r66633 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r66632‎ \| r66633 \| r66634 >
Date:	23:44, 18 May 2010
Author:	aaron
Status:	deferred
Tags:
Comment:	* Stability form double-checks permissions * Improved form error strings * Other minor cleanups
Modified paths:	/trunk/extensions/FlaggedRevs/forms/PageStabilityForm.php (modified) (history) /trunk/extensions/FlaggedRevs/language/Stabilization.i18n.php (modified) (history) /trunk/extensions/FlaggedRevs/specialpages/Stabilization_body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/FlaggedRevs/language/Stabilization.i18n.php
—	—	@@ -46,10 +46,11 @@
47	47	'stabilize_page_notexists' => 'The target page does not exist.',
48	48	'stabilize_page_unreviewable' => 'The target page is not in reviewable namespace.',
49	49	'stabilize_invalid_precedence' => 'Invalid version precedence.',
50		~~- 'stabilize_invalid_autoreview' => 'Invalid autoreview restriction',~~
	50	+ 'stabilize_invalid_autoreview' => 'Invalid autoreview restriction.',
51	51	'stabilize_invalid_level' => 'Invalid protection level.',
52	52	'stabilize_expiry_invalid' => 'Invalid expiration date.',
53	53	'stabilize_expiry_old' => 'This expiration time has already passed.',
	54	+ 'stabilize_denied' => 'Permission denied.',
54	55	'stabilize-expiring' => 'expires $1 (UTC)',
55	56	'stabilization-review' => 'Mark the current revision checked',
56	57	);
Index: trunk/extensions/FlaggedRevs/forms/PageStabilityForm.php
—	—	@@ -9,7 +9,7 @@
10	10	*
11	11	* Usage: (a) set ALL form params before doing anything else
12	12	* (b) call ready() when all params are set
13		~~- * (c) check isAllowed() before calling submit() as needed~~
	13	+ * (c) call preloadSettings() or submit() as needed
14	14	*/
15	15	abstract class PageStabilityForm
16	16	{
—	—	@@ -26,9 +26,15 @@
27	27
28	28	protected $oldConfig = array(); # Old page config
29	29	protected $oldExpiry = ''; # Old page config expiry (GMT)
30		-
31	30	protected $inputLock = 0; # Disallow bad submissions
32	31
	32	+ protected $skin = null;
	33	+
	34	+ public function __construct() {
	35	+ global $wgUser;
	36	+ $this->skin = $wgUser->getSkin();
	37	+ }
	38	+
33	39	public function getPage() {
34	40	return $this->page;
35	41	}
—	—	@@ -210,7 +216,6 @@
211	217
212	218	/**
213	219	* Submit the form parameters for the page config to the DB.
214		~~- * Note: caller is responsible for basic permission checks.~~
215	220	*
216	221	* @return mixed (true on success, error string on failure)
217	222	*/
—	—	@@ -223,6 +228,10 @@
224	229	if ( $status !== true ) {
225	230	return $status; // cannot submit - broken params
226	231	}
	232	+ # Double-check permissions
	233	+ if ( !$this->isAllowed() ) {
	234	+ return 'stablize_denied';
	235	+ }
227	236	# Are we are going back to site defaults?
228	237	$reset = $this->newConfigIsReset();
229	238	# Parse and cleanup the expiry time given...
—	—	@@ -444,9 +453,12 @@
445	454	return 'stabilize_invalid_precedence'; // invalid precedence value
446	455	}
447	456	// Check autoreview restriction setting
448		~~- if ( !FlaggedRevs::userCanSetAutoreviewLevel( $this->autoreview ) ) {~~
	457	+ if ( !in_array( $this->autoreview, FlaggedRevs::getRestrictionLevels() ) ) {
449	458	return 'stabilize_invalid_autoreview'; // invalid value
450	459	}
	460	+ if ( !FlaggedRevs::userCanSetAutoreviewLevel( $this->autoreview ) ) {
	461	+ return 'stabilize_denied'; // invalid value
	462	+ }
451	463	return true;
452	464	}
453	465
—	—	@@ -543,10 +555,6 @@
544	556	$this->loadExpiry();
545	557	# Autoreview only when protecting currently unprotected pages
546	558	$this->reviewThis = ( FlaggedRevs::getProtectionLevel( $this->oldConfig ) == 'none' );
547		~~- # Check autoreview restriction setting~~
548		~~- if ( !FlaggedRevs::userCanSetAutoreviewLevel( $this->autoreview ) ) {~~
549		~~- return 'stabilize_invalid_level'; // invalid value~~
550		~~- }~~
551	559	# Autoreview restriction => use stable
552	560	# No autoreview restriction => site default
553	561	$this->override = ( $this->autoreview != '' )
—	—	@@ -560,6 +568,10 @@
561	569	if ( FlaggedRevs::getProtectionLevel( $newConfig ) == 'invalid' ) {
562	570	return 'stabilize_invalid_level'; // double-check configuration
563	571	}
	572	+ # Check autoreview restriction setting
	573	+ if ( !FlaggedRevs::userCanSetAutoreviewLevel( $this->autoreview ) ) {
	574	+ return 'stabilize_denied'; // invalid value
	575	+ }
564	576	return true;
565	577	}
566	578
Index: trunk/extensions/FlaggedRevs/specialpages/Stabilization_body.php
—	—	@@ -8,9 +8,12 @@
9	9	class Stabilization extends UnlistedSpecialPage
10	10	{
11	11	protected $form = null;
	12	+ protected $skin;
12	13
13	14	public function __construct() {
	15	+ global $wgUser;
14	16	parent::__construct( 'Stabilization', 'stablesettings' );
	17	+ $this->skin = $wgUser->getSkin();
15	18	}
16	19
17	20	public function execute( $par ) {
—	—	@@ -34,7 +37,6 @@
35	38	}
36	39	# Set page title
37	40	$this->setHeaders();
38		~~- $this->sk = $wgUser->getSkin();~~
39	41
40	42	$this->form = new PageStabilityGeneralForm();
41	43	$form = $this->form; // convenience
—	—	@@ -238,7 +240,7 @@
239	241	"<label for='wpReviewthis'>{$reviewLabel}</label>" .
240	242	'     ' .
241	243	Xml::check( 'wpWatchthis', $watchChecked, $watchAttribs ) .
242		~~- "<label for='wpWatchthis'" . $this->sk->tooltipAndAccesskey( 'watch' ) .~~
	244	+ "<label for='wpWatchthis'" . $this->skin->tooltipAndAccesskey( 'watch' ) .
243	245	">{$watchLabel}</label>" .
244	246	'</td>
245	247	</tr>
—	—	@@ -320,4 +322,4 @@
321	323	? array()
322	324	: array( 'disabled' => 'disabled' );
323	325	}
324		-}
	326	+}
\ No newline at end of file

Follow-up revisions

Revision	Commit summary	Author	Date
r66652	* Refactored review form class...	aaron	19:53, 19 May 2010

Status & tagging log

00:20, 14 September 2011 Meno25 (talk | contribs) changed the status of r66633 [removed: old added: deferred]
17:19, 23 December 2010 Reedy (talk | contribs) changed the status of r66633 [removed: new added: old]