$text = $title->getPrefixedText();
wfDebug( "Checking for $permissionlist on $text due to $field match on $bitfield\n" );
- $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
-
foreach ( $permissions as $perm ) {
if ( $permissionManager->userCan( $perm, $user, $title ) ) {
return true;
if ( $this->options['changed']
&& $title->getNamespace() == NS_USER_TALK
&& $shortTitle != $legacyUser->getTitleKey()
- && !( $this->revision->isMinor() && $legacyUser->isAllowed( 'nominornewtalk' ) )
+ && !( $this->revision->isMinor() && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $legacyUser, 'nominornewtalk' ) )
) {
$recipient = User::newFromName( $shortTitle, false );
if ( !$recipient ) {
// Language in which the page content is (supposed to be) written
$pageLang = $title->getPageLanguage()->getCode();
- $permissionManager = $services->getPermissionManager();
-
$pageLangHtml = $pageLang . ' - ' .
Language::fetchLanguageName( $pageLang, $lang->getCode() );
// Link to Special:PageLanguage with pre-filled page title if user has permissions
+ $permissionManager = $services->getPermissionManager();
if ( $config->get( 'PageLanguageUseDB' )
&& $permissionManager->userCan( 'pagelang', $user, $title )
) {
];
$unwatchedPageThreshold = $config->get( 'UnwatchedPageThreshold' );
- if (
- $services->getPermissionManager()->userHasRight( $user, 'unwatchedpages' ) ