The permission checks in Title will automatically fail
any check against a special page, except for read, execute
and createaccount. However, execute is not a right. It
is not mentioned in any other MW file (or extension for
that matter). It is neither in the list of core user
rights in User.php, nor does it have a system msg
If someone wants to check if they can
run a special page, they should be doing a 'read'
check.
Note: The check in question was added in
bc23aede55e back in 2008
I'm unsure if it is better to just leave it alone, or remove it.
However, its presence could cause some confusion, hence this
commit. Additionally I was unsure if this justified a release
notes entry.
Change-Id: I9cf2b0424b9cb189ac122b8274ec681302f560f7
* @return Array list of errors
*/
private function checkSpecialsAndNSPermissions( $action, $user, $errors, $doExpensiveQueries, $short ) {
- # Only 'createaccount' and 'execute' can be performed on
- # special pages, which don't actually exist in the DB.
- $specialOKActions = array( 'createaccount', 'execute' );
- if ( NS_SPECIAL == $this->mNamespace && !in_array( $action, $specialOKActions ) ) {
+ # Only 'createaccount' can be performed on special pages,
+ # which don't actually exist in the DB.
+ if ( NS_SPECIAL == $this->mNamespace && $action !== 'createaccount' ) {
$errors[] = array( 'ns-specialprotected' );
}
$this->assertEquals( array( array( 'badaccess-group0' ), array( 'ns-specialprotected' ) ),
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
- $this->assertEquals( array( array( 'badaccess-group0' ) ),
- $this->title->getUserPermissionsErrors( 'execute', $this->user ) );
$this->setTitle( NS_MAIN );
$this->setUserPerm( 'bogus' );
dépôts / lhc / web / wiklou.git / commitdiff