r107103 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r107102‎ \| r107103 \| r107104 >
Date:	19:57, 22 December 2011
Author:	bsitu
Status:	ok
Tags:
Comment:	Disallow anonymouse user to unmark "Mark As Helpful" item
Modified paths:	/trunk/extensions/MarkAsHelpful/api/ApiMarkAsHelpful.php (modified) (history) /trunk/extensions/MarkAsHelpful/includes/MarkAsHelpfulItem.php (modified) (history)

Diff [purge]

Index: trunk/extensions/MarkAsHelpful/includes/MarkAsHelpfulItem.php
—	—	@@ -201,11 +201,15 @@
202	202	}
203	203
204	204	/**
205		~~- * Unmark an item as helpful~~
	205	+ * Unmark an item as helpful, we don't allow anonymous user to unarmk an item
206	206	* @param $currentUser Object - the current user who is browsing the site
207	207	*/
208	208	public function unmark( $currentUser ) {
209	209
	210	+ if ( $currentUser->isAnon() ) {
	211	+ return;
	212	+ }
	213	+
210	214	if ( $this->getProperty( 'mah_id' ) ) {
211	215
212	216	if ( !$this->getProperty( 'mah_type' ) ) {
—	—	@@ -218,10 +222,9 @@
219	223
220	224	if ( $user ) {
221	225
222		~~- if ( $currentUser->isAnon() == $user->isAnon() ) {~~
	226	+ if ( !$user->isAnon() ) {
223	227
224		~~- if ( $currentUser->getId() == $user->getId() \|\|~~
225		~~- $currentUser->getName() == $user->getName() ) {~~
	228	+ if ( $currentUser->getId() == $user->getId() ) {
226	229
227	230	$dbw = wfGetDB( DB_MASTER );
228	231
Index: trunk/extensions/MarkAsHelpful/api/ApiMarkAsHelpful.php
—	—	@@ -8,7 +8,12 @@
9	9	if ( $wgUser->isBlocked( false ) ) {
10	10	$this->dieUsageMsg( array( 'blockedtext' ) );
11	11	}
12		-
	12	+
	13	+ // Disallow anonymous user to unmark an 'Mark As Helpful' item
	14	+ if ( $wgUser->isAnon() && $params['type'] == 'unmark' ) {
	15	+ $this->noPermissionError();
	16	+ }
	17	+
13	18	$params = $this->extractRequestParams();
14	19
15	20	$isAbleToMark = true;
—	—	@@ -17,7 +22,7 @@
18	23	wfRunHooks( 'onMarkItemAsHelpful', array( $params['mahaction'], $params['type'], $params['item'], $wgUser, &$isAbleToMark ) );
19	24
20	25	if ( !$isAbleToMark ) {
21		~~- $this->dieUsage( "You don't have permission to do that", 'permission-denied' );~~
	26	+ $this->noPermissionError();
22	27	}
23	28
24	29	$error = false;
—	—	@@ -66,7 +71,11 @@
67	72	}
68	73	$this->getResult()->addValue( null, $this->getModuleName(), $result );
69	74	}
70		-
	75	+
	76	+ private function noPermissionError() {
	77	+ $this->dieUsage( "You don't have permission to do that", 'permission-denied' );
	78	+ }
	79	+
71	80	public function needsToken() {
72	81	return true;
73	82	}

Status & tagging log

21:23, 22 December 2011 Catrope (talk | contribs) changed the status of r107103 [removed: new added: ok]