From: Aaron Schulz Date: Wed, 14 Mar 2007 19:37:56 +0000 (+0000) Subject: *Do not cascade unless each protection type is set to a group that can "protect"... X-Git-Tag: 1.31.0-rc.0~53731 X-Git-Url: http://git.cyclocoop.org/%22%20.%20generer_url_ecrire%28%22articles_versions%22%2C%22id_article=%24id_article%22%29%20.%20%22?a=commitdiff_plain;h=be7409947a46537d6b4aa609a831effde9b50acf;p=lhc%2Fweb%2Fwiklou.git *Do not cascade unless each protection type is set to a group that can "protect" (bug 8796) --- diff --git a/includes/Article.php b/includes/Article.php index e5a04e86e1..2ffc3be292 100644 --- a/includes/Article.php +++ b/includes/Article.php @@ -1652,7 +1652,7 @@ class Article { * @return bool true on success */ function updateRestrictions( $limit = array(), $reason = '', $cascade = 0, $expiry = null ) { - global $wgUser, $wgRestrictionTypes, $wgContLang; + global $wgUser, $wgRestrictionTypes, $wgContLang, $wgGroupPermissions; $id = $this->mTitle->getArticleID(); if( !$wgUser->isAllowed( 'protect' ) || wfReadOnly() || $id == 0 ) { @@ -1707,6 +1707,11 @@ class Article { $nullRevision = Revision::newNullRevision( $dbw, $id, $comment, true ); $nullRevId = $nullRevision->insertOn( $dbw ); + foreach( $limit as $action => $restrictions ) { + # Check if the group level required to edit also can protect pages + # Otherwise, people who cannot normally protect can "protect" pages via transclusion + $cascade = ( $cascade && isset($wgGroupPermissions[$restrictions]) && $wgGroupPermissions[$restrictions]['protect'] ); + } # Update restrictions table foreach( $limit as $action => $restrictions ) { if ($restrictions != '' ) {