* Check permissions on special pages & namespaces
*
* @param string $action The action to check
- * @param User $user User to check
+ * @param UserIdentity $user User to check
* @param array $errors List of current errors
* @param string $rigor One of PermissionManager::RIGOR_ constants
* - RIGOR_QUICK : does cheap permission checks from replica DBs (usable for GUI creation)
*/
private function checkSpecialsAndNSPermissions(
$action,
- User $user,
+ UserIdentity $user,
$errors,
$rigor,
$short,
}
# Check $wgNamespaceProtection for restricted namespaces
- if ( $title->isNamespaceProtected( $user ) ) {
+ if ( $this->isNamespaceProtected( $title->getNamespace(), $user ) ) {
$ns = $title->getNamespace() == NS_MAIN ?
wfMessage( 'nstab-main' )->text() : $title->getNsText();
$errors[] = $title->getNamespace() == NS_MEDIAWIKI ?
return $this->allRights;
}
+ /**
+ * Determines if $user is unable to edit pages in namespace because it has been protected.
+ * @param $index
+ * @param UserIdentity $user
+ * @return bool
+ */
+ private function isNamespaceProtected( $index, UserIdentity $user ) {
+ $namespaceProtection = $this->options->get( 'NamespaceProtection' );
+ if ( isset( $namespaceProtection[$index] ) ) {
+ return !$this->userHasAllRights( $user, ...(array)$namespaceProtection[$index] );
+ }
+ return false;
+ }
+
/**
* Determine which restriction levels it makes sense to use in a namespace,
* optionally filtered by a user's rights.
* Determines if $user is unable to edit this page because it has been protected
* by $wgNamespaceProtection.
*
+ * @deprecated since 1.34 Don't use this function in new code.
* @param User $user User object to check permissions
* @return bool
*/
* @covers MediaWiki\Permissions\PermissionManager::checkSpecialsAndNSPermissions
*/
public function testSpecialsAndNSPermissions() {
- global $wgNamespaceProtection;
$this->setUser( $this->userName );
$this->setTitle( NS_SPECIAL );
MediaWikiServices::getInstance()->getPermissionManager()
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
- $wgNamespaceProtection[NS_USER] = [ 'bogus' ];
+ $this->mergeMwGlobalArrayValue( 'wgNamespaceProtection', [
+ NS_USER => [ 'bogus' ]
+ ] );
+ $this->resetServices();
+ $this->overrideUserPermissions( $this->user, '' );
$this->setTitle( NS_USER );
- $this->overrideUserPermissions( $this->user, '' );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'namespaceprotected', 'User', 'bogus' ] ],
MediaWikiServices::getInstance()->getPermissionManager()
MediaWikiServices::getInstance()->getPermissionManager()
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
- $wgNamespaceProtection = null;
-
+ $this->setMwGlobals( 'wgNamespaceProtection', null );
+ $this->resetServices();
$this->overrideUserPermissions( $this->user, 'bogus' );
+
$this->assertEquals( [],
MediaWikiServices::getInstance()->getPermissionManager()
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
* @covers \MediaWiki\Permissions\PermissionManager::checkSpecialsAndNSPermissions
*/
public function testSpecialsAndNSPermissions() {
- global $wgNamespaceProtection;
$this->setUser( $this->userName );
$this->setTitle( NS_SPECIAL );
$this->assertEquals( [ [ 'badaccess-group0' ] ],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
- $wgNamespaceProtection[NS_USER] = [ 'bogus' ];
-
+ $this->mergeMwGlobalArrayValue( 'wgNamespaceProtection', [
+ NS_USER => [ 'bogus' ]
+ ] );
+ $this->resetServices();
$this->setTitle( NS_USER );
$this->overrideUserPermissions( $this->user );
$this->assertEquals( [ [ 'badaccess-group0' ],
$this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
- $wgNamespaceProtection = null;
-
+ $this->setMwGlobals( 'wgNamespaceProtection', null );
+ $this->resetServices();
$this->overrideUserPermissions( $this->user, 'bogus' );
$this->assertEquals( [],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );