From 44ff769519fb945f31e6674e80b395cbe37617fb Mon Sep 17 00:00:00 2001 From: Aaron Schulz Date: Wed, 26 Oct 2011 06:22:25 +0000 Subject: [PATCH] Split out checkExecutePermissions() function from userCanExecute() in FormSpecialPage. The former handles actual execute() calls and throws exceptions, the later inherits its purpose from SpecialPage. It just checks the page restriction to see if a user generally *could* execute. This avoids the breakage that came up in r100723 where Special:SpecialPages was throwing permission errors due to the getUsablePages() call. --- includes/SpecialPage.php | 14 ++++++-------- includes/specials/SpecialLockdb.php | 6 +++--- includes/specials/SpecialPasswordReset.php | 6 +++++- includes/specials/SpecialUnlockdb.php | 6 +++--- 4 files changed, 17 insertions(+), 15 deletions(-) diff --git a/includes/SpecialPage.php b/includes/SpecialPage.php index 7548200baa..badbcf7676 100644 --- a/includes/SpecialPage.php +++ b/includes/SpecialPage.php @@ -786,7 +786,7 @@ abstract class FormSpecialPage extends SpecialPage { $this->setHeaders(); // This will throw exceptions if there's a problem - $this->userCanExecute( $this->getUser() ); + $this->checkExecutePermissions( $this->getUser() ); $form = $this->getForm(); if ( $form->show() ) { @@ -801,20 +801,18 @@ abstract class FormSpecialPage extends SpecialPage { protected function setParameter( $par ){} /** - * Checks if the given user (identified by an object) can perform this action. Can be - * overridden by sub-classes with more complicated permissions schemes. Failures here - * must throw subclasses of ErrorPageError - * - * @param $user User: the user to check, or null to use the context user + * Called from execute() to check if the given user can perform this action. + * Failures here must throw subclasses of ErrorPageError. + * @param $user User * @return Bool true * @throws ErrorPageError */ - public function userCanExecute( User $user ) { + protected function checkExecutePermissions( User $user ) { if ( $this->requiresWrite() && wfReadOnly() ) { throw new ReadOnlyError(); } - if ( $this->getRestriction() !== null && !$user->isAllowed( $this->getRestriction() ) ) { + if ( !$this->userCanExecute( $this->getUser() ) ) { throw new PermissionsError( $this->getRestriction() ); } diff --git a/includes/specials/SpecialLockdb.php b/includes/specials/SpecialLockdb.php index 9dec018e34..53fddc4f10 100644 --- a/includes/specials/SpecialLockdb.php +++ b/includes/specials/SpecialLockdb.php @@ -37,11 +37,11 @@ class SpecialLockdb extends FormSpecialPage { return false; } - public function userCanExecute( User $user ) { - parent::userCanExecute( $user ); + public function checkExecutePermissions( User $user ) { + global $wgReadOnlyFile; + parent::checkExecutePermissions( $user ); # If the lock file isn't writable, we can do sweet bugger all - global $wgReadOnlyFile; if ( !is_writable( dirname( $wgReadOnlyFile ) ) ) { throw new ErrorPageError( 'lockdb', 'lockfilenotwritable' ); } diff --git a/includes/specials/SpecialPasswordReset.php b/includes/specials/SpecialPasswordReset.php index b07ef80f70..40cb95688e 100644 --- a/includes/specials/SpecialPasswordReset.php +++ b/includes/specials/SpecialPasswordReset.php @@ -43,6 +43,10 @@ class SpecialPasswordReset extends FormSpecialPage { } public function userCanExecute( User $user ) { + return $this->canChangePassword( $user ) === true && parent::userCanExecute( $user ); + } + + public function checkExecutePermissions( User $user ) { $error = $this->canChangePassword( $user ); if ( is_string( $error ) ) { throw new ErrorPageError( 'internalerror', $error ); @@ -50,7 +54,7 @@ class SpecialPasswordReset extends FormSpecialPage { throw new ErrorPageError( 'internalerror', 'resetpass_forbidden' ); } - return parent::userCanExecute( $user ); + return parent::checkExecutePermissions( $user ); } protected function getFormFields() { diff --git a/includes/specials/SpecialUnlockdb.php b/includes/specials/SpecialUnlockdb.php index 115e617287..d3da785458 100644 --- a/includes/specials/SpecialUnlockdb.php +++ b/includes/specials/SpecialUnlockdb.php @@ -36,11 +36,11 @@ class SpecialUnlockdb extends FormSpecialPage { return false; } - public function userCanExecute( User $user ) { - parent::userCanExecute( $user ); + public function checkExecutePermissions( User $user ) { + global $wgReadOnlyFile; + parent::checkExecutePermissions( $user ); # If the lock file isn't writable, we can do sweet bugger all - global $wgReadOnlyFile; if ( !file_exists( $wgReadOnlyFile ) ) { throw new ErrorPageError( 'lockdb', 'databasenotlocked' ); } -- 2.20.1