user from editing their own talk page unless they've been |
1590 | 1584 | // explicitly blocked from that too. |
1591 | 1585 | } elseif( $user->isBlocked() && $user->mBlock->prevents( $action ) !== false ) { |
— | — | @@ -1626,6 +1620,128 @@ |
1627 | 1621 | } |
1628 | 1622 | |
1629 | 1623 | /** |
| 1624 | + * Check that the user is allowed to read this page. |
| 1625 | + * |
| 1626 | + * @param $action String the action to check |
| 1627 | + * @param $user User to check |
| 1628 | + * @param $errors Array list of current errors |
| 1629 | + * @param $doExpensiveQueries Boolean whether or not to perform expensive queries |
| 1630 | + * @param $short Boolean short circuit on first error |
| 1631 | + * |
| 1632 | + * @return Array list of errors |
| 1633 | + */ |
| 1634 | + private function checkReadPermissions( $action, $user, $errors, $doExpensiveQueries, $short ) { |
| 1635 | + static $useShortcut = null; |
| 1636 | + |
| 1637 | + # Initialize the $useShortcut boolean, to determine if we can skip quite a bit of code below |
| 1638 | + if ( is_null( $useShortcut ) ) { |
| 1639 | + global $wgGroupPermissions, $wgRevokePermissions; |
| 1640 | + $useShortcut = true; |
| 1641 | + if ( empty( $wgGroupPermissions['*']['read'] ) ) { |
| 1642 | + # Not a public wiki, so no shortcut |
| 1643 | + $useShortcut = false; |
| 1644 | + } elseif ( !empty( $wgRevokePermissions ) ) { |
| 1645 | + /** |
| 1646 | + * Iterate through each group with permissions being revoked (key not included since we don't care |
| 1647 | + * what the group name is), then check if the read permission is being revoked. If it is, then |
| 1648 | + * we don't use the shortcut below since the user might not be able to read, even though anon |
| 1649 | + * reading is allowed. |
| 1650 | + */ |
| 1651 | + foreach ( $wgRevokePermissions as $perms ) { |
| 1652 | + if ( !empty( $perms['read'] ) ) { |
| 1653 | + # We might be removing the read right from the user, so no shortcut |
| 1654 | + $useShortcut = false; |
| 1655 | + break; |
| 1656 | + } |
| 1657 | + } |
| 1658 | + } |
| 1659 | + } |
| 1660 | + |
| 1661 | + # Shortcut for public wikis, allows skipping quite a bit of code |
| 1662 | + if ( $useShortcut ) { |
| 1663 | + return $errors; |
| 1664 | + } |
| 1665 | + |
| 1666 | + # If the user is allowed to read pages, he is allowed to read all pages |
| 1667 | + if ( $user->isAllowed( 'read', $this->mNamespace ) ) { |
| 1668 | + return $errors; |
| 1669 | + } |
| 1670 | + |
| 1671 | + # Always grant access to the login page. |
| 1672 | + # Even anons need to be able to log in. |
| 1673 | + if ( $this->isSpecial( 'Userlogin' ) || $this->isSpecial( 'ChangePassword' ) ) { |
| 1674 | + return $errors; |
| 1675 | + } |
| 1676 | + |
| 1677 | + # Time to check the whitelist |
| 1678 | + global $wgWhitelistRead; |
| 1679 | + |
| 1680 | + # Only to these checks is there's something to check against |
| 1681 | + if ( is_array( $wgWhitelistRead ) && count( $wgWhitelistRead ) ) { |
| 1682 | + # Check for explicit whitelisting |
| 1683 | + $name = $this->getPrefixedText(); |
| 1684 | + $dbName = $this->getPrefixedDBKey(); |
| 1685 | + |
| 1686 | + // Check with and without underscores |
| 1687 | + if ( in_array( $name, $wgWhitelistRead, true ) || in_array( $dbName, $wgWhitelistRead, true ) ) { |
| 1688 | + return $errors; |
| 1689 | + } |
| 1690 | + |
| 1691 | + # Old settings might have the title prefixed with |
| 1692 | + # a colon for main-namespace pages |
| 1693 | + if ( $this->getNamespace() == NS_MAIN ) { |
| 1694 | + if ( in_array( ':' . $name, $wgWhitelistRead ) ) { |
| 1695 | + return $errors; |
| 1696 | + } |
| 1697 | + } |
| 1698 | + |
| 1699 | + # If it's a special page, ditch the subpage bit and check again |
| 1700 | + if ( $this->isSpecialPage() ) { |
