From: kaldari <rkaldari@wikimedia.org>
Date: Fri, 12 Dec 2014 22:24:54 +0000 (-0800)
Subject: Explaining why user groups are sometimes returned by getRestrictions
X-Git-Tag: 1.31.0-rc.0~12962^2
X-Git-Url: http://git.cyclocoop.org/%22.%24image2.%22?a=commitdiff_plain;h=bdaca5751dd92d5fa1527e12a787cc7da8585226;p=lhc%2Fweb%2Fwiklou.git

Explaining why user groups are sometimes returned by getRestrictions

Title::getRestrictions is assumed to return user rights, but in most
real contexts it actually returns user groups. This is super
confusing and has caused serious permission bugs. Adding an
explanation to the function comments.

Change-Id: I58013ba5e553d1feecacf6bfef066e1569fcc236
---

diff --git a/includes/Title.php b/includes/Title.php
index cfdba5de12..4b60bcb6e4 100644
--- a/includes/Title.php
+++ b/includes/Title.php
@@ -2812,8 +2812,10 @@ class Title {
 	 * Accessor/initialisation for mRestrictions
 	 *
 	 * @param string $action Action that permission needs to be checked for
-	 * @return array Restriction levels needed to take the action. All levels
-	 *     are required.
+	 * @return array Restriction levels needed to take the action. All levels are
+	 *     required. Note that restriction levels are normally user rights, but 'sysop'
+	 *     and 'autoconfirmed' are also allowed for backwards compatibility. These should
+	 *     be mapped to 'editprotected' and 'editsemiprotected' respectively.
 	 */
 	public function getRestrictions( $action ) {
 		if ( !$this->mRestrictionsLoaded ) {