From 3801a3cd288f01694e9953bd5fdc070e561078f7 Mon Sep 17 00:00:00 2001
From: Alexandre Emsenhuber <ialex@users.mediawiki.org>
Date: Sat, 5 Nov 2011 19:51:05 +0000
Subject: [PATCH] * Made OuputPage::showPermissionsErrorPage() show a different
 messages for 'read', 'edit', 'create' and 'upload' actions to saying "You
 need to log in to do this action" when 1) The user is not logged in 2) The
 only error is a permissions error (no block or something else) and 3) The
 error can simply be avoided by logging in * This replaces
 OuputPage::loginToUse() functionnality, made it simply throw a
 PermissionsEror exception and updated all calls in core * Same for the check
 in SpecialUpload::execute(), EditPage::userNotLoggedInPage() and
 EditPage::noCreatePermission() * Throw the same exception in
 EditPage::attemptSave() whether the user is logged in or not and let
 OuputPage::showPermissionsErrorPage() decide which message to display *
 Replaced call to deprecated OutputPage::blockedPage() in SpecialUpload *
 Displayed messages are the same as now, except the title is always
 "loginreqtitle" * 'nocreatetitle' and 'uploadnologin' messages are still used
 by extensions, so I kept them, but the message 'whitelistedittitle' is not
 used anymore and has been removed

---
 includes/Article.php                |  5 +-
 includes/EditPage.php               | 27 +++-------
 includes/OutputPage.php             | 83 +++++++++++++++++++++--------
 includes/Wiki.php                   |  2 +-
 includes/diff/DifferenceEngine.php  |  5 +-
 includes/specials/SpecialUpload.php | 13 +----
 languages/messages/MessagesEn.php   |  1 -
 maintenance/language/messages.inc   |  1 -
 8 files changed, 72 insertions(+), 65 deletions(-)

diff --git a/includes/Article.php b/includes/Article.php
index b4fa000f66..0f356610ce 100644
--- a/includes/Article.php
+++ b/includes/Article.php
@@ -479,11 +479,8 @@ class Article extends Page {
 					# Another whitelist check in case oldid is altering the title
 					if ( !$this->getTitle()->userCanRead() ) {
 						wfDebug( __METHOD__ . ": denied on secondary read check\n" );
-						$wgOut->loginToUse();
-						$wgOut->output();
-						$wgOut->disable();
 						wfProfileOut( __METHOD__ );
-						return;
+						throw new PermissionsError( 'read' );
 					}
 
 					# Are we looking at an old revision
diff --git a/includes/EditPage.php b/includes/EditPage.php
index efb2c5a7fa..d894e3b99c 100644
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -2257,21 +2257,11 @@ HTML
 
 	/**
 	 * Produce the stock "please login to edit pages" page
+	 *
+	 * @deprecated in 1.19; throw an exception directly instead
 	 */
 	function userNotLoggedInPage() {
-		global $wgOut;
-
-		$wgOut->prepareErrorPage( wfMessage( 'whitelistedittitle' ) );
-
-		$loginTitle = SpecialPage::getTitleFor( 'Userlogin' );
-		$loginLink = Linker::linkKnown(
-			$loginTitle,
-			wfMsgHtml( 'loginreqlink' ),
-			array(),
-			array( 'returnto' => $this->getContextTitle()->getPrefixedText() )
-		);
-		$wgOut->addHTML( wfMessage( 'whitelistedittext' )->rawParams( $loginLink )->parse() );
-		$wgOut->returnToMain( false, $this->getContextTitle() );
+		throw new PermissionsError( 'edit' );
 	}
 
 	/**
@@ -2281,7 +2271,8 @@ HTML
 	 * @deprecated in 1.19; throw an exception directly instead
 	 */
 	function noCreatePermission() {
-		throw new MWException( 'nocreatetitle', 'nocreatetext' );
+		$permission = $this->mTitle->isTalkPage() ? 'createtalk' : 'createpage';
+		throw new PermissionsError( $permission );
 	}
 
 	/**
@@ -2953,15 +2944,10 @@ HTML
 				throw new UserBlockedError( $wgUser->mBlock );
 
 			case self::AS_IMAGE_REDIRECT_ANON:
-				throw new ErrorPageError( 'uploadnologin', 'uploadnologintext' );
-
 			case self::AS_IMAGE_REDIRECT_LOGGED:
 				throw new PermissionsError( 'upload' );
 
 			case self::AS_READ_ONLY_PAGE_ANON:
-				$this->userNotLoggedInPage();
-				return false;
-
 			case self::AS_READ_ONLY_PAGE_LOGGED:
 				throw new PermissionsError( 'edit' );
 