| 1701 | + $name = $this->getDBkey(); |
| 1702 | + list( $name, /* $subpage */ ) = SpecialPageFactory::resolveAlias( $name ); |
| 1703 | + if ( $name !== false ) { |
| 1704 | + $pure = SpecialPage::getTitleFor( $name )->getPrefixedText(); |
| 1705 | + if ( in_array( $pure, $wgWhitelistRead, true ) ) { |
| 1706 | + return $errors; |
| 1707 | + } |
| 1708 | + } |
| 1709 | + } |
| 1710 | + } |
| 1711 | + |
| 1712 | + $errors[] = $this->missingPermissionError( $action, $short ); |
| 1713 | + return $errors; |
| 1714 | + } |
| 1715 | + |
| 1716 | + /** |
| 1717 | + * Get a description array when the user doesn't have the right to perform |
| 1718 | + * $action (i.e. when User::isAllowed() returns false) |
| 1719 | + * |
| 1720 | + * @param $action String the action to check |
| 1721 | + * @param $short Boolean short circuit on first error |
| 1722 | + * @return Array list of errors |
| 1723 | + */ |
| 1724 | + private function missingPermissionError( $action, $short ) { |
| 1725 | + // We avoid expensive display logic for quickUserCan's and such |
| 1726 | + if ( $short ) { |
| 1727 | + return array( 'badaccess-group0' ); |
| 1728 | + } |
| 1729 | + |
| 1730 | + $groups = array_map( array( 'User', 'makeGroupLinkWiki' ), |
| 1731 | + User::getGroupsWithPermission( $action, $this->mNamespace ) ); |
| 1732 | + |
| 1733 | + if ( count( $groups ) ) { |
| 1734 | + global $wgLang; |
| 1735 | + return array( |
| 1736 | + 'badaccess-groups', |
| 1737 | + $wgLang->commaList( $groups ), |
| 1738 | + count( $groups ) |
| 1739 | + ); |
| 1740 | + } else { |
| 1741 | + return array( 'badaccess-group0' ); |
| 1742 | + } |
| 1743 | + } |
| 1744 | + |
| 1745 | + /** |
1630 | 1746 | * Can $user perform $action on this page? This is an internal function, |
1631 | 1747 | * which checks ONLY that previously checked by userCan (i.e. it leaves out |
1632 | 1748 | * checks on wfReadOnly() and blocks) |
— | — | @@ -1639,20 +1755,28 @@ |
1640 | 1756 | protected function getUserPermissionsErrorsInternal( $action, $user, $doExpensiveQueries = true, $short = false ) { |
1641 | 1757 | wfProfileIn( __METHOD__ ); |
1642 | 1758 | |
| 1759 | + # Read has special handling |
| 1760 | + if ( $action == 'read' ) { |
| 1761 | + $checks = array( |
| 1762 | + 'checkPermissionHooks', |
| 1763 | + 'checkReadPermissions', |
| 1764 | + ); |
| 1765 | + } else { |
| 1766 | + $checks = array( |
| 1767 | + 'checkQuickPermissions', |
| 1768 | + 'checkPermissionHooks', |
| 1769 | + 'checkSpecialsAndNSPermissions', |
| 1770 | + 'checkCSSandJSPermissions', |
| 1771 | + 'checkPageRestrictions', |
| 1772 | + 'checkCascadingSourcesRestrictions', |
| 1773 | + 'checkActionPermissions', |
| 1774 | + 'checkUserBlock' |
| 1775 | + ); |
| 1776 | + } |
| 1777 | + |
1643 | 1778 | $errors = array(); |
1644 | | - $checks = array( |
1645 | | - 'checkQuickPermissions', |
1646 | | - 'checkPermissionHooks', |
1647 | | - 'checkSpecialsAndNSPermissions', |
1648 | | - 'checkCSSandJSPermissions', |
1649 | | - 'checkPageRestrictions', |
1650 | | - 'checkCascadingSourcesRestrictions', |
1651 | | - 'checkActionPermissions', |
1652 | | - 'checkUserBlock' |
1653 | | - ); |
1654 | | - |
1655 | 1779 | while( count( $checks ) > 0 && |
1656 | | - !( $short && count( $errors ) > 0 ) ) { |
| 1780 | + !( $short && count( $errors ) > 0 ) ) { |
1657 | 1781 | $method = array_shift( $checks ); |
1658 | 1782 | $errors = $this->$method( $action, $user, $errors, $doExpensiveQueries, $short ); |
1659 | 1783 | } |
— | — | @@ -1788,102 +1912,6 @@ |
1789 | 1913 | } |
1790 | 1914 | |
1791 | 1915 | /** |
1792 | | - * Can $wgUser read this page? |
1793 | | - * |
1794 | | - * @return Bool |
1795 | | - * @todo fold these checks into userCan() |
1796 | | - */ |
1797 | | - public function userCanRead() { |
