From 7e0fcad32b9e5c83f8be1e84a81c24b7eae37a77 Mon Sep 17 00:00:00 2001
From: Michael Dale <dale@users.mediawiki.org>
Date: Wed, 28 Oct 2009 03:38:23 +0000
Subject: [PATCH] ( bug 21320 ) adds early checks for wgAllowCopyUpload and
 'upload_by_url' permission so that web server does not make extra requests.

---
 includes/api/ApiUpload.php | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/includes/api/ApiUpload.php b/includes/api/ApiUpload.php
index c421e47c00..97da929108 100644
--- a/includes/api/ApiUpload.php
+++ b/includes/api/ApiUpload.php
@@ -38,7 +38,7 @@ class ApiUpload extends ApiBase {
 	}
 
 	public function execute() {
-		global $wgUser;
+		global $wgUser, $wgAllowCopyUploads;
 
 		$this->getMain()->isWriteMode();
 		$this->mParams = $this->extractRequestParams();
@@ -133,6 +133,15 @@ class ApiUpload extends ApiBase {
 					$request->getFileSize( 'file' )
 				);
 			} elseif ( isset( $this->mParams['url'] ) ) {
+				//make sure upload by url is enabled: 
+				if( !$wgAllowCopyUploads )
+					$this->dieUsageMsg( array( 'uploaddisabled' ) );
+				
+				//make sure the current user can upload
+				if(! $wgUser->isAllowed('upload_by_url') )
+					$this->dieUsageMsg( array( 'badaccess-groups' ) );
+					
+				
 				$this->mUpload = new UploadFromUrl();
 				$this->mUpload->initialize( $this->mParams['filename'],
 						$this->mParams['url'], $this->mParams['asyncdownload'] );
-- 
2.20.1