From e411e869e11f09529cac1ac2b2d56b27bac459e3 Mon Sep 17 00:00:00 2001 From: Bryan Tong Minh Date: Thu, 28 Aug 2008 21:34:43 +0000 Subject: [PATCH] Properly check permissions. --- includes/UploadFromBase.php | 5 +++++ includes/UploadFromUrl.php | 5 +++++ includes/specials/SpecialUpload.php | 5 +++-- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/includes/UploadFromBase.php b/includes/UploadFromBase.php index 0d0dc50b30..387b13a08b 100644 --- a/includes/UploadFromBase.php +++ b/includes/UploadFromBase.php @@ -28,6 +28,11 @@ class UploadFromBase { global $wgEnableUploads; return $wgEnableUploads; } + static function isAllowed( User $user ) { + if( !$user->isAllowed( 'upload' ) ) + return 'upload'; + return true; + } function __construct( $name ) { $this->mDesiredDestName = $name; diff --git a/includes/UploadFromUrl.php b/includes/UploadFromUrl.php index 605b54fabd..fc40d3a37e 100644 --- a/includes/UploadFromUrl.php +++ b/includes/UploadFromUrl.php @@ -2,6 +2,11 @@ class UploadFromUrl extends UploadFromBase { + static function isAllowed( User $user ) { + if( !$user->isAllowed( 'upload_by_url' ) ) + return 'upload_by_url'; + return parent::isAllowed( $user ); + } static function isEnabled() { global $wgAllowCopyUploads; return $wgAllowCopyUploads && parent::isEnabled(); diff --git a/includes/specials/SpecialUpload.php b/includes/specials/SpecialUpload.php index 08f121e582..35a9208b66 100644 --- a/includes/specials/SpecialUpload.php +++ b/includes/specials/SpecialUpload.php @@ -122,11 +122,12 @@ class UploadForm { } # Check permissions - if( !$wgUser->isAllowed( 'upload' ) ) { + $permission = $this->mUpload->isAllowed( $wgUser ); + if( $permission !== true ) { if( !$wgUser->isLoggedIn() ) { $wgOut->showErrorPage( 'uploadnologin', 'uploadnologintext' ); } else { - $wgOut->permissionRequired( 'upload' ); + $wgOut->permissionRequired( $permission ); } return; } -- 2.20.1