r85076 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r85075‎ \| r85076 \| r85077 >
Date:	18:22, 31 March 2011
Author:	platonides
Status:	ok
Tags:
Comment:	Merge r85075 from 1.17 branch (r85005 on trunk).
Modified paths:	/branches/REL1_16/phase3/RELEASE-NOTES (modified) (history) /branches/REL1_16/phase3/includes/specials/SpecialImport.php (modified) (history)

Diff [purge]

Index: branches/REL1_16/phase3/includes/specials/SpecialImport.php
—	—	@@ -45,7 +45,7 @@
46	46	* Execute
47	47	*/
48	48	function execute( $par ) {
49		~~- global $wgRequest;~~
	49	+ global $wgRequest, $wgUser, $wgOut;
50	50
51	51	$this->setHeaders();
52	52	$this->outputHeader();
—	—	@@ -56,6 +56,21 @@
57	57	return;
58	58	}
59	59
	60	+ if( !$wgUser->isAllowed( 'import' ) && !$wgUser->isAllowed( 'importupload' ) )
	61	+ return $wgOut->permissionRequired( 'import' );
	62	+
	63	+ # TODO: allow Title::getUserPermissionsErrors() to take an array
	64	+ # FIXME: Title::checkSpecialsAndNSPermissions() has a very wierd expectation of what
	65	+ # getUserPermissionsErrors() might actually be used for, hence the 'ns-specialprotected'
	66	+ $errors = wfMergeErrorArrays(
	67	+ $this->getTitle()->getUserPermissionsErrors( 'import', $wgUser, true, array( 'ns-specialprotected' ) ),
	68	+ $this->getTitle()->getUserPermissionsErrors( 'importupload', $wgUser, true, array( 'ns-specialprotected' ) )
	69	+ );
	70	+ if( $errors ){
	71	+ $wgOut->showPermissionsErrorPage( $errors );
	72	+ return;
	73	+ }
	74	+
60	75	if ( $wgRequest->wasPosted() && $wgRequest->getVal( 'action' ) == 'submit' ) {
61	76	$this->doImport();
62	77	}
—	—	@@ -133,8 +148,6 @@
134	149
135	150	private function showForm() {
136	151	global $wgUser, $wgOut, $wgRequest, $wgImportSources, $wgExportMaxLinkDepth;
137		~~- if( !$wgUser->isAllowed( 'import' ) && !$wgUser->isAllowed( 'importupload' ) )~~
138		~~- return $wgOut->permissionRequired( 'import' );~~
139	152
140	153	$action = $this->getTitle()->getLocalUrl( array( 'action' => 'submit' ) );
141	154
Index: branches/REL1_16/phase3/RELEASE-NOTES
—	—	@@ -44,6 +44,11 @@
45	45	you have the DBA extension for PHP installed, this will improve performance
46	46	further.
47	47
	48	+== Changes since 1.16.2 ==
	49	+* (bug 15641) Fixed permissions checks in Special:Import which allowed users
	50	+ without the 'import' permission to import pages from the configured import
	51	+ sources.
	52	+
48	53	== Changes since 1.16.1 ==
49	54
50	55	* (bug 26642) Fixed incorrect translated namespace due to a regression in the
Property changes on: branches/REL1_16/phase3/RELEASE-NOTES
___________________________________________________________________
Added: svn:mergeinfo
51	56	Merged /trunk/phase3/RELEASE-NOTES:r85006

Follow-up revisions

Revision	Commit summary	Author	Date
r85855	* Updates for release of 1.16.3...	tstarling	01:40, 12 April 2011

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r85005	(bug 15641) tweak Title::checkUserBlock() so that Title::getUserPermissionsEr...	happy-melon	12:53, 30 March 2011
r85075	MFT r85005 & r85006...	platonides	18:06, 31 March 2011

Status & tagging log

20:53, 15 April 2011 😂 (talk | contribs) changed the status of r85076 [removed: new added: ok]