@@ -2972,7 +2958,8 @@ HTML
 				throw new ThrottledError();
 
 			case self::AS_NO_CREATE_PERMISSION:
-				throw new MWException( 'nocreatetitle', 'nocreatetext' );
+				$permission = $this->mTitle->isTalkPage() ? 'createtalk' : 'createpage';
+				throw new PermissionsError( $permission );
 
 		}
 		return false;
diff --git a/includes/OutputPage.php b/includes/OutputPage.php
index d11d48339a..bad955c3b1 100644
--- a/includes/OutputPage.php
+++ b/includes/OutputPage.php
@@ -1979,9 +1979,64 @@ class OutputPage extends ContextSource {
 	 * @param $action String: action that was denied or null if unknown
 	 */
 	public function showPermissionsErrorPage( $errors, $action = null ) {
-		$this->prepareErrorPage( $this->msg( 'permissionserrors' ) );
+		global $wgGroupPermissions;
+
+		// For some action (read, edit, create and upload), display a "login to do this action"
+		// error if all of the following conditions are met:
+		// 1. the user is not logged in
+		// 2. the only error is insufficient permissions (i.e. no block or something else)
+		// 3. the error can be avoided simply by logging in
+		if ( in_array( $action, array( 'read', 'edit', 'createpage', 'createtalk', 'upload' ) )
+			&& $this->getUser()->isAnon() && count( $errors ) == 1 && isset( $errors[0][0] )
+			&& ( $errors[0][0] == 'badaccess-groups' || $errors[0][0] == 'badaccess-group0' )
+			&& ( ( isset( $wgGroupPermissions['user'][$action] ) && $wgGroupPermissions['user'][$action] )
+			|| ( isset( $wgGroupPermissions['autoconfirmed'][$action] ) && $wgGroupPermissions['autoconfirmed'][$action] ) )
+		) {
+			$displayReturnto = null;
+			$returnto = $this->getTitle();
+			if ( $action == 'edit' ) {
+				$msg = 'whitelistedittext';
+				$displayReturnto = $returnto;
+			} elseif ( $action == 'createpage' || $action == 'createtalk' ) {
+				$msg = 'nocreatetext';
+			} elseif ( $action == 'upload' ) {
+				$msg = 'uploadnologintext';
+			} else { # Read
+				$msg = 'loginreqpagetext';
+				$displayReturnto = Title::newMainPage();
+			}
 
-		$this->addWikiText( $this->formatPermissionsErrorMessage( $errors, $action ) );
+			$query = array();
+			if ( $returnto ) {
+				$query['returnto'] = $returnto->getPrefixedText();
+				$request = $this->getRequest();
+				if ( !$request->wasPosted() ) {
+					$returntoquery = $request->getValues();
+					unset( $returntoquery['title'] );
+					unset( $returntoquery['returnto'] );
+					unset( $returntoquery['returntoquery'] );
+					$query['returntoquery'] = wfArrayToCGI( $returntoquery );
+				}
+			}
+			$loginLink = Linker::linkKnown(
+				SpecialPage::getTitleFor( 'Userlogin' ),
+				$this->msg( 'loginreqlink' )->escaped(),
+				array(),
+				$query
+			);
+
+			$this->prepareErrorPage( $this->msg( 'loginreqtitle' ) );
+			$this->addHTML( $this->msg( $msg )->rawParams( $loginLink )->parse() );
+
+			# Don't return to a page the user can't read otherwise
+			# we'll end up in a pointless loop
+			if ( $displayReturnto && $displayReturnto->userCanRead() ) {
+				$this->returnToMain( null, $displayReturnto );
+			}
+		} else {
+			$this->prepareErrorPage( $this->msg( 'permissionserrors' ) );
+			$this->addWikiText( $this->formatPermissionsErrorMessage( $errors, $action ) );
+		}
 	}
 
 	/**
@@ -2008,29 +2063,11 @@ class OutputPage extends ContextSource {
 
 	/**
 	 * Produce the stock "please login to use the wiki" page
+	 *
+	 * @deprecated in 1.19; throw the exception directly
 	 */
 	public function loginToUse() {
-		if( $this->getUser()->isLoggedIn() ) {
-			throw new PermissionsError( 'read' );
-		}
-
-		$this->prepareErrorPage( $this->msg( 'loginreqtitle' ), $this->msg( 'errorpagetitle' ) );
-
-		$loginLink = Linker::linkKnown(
-			SpecialPage::getTitleFor( 'Userlogin' ),
-			$this->msg( 'loginreqlink' )->escaped(),
-			array(),
-			array( 'returnto' => $this->getTitle()->getPrefixedText() )
-		);
-		$this->addHTML( $this->msg( 'loginreqpagetext' )->rawParams( $loginLink )->parse() .
-			"\n<!--" . $this->getTitle()->getPrefixedUrl() . '-->' );
-
-		# Don't return to the main page if the user can't read it
-		# otherwise we'll end up in a pointless loop
-		$mainPage = Title::newMainPage();
-		if( $mainPage->userCanRead() ) {
-			$this->returnToMain( null, $mainPage );
-		}
+		throw new PermissionsError( 'read' );
 	}
 
