r44471 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r44470‎ | r44471 | r44472 >
Date:21:37, 11 December 2008
Author:catrope
Status:ok
Tags:
Comment:
Loosen requirements for cascading protection: instead of requiring that both edit=sysop and move=sysop (and any other custom restriction types be set to sysop as well), just require edit=sysop and leave the other restriction types alone. This makes it possible to protect a page with e.g. edit=sysop and move=autoconfirmed and still use cascading protection, but only through the API: the UI won't do this (yet) because the JS greys out the cascade checkbox (that'll need to be fixed).
Modified paths:
  • /trunk/phase3/RELEASE-NOTES (modified) (history)
  • /trunk/phase3/includes/Article.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/Article.php
@@ -1884,13 +1884,10 @@
18851885
18861886 # Only restrictions with the 'protect' right can cascade...
18871887 # Otherwise, people who cannot normally protect can "protect" pages via transclusion
1888 - foreach( $limit as $action => $restriction ) {
1889 - # FIXME: can $restriction be an array or what? (same as fixme above)
1890 - if( $restriction != 'protect' && $restriction != 'sysop' ) {
1891 - $cascade = false;
1892 - break;
1893 - }
1894 - }
 1888+ $editrestriction = isset( $limit['edit'] ) ? array( $limit['edit'] ) : $this->mTitle->getRestrictions( 'edit' );
 1889+ # The schema allows multiple restrictions
 1890+ if(!in_array('protect', $editrestriction) && !in_array('sysop', $editrestriction))
 1891+ $cascade = false;
18951892 $cascade_description = '';
18961893 if( $cascade ) {
18971894 $cascade_description = ' ['.wfMsgForContent('protect-summary-cascade').']';
Index: trunk/phase3/RELEASE-NOTES
@@ -218,6 +218,8 @@
219219 * Added complimentary function for addHandler() called removeHandler() for removing events
220220 * Improved security of file uploads for IE clients, using a reverse-engineered
221221 algorithm very similar to IE's content detection algorithm.
 222+* Cascading protection no longer requires that both edit and move are restricted
 223+ to sysop, just edit=sysop is enough
222224
223225 === Bug fixes in 1.14 ===
224226

Status & tagging log