From f0160a83a57180d235395a9ce3655639c95a99df Mon Sep 17 00:00:00 2001 From: Andrew Garrett Date: Fri, 3 Aug 2007 09:27:28 +0000 Subject: [PATCH] Use the new userCan changes to display better, clearer error messages when a permissions error is encountered. --- RELEASE-NOTES | 1 + includes/EditPage.php | 72 ++++++++++++++--------------------------- includes/OutputPage.php | 41 ++++++++++++++++------- includes/Title.php | 9 +++++- 4 files changed, 63 insertions(+), 60 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 1e1370806e..a55bb73782 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -161,6 +161,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN * (bug 10701) Link to Special:Listusers in default Special:Statistics messages * Improved file history presentation * (bug 10739) Users can now enter comments when reverting files +* Improved handling of permissions errors. == Bugfixes since 1.10 == diff --git a/includes/EditPage.php b/includes/EditPage.php index 7a2a498146..a8db8bcc03 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -319,57 +319,35 @@ class EditPage { return; } - if ( ! $this->mTitle->userCan( 'edit' ) ) { - wfDebug( "$fname: user can't edit\n" ); - $wgOut->readOnlyPage( $this->getContent(), true ); - wfProfileOut( $fname ); - return; - } - wfDebug( "$fname: Checking blocks\n" ); - if ( !$this->preview && !$this->diff && $wgUser->isBlockedFrom( $this->mTitle, !$this->save ) ) { - # When previewing, don't check blocked state - will get caught at save time. - # Also, check when starting edition is done against slave to improve performance. - wfDebug( "$fname: user is blocked\n" ); - $this->blockedPage(); - wfProfileOut( $fname ); - return; - } - if ( !$wgUser->isAllowed('edit') ) { - if ( $wgUser->isAnon() ) { - wfDebug( "$fname: user must log in\n" ); - $this->userNotLoggedInPage(); - wfProfileOut( $fname ); - return; - } else { - wfDebug( "$fname: read-only page\n" ); - $wgOut->readOnlyPage( $this->getContent(), true ); - wfProfileOut( $fname ); - return; + $permErrors = $this->mTitle->getUserPermissionsErrors( 'edit', $wgUser); + + # Ignore some permissions errors. + $remove = array(); + foreach( $permErrors as $error ) { + if ($this->preview || $this->diff && + ($error[0] == 'blockedtext' || $error[0] == 'autoblockedtext')) + { + // Don't worry about blocks when previewing/diffing + $remove[] = $error; + } + + if ($error[0] == 'readonlytext') + { + if ($this->edit) + $this->formtype = 'preview'; + else if ($this->save || $this->preview || $this->diff) + $remove[] = $error; } } - if ($wgEmailConfirmToEdit && !$wgUser->isEmailConfirmed()) { - wfDebug("$fname: user must confirm e-mail address\n"); - $this->userNotConfirmedPage(); - wfProfileOut($fname); - return; - } - if ( !$this->mTitle->userCan( 'create' ) && !$this->mTitle->exists() ) { - wfDebug( "$fname: no create permission\n" ); - $this->noCreatePermission(); + # array_diff returns elements in $permErrors that are not in $remove. + $permErrors = array_diff( $permErrors, $remove ); + + if ($permErrors != array()) + { + wfDebug( "$fname: User can't edit\n" ); + $wgOut->readOnlyPage( $this->getContent(), true, $permErrors ); wfProfileOut( $fname ); return; - } - if ( wfReadOnly() ) { - wfDebug( "$fname: read-only mode is engaged\n" ); - if( $this->save || $this->preview ) { - $this->formtype = 'preview'; - } else if ( $this->diff ) { - $this->formtype = 'diff'; - } else { - $wgOut->readOnlyPage( $this->getContent() ); - wfProfileOut( $fname ); - return; - } } else { if ( $this->save ) { $this->formtype = 'save'; diff --git a/includes/OutputPage.php b/includes/OutputPage.php index 02cbd417a4..ee53f93ba6 100644 --- a/includes/OutputPage.php +++ b/includes/OutputPage.php @@ -831,16 +831,7 @@ class OutputPage { $this->mBodytext = ''; $this->addWikiText( wfMsg('permissionserrorstext') ); - $this->addHtml( '' ); - + $this->addWikitext( $this->formatPermissionsErrorMessage( $errors ) ); } /** @deprecated */ @@ -958,19 +949,45 @@ class OutputPage { throw new MWException( "OutputPage::databaseError is obsolete\n" ); } + /** + * @param array $errors An array returned by Title::getUserPermissionsErrors + * @return string The error-messages, formatted into a list. + */ + public function formatPermissionsErrorMessage( $errors ) { + $text = ''; + + $text .= wfMsg('permissionserrorstext')."\n"; + $text .= ''; + + return $text; + } + /** * @todo document * @param bool $protected Is the reason the page can't be reached because it's protected? * @param mixed $source */ - public function readOnlyPage( $source = null, $protected = false ) { + public function readOnlyPage( $source = null, $protected = false, $reasons = array() ) { global $wgUser, $wgReadOnlyFile, $wgReadOnly, $wgTitle; $skin = $wgUser->getSkin(); $this->setRobotpolicy( 'noindex,nofollow' ); $this->setArticleRelated( false ); - if( $protected ) { + if ($reasons != array()) { + $this->setPageTitle( wfMsg( 'viewsource' ) ); + $this->setSubtitle( wfMsg( 'viewsourcefor', $skin->makeKnownLinkObj( $wgTitle ) ) ); + + $this->addWikiText( $this->formatPermissionsErrorMessage( $reasons ) ); + } else if( $protected ) { $this->setPageTitle( wfMsg( 'viewsource' ) ); $this->setSubtitle( wfMsg( 'viewsourcefor', $skin->makeKnownLinkObj( $wgTitle ) ) ); list( $cascadeSources, /* $restrictions */ ) = $wgTitle->getCascadeProtectionSources(); diff --git a/includes/Title.php b/includes/Title.php index 028df68495..2d4828c63f 100644 --- a/includes/Title.php +++ b/includes/Title.php @@ -1006,7 +1006,7 @@ class Title { } return false; } - + /** * Can $wgUser perform $action on this page? * @param string $action action that permission needs to be checked for @@ -1034,6 +1034,13 @@ class Title { $errors[] = array( 'readonlytext' ); } + global $wgEmailConfirmToEdit; + + if ( $wgEmailConfirmToEdit && !$wgUser->isEmailConfirmed() ) + { + $errors[] = array( 'confirmedittext' ); + } + if ( $user->isBlockedFrom( $this ) ) { $block = $user->mBlock; -- 2.20.1