 	/**
diff --git a/includes/Wiki.php b/includes/Wiki.php
index ddc7f20e8e..d1dee6ab37 100644
--- a/includes/Wiki.php
+++ b/includes/Wiki.php
@@ -161,7 +161,7 @@ class MediaWiki {
 		// the Read array in order for the user to see it. (We have to check here to
 		// catch special pages etc. We check again in Article::view())
 		} elseif ( !$title->userCanRead() ) {
-			$output->loginToUse();
+			throw new PermissionsError( 'read' );
 		// Interwiki redirects
 		} elseif ( $title->getInterwiki() != '' ) {
 			$rdfrom = $request->getVal( 'rdfrom' );
diff --git a/includes/diff/DifferenceEngine.php b/includes/diff/DifferenceEngine.php
index bb2f4f3dd4..574e285b40 100644
--- a/includes/diff/DifferenceEngine.php
+++ b/includes/diff/DifferenceEngine.php
@@ -196,11 +196,8 @@ class DifferenceEngine {
 
 		# mOldPage might not be set, see below.
 		if ( !$this->mNewPage->userCanRead() || ( $this->mOldPage && !$this->mOldPage->userCanRead() ) ) {
-			$wgOut->loginToUse();
-			$wgOut->output();
-			$wgOut->disable();
 			wfProfileOut( __METHOD__ );
-			return;
+			throw new PermissionsError( 'read' );
 		}
 
 		# If external diffs are enabled both globally and for the user,
diff --git a/includes/specials/SpecialUpload.php b/includes/specials/SpecialUpload.php
index 0dc37c17d2..906ac2c811 100644
--- a/includes/specials/SpecialUpload.php
+++ b/includes/specials/SpecialUpload.php
@@ -140,8 +140,6 @@ class SpecialUpload extends SpecialPage {
 	 * Special page entry point
 	 */
 	public function execute( $par ) {
-		global $wgGroupPermissions;
-
 		$this->setHeaders();
 		$this->outputHeader();
 
@@ -154,19 +152,12 @@ class SpecialUpload extends SpecialPage {
 		$user = $this->getUser();
 		$permissionRequired = UploadBase::isAllowed( $user );
 		if( $permissionRequired !== true ) {
-			if( !$user->isLoggedIn() && ( $wgGroupPermissions['user']['upload']
-				|| $wgGroupPermissions['autoconfirmed']['upload'] ) ) {
-				// Custom message if logged-in users without any special rights can upload
-				throw new ErrorPageError( 'uploadnologin', 'uploadnologintext' );
-			} else {
-				throw new PermissionsError( $permissionRequired );
-			}
+			throw new PermissionsError( $permissionRequired );
 		}
 
 		# Check blocks
 		if( $user->isBlocked() ) {
-			$this->getOutput()->blockedPage();
-			return;
+			throw new UserBlockedError( $user->mBlock );
 		}
 
 		# Check whether we actually want to allow changing stuff
diff --git a/languages/messages/MessagesEn.php b/languages/messages/MessagesEn.php
index 03b1687712..766de9eff6 100644
--- a/languages/messages/MessagesEn.php
+++ b/languages/messages/MessagesEn.php
@@ -1298,7 +1298,6 @@ Note that you may not use the "e-mail this user" feature unless you have a valid
 Your current IP address is $3, and the block ID is #$5.
 Please include all above details in any queries you make.',
 'blockednoreason'                  => 'no reason given',
-'whitelistedittitle'               => 'Login required to edit',
 'whitelistedittext'                => 'You have to $1 to edit pages.',
 'confirmedittext'                  => 'You must confirm your e-mail address before editing pages.
 Please set and validate your e-mail address through your [[Special:Preferences|user preferences]].',
diff --git a/maintenance/language/messages.inc b/maintenance/language/messages.inc
index a8e6e01c47..40aed2d87a 100644
--- a/maintenance/language/messages.inc
+++ b/maintenance/language/messages.inc
@@ -588,7 +588,6 @@ $wgMessageStructure = array(
 		'blockedtext',
 		'autoblockedtext',
 		'blockednoreason',
-		'whitelistedittitle',
 		'whitelistedittext',
 		'confirmedittext',
 		'nosuchsectiontitle',
-- 
2.20.1