Previously it would affect all actions that use Title::userCan.
This used to be less noticable, but recently was expanded to include
the 'read' action. This only affected the case where both
$wgBlockDisablesLogin and $wgEmailConfirmedToEdit were enabled.
I don't think anyone was relying on the old behaviour as it was
undocumented, and only affected obscure permissions (checked with
Title::userCan and not depending on "edit" rights)
Follow-up b675be2083
Bug: T143790
Change-Id: I4ad93ed78de4f1ed444f73df6dc26d405a67e553
Also recognise MediaWiki: JSON pages (with the existing protection of
the editinterface right).
Bug: T76554
Change-Id: Idba166d82ee6dd507d7345c9bdbefc8ca78ed7b4
Blocks made for configured proxies, dnsbls, or the configured range
soft-blocks being added in I6c11a6b9 aren't real blocks stored in the
database. Let's actually flag these blocks as such and use a more
appropriate message when displaying them to the user.
Change-Id: I697e3eec2520792e98c193200c2b1c28c35bf382
This doesn't make sense because 'editcascadeprotected'
effectively gives you 'protect' rights.
Furthermore, no actual usecase was provided except for a testwiki.
This reverts commit da3464bada.
Change-Id: I655c1af8f418369c9551db86f24fb6b66c25afdd
Currently, both permissions are summarised in the protect permission. This is
unadvantageous for wikis that want to split this permission, for example for the
main page: They don't want protection changes by non-sysop users there, but on
transcluded pages some less privileged users are allowed to edit. Currently,
it is impossible to divide these permissions in a clean way (they can add a hack
depnding on action parameter in LocalSettings.php right now). Furthermore, an
additional permission is no pain, because by default it is handled the same as
protect until now.
Note that for sakes of backwards compability I decided to handle editcascadeprotected
as a subset of protect instead of removing all permissions to edit cascadeprotected
pages (and change the cascade protection state of a page) for users who only have got
the protect permission. Furthermore a different model would raise some strange questions
about the behaivour of the protection form for users with protect, but no editcascadeprotected.
Bug: T101309
Change-Id: I0734d6c26e75d7d7c01cf9750ad0315dd2c85bef
Removed redundant set up in these classes (same as their paren
class MediaWikiLangTestCase does already).
* BlockTest
* ExportTest
* MWTimestampTest
* TitlePermissionTest
Change-Id: I28d18cb797bb249981727b02dffce4f0d8682b02
If we really need this we can do it in MediaWikiTestCase, next
to the setting of wgMainCacheType. But from what I can see the
code being tested here already doesn't use the old $wgMemc.
Change-Id: I9e4b2109b2f3c18d8d5551bbadae5711c1d4c0a6
Block::__construct now accepts an array of options instead of a myriad
of optional parameters.
Also add a test for the old constructor.
Change-Id: I6ccd4df569ab49ad841a1ad591e23cafb1715841
There's a bunch of stuff that probably only works because the database
representation of infinity is actually 'infinity' on all databases
besides Oracle, and Oracle in general isn't maintained.
Generally, we should probably use 'infinity' everywhere except where
directly dealing with the database.
* Many extension callers of Language::formatExpiry() with $format !==
true are assuming it'll return 'infinity', none are checking for
$db->getInfinity().
* And Language::formatExpiry() would choke if passed 'infinity', despite
callers doing this.
* And Language::formatExpiry() could be more useful for the API if we
can override the string returned for infinity.
* As for core, Title is using Language::formatExpiry() with TS_MW which
is going to be changing anyway. Extension callers mostly don't exist.
* Block already normalizes its mExpiry field (and ->getExpiry()),
but some stuff is comparing it with $db->getInfinity() anyway. A few
external users set mExpiry to $db->getInfinity(), but this is mostly
because SpecialBlock::parseExpiryInput() returns $db->getInfinity()
while most callers (including all extensions) are assuming 'infinity'.
* And for that matter, Block should use $db->decodeExpiry() instead of
manually doing it, once we make that safe to call with 'infinity' for
all the extensions passing $db->getInfinity() to Block's contructor.
* WikiPage::doUpdateRestrictions() and some of its callers are using
$db->getInfinity(), when all the inserts using that value are using
$db->encodeExpiry() which will convert 'infinity'.
This also cleans up a slave-lag issue I noticed in ApiBlock while
testing.
Bug: T92550
Change-Id: I5eb68c1fb6029da8289276ecf7c81330575029ef
* Refactored getUserPermissionsErrors "expensive" checks flag to be
a bit more general.
bug: T51419
Change-Id: Ic1882aa2957eed2b978761b5fc34ea9bdd8981b5
* AbortMove hook is removed in favor of two more specificly focused
hooks: MovePageCheckPermissions and MovePageIsValidMove.
** MovePageIsValidMove is for extensions to specify whether a page
cannot be moved for technical reasons, and should not be
overridden.
** MovePageCheckPermissions is for checking whether the given user
is allowed to make the move.
* Title::moveNoAuth() deprecated
* Title::moveTo() deprecated
* Title::isValidMoveOperation() broken down into
MovePage::isValidMove() and MovePage::checkPermissions().
* Title::getTitleProtection() is now public, and returns
unprefixed fields
Change-Id: Ic5026384b92a0d68d628397ffe1de6e5b6183f02
This test fails on non-English MediaWiki setups. Yes, the solution
looks kind of hackish, but a proper solution would require major
refactoring of a lot of core classes. Please let us introduce this
quick fix for now.
Change-Id: I0e4fdaca5e7f844f45a2c41572e2e839640714b6
In permission error messages that can be displayed for multiple actions,
add a parameter indicating which action was attempted. This allows
fixing confusing messages such as "You can't edit this page" when a user
tries to move a page that they can edit but not move.
Bug: 40145
Change-Id: Ib4b75d8b1e0db96fe8a58f7343b0b2811fd19682
It has long been recognized that using the 'protect' right to control
the ability to edit sysop-protected pages is troublesome. r31247 fixed
this by adding an 'editprotected' right, but for some reason in r32164
this was changed to bypass protection completely instead of fixing the
bug identified in r31462.
This patch goes back to do it the right way: editprotected no longer
bypasses all protection, and it is used instead of 'protect' for
controlling access to sysop-protected pages. For good measure, the same
is done with autoconfirmed protection (semiprotection): a new
editsemiprotected right is created instead of overloading the
existing autoconfirmed right.
This also fixes bug 27152 by making editprotected no longer special.
Bug: 13137
Bug: 27152
Change-Id: I6bf650a3fbdab8589ae6945c8c916eafd949e41c
This should allow the usernames of administrators such as "7"
to show correctly on permissions error pages.
I extracted the working code from UserBlockedError::__construct
into a separate method Block::getPermissionsError, called from
both places with context provided as an argument.
Additional changes to get the test suite to pass are included.
Bug: 46768
Change-Id: I49d973992a99e03b4e8de112b47b737037a85338
The permission checks in Title will automatically fail
any check against a special page, except for read, execute
and createaccount. However, execute is not a right. It
is not mentioned in any other MW file (or extension for
that matter). It is neither in the list of core user
rights in User.php, nor does it have a system msg
If someone wants to check if they can
run a special page, they should be doing a 'read'
check.
Note: The check in question was added in bc23aede55 back in 2008
I'm unsure if it is better to just leave it alone, or remove it.
However, its presence could cause some confusion, hence this
commit. Additionally I was unsure if this justified a release
notes entry.
Change-Id: I9cf2b0424b9cb189ac122b8274ec681302f560f7
Setting $wgContLang without changing $wgLanguageCode accordingly is a
very bad idea.
This caused about 20 exceptions when using LanguageCode set to 'fr'
on my installation:
"MWException: Error in MediaWikiLangTestCase::setUp(): $wgLanguageCode
('fr') is different from $wgContLang->getCode() (en)"
Follow-up of I2987db68 (2b0edc8).
Change-Id: I56d3f1bfc78d6a2e40460533524e82f360490206
Several core tests fail if there is non-wikitext content in the main namespace.
This change fixes SearchEngineTest and TitlePermissionTest for this case.
More fixes are to come.
Change-Id: I6a19b568c5700bc8584689de8f33e4b0b6ffc277
This commit depends on the introduction of
MediaWikiTestCase::setMwGlobals in change Iccf6ea81f4.
Various tests already set their globals, but forgot to restore
them afterwards, or forgot to call the parent setUp, tearDown...
Either way they won't have to anymore with setMwGlobals.
Consistent use of function characteristics:
* protected function setUp
* protected function tearDown
* public static function (provide..)
(Matching the function signature with PHPUnit/Framework/TestCase.php)
Replaces:
* public function (setUp|tearDown)\(
* protected function $1(
* \tfunction (setUp|tearDown)\(
* \tprotected function $1(
* \tfunction (data|provide)\(
* \tpublic static function $1\(
Also renamed a few "data#", "provider#" and "provides#" functions
to "provide#" for consistency. This also removes confusion where
the /media tests had a few private methods called dataFile(),
which were sometimes expected to be data providers.
Fixes:
TimestampTest often failed due to a previous test setting a
different language (it tests "1 hour ago" so need to make sure
it is set to English).
MWNamespaceTest became a lot cleaner now that it executes with
a known context. Though the now-redundant code that was removed
didn't work anyway because wgContentNamespaces isn't keyed by
namespace id, it had them was values...
FileBackendTest:
* Fixed: "PHP Fatal: Using $this when not in object context"
HttpTest
* Added comment about:
"PHP Fatal: Call to protected MWHttpRequest::__construct()"
(too much unrelated code to fix in this commit)
ExternalStoreTest
* Add an assertTrue as well, without it the test is useless
because regardless of whether wgExternalStores is true or false
it only uses it if it is an array.
Change-Id: I9d2b148e57bada64afeb7d5a99bec0e58f8e1561
This is the wrong configuration format for such a feature, and the wrong interface. We already have certain per-namespace permissions in the Title class, and we didn't need to add extra formal parameters to a whole lot of User methods in order to get them. The feature should be implemented wholly in Title, and the concept of user rights should remain relatively simple and easy to understand, and independent of its many applications, i.e. a user either has a right or doesn't. Rights are just a tool for developing access policies; the complexity should be in the caller.
The revert was mostly done by hand, since there were a lot of conflicts. I tried to preserve the gist of conflicting changes in r102187 and r102873. The test changes are not simple reverts, rather I just edited out the per-namespace tests. I reverted the followups r92589 and r104310.
* User::getRights(), User::isAllowed() and User::getGroupPermissions now optionally accept a namespace parameter. If not set, it will check whether the user has the right for all namespaces.
* Anything that uses Title::getUserPermissionsErrorsInternal() automatically supports per-namespace permissions. This includes Title::getUserPermissionsErrors and Title::(quick)UserCan.
* Fix tests that set User::mRights
The next step would be to change all User::isAllowed() to Title::quickUserCan or pass the namespace to User::isAllowed().