1798 | | - global $wgUser, $wgGroupPermissions; |
1799 | | - |
1800 | | - static $useShortcut = null; |
1801 | | - |
1802 | | - # Initialize the $useShortcut boolean, to determine if we can skip quite a bit of code below |
1803 | | - if ( is_null( $useShortcut ) ) { |
1804 | | - global $wgRevokePermissions; |
1805 | | - $useShortcut = true; |
1806 | | - if ( empty( $wgGroupPermissions['*']['read'] ) ) { |
1807 | | - # Not a public wiki, so no shortcut |
1808 | | - $useShortcut = false; |
1809 | | - } elseif ( !empty( $wgRevokePermissions ) ) { |
1810 | | - /** |
1811 | | - * Iterate through each group with permissions being revoked (key not included since we don't care |
1812 | | - * what the group name is), then check if the read permission is being revoked. If it is, then |
1813 | | - * we don't use the shortcut below since the user might not be able to read, even though anon |
1814 | | - * reading is allowed. |
1815 | | - */ |
1816 | | - foreach ( $wgRevokePermissions as $perms ) { |
1817 | | - if ( !empty( $perms['read'] ) ) { |
1818 | | - # We might be removing the read right from the user, so no shortcut |
1819 | | - $useShortcut = false; |
1820 | | - break; |
1821 | | - } |
1822 | | - } |
1823 | | - } |
1824 | | - } |
1825 | | - |
1826 | | - $result = null; |
1827 | | - wfRunHooks( 'userCan', array( &$this, &$wgUser, 'read', &$result ) ); |
1828 | | - if ( $result !== null ) { |
1829 | | - return $result; |
1830 | | - } |
1831 | | - |
1832 | | - # Shortcut for public wikis, allows skipping quite a bit of code |
1833 | | - if ( $useShortcut ) { |
1834 | | - return true; |
1835 | | - } |
1836 | | - |
1837 | | - if ( $wgUser->isAllowed( 'read' ) ) { |
1838 | | - return true; |
1839 | | - } else { |
1840 | | - global $wgWhitelistRead; |
1841 | | - |
1842 | | - # Always grant access to the login page. |
1843 | | - # Even anons need to be able to log in. |
1844 | | - if ( $this->isSpecial( 'Userlogin' ) || $this->isSpecial( 'ChangePassword' ) ) { |
1845 | | - return true; |
1846 | | - } |
1847 | | - |
1848 | | - # Bail out if there isn't whitelist |
1849 | | - if ( !is_array( $wgWhitelistRead ) ) { |
1850 | | - return false; |
1851 | | - } |
1852 | | - |
1853 | | - # Check for explicit whitelisting |
1854 | | - $name = $this->getPrefixedText(); |
1855 | | - $dbName = $this->getPrefixedDBKey(); |
1856 | | - // Check with and without underscores |
1857 | | - if ( in_array( $name, $wgWhitelistRead, true ) || in_array( $dbName, $wgWhitelistRead, true ) ) |
1858 | | - return true; |
1859 | | - |
1860 | | - # Old settings might have the title prefixed with |
1861 | | - # a colon for main-namespace pages |
1862 | | - if ( $this->getNamespace() == NS_MAIN ) { |
1863 | | - if ( in_array( ':' . $name, $wgWhitelistRead ) ) { |
1864 | | - return true; |
1865 | | - } |
1866 | | - } |
1867 | | - |
1868 | | - # If it's a special page, ditch the subpage bit and check again |
1869 | | - if ( $this->isSpecialPage() ) { |
1870 | | - $name = $this->getDBkey(); |
1871 | | - list( $name, /* $subpage */ ) = SpecialPageFactory::resolveAlias( $name ); |
1872 | | - if ( $name === false ) { |
1873 | | - # Invalid special page, but we show standard login required message |
1874 | | - return false; |
1875 | | - } |
1876 | | - |
1877 | | - $pure = SpecialPage::getTitleFor( $name )->getPrefixedText(); |
1878 | | - if ( in_array( $pure, $wgWhitelistRead, true ) ) { |
1879 | | - return true; |
1880 | | - } |
1881 | | - } |
1882 | | - |
1883 | | - } |
1884 | | - return false; |
1885 | | - } |
1886 | | - |
1887 | | - /** |
1888 | 1916 | * Is this the mainpage? |
1889 | 1917 | * @note Title::newFromText seams to be sufficiently optimized by the title |
1890 | 1918 | * cache that we don't need to over-optimize by doing direct comparisons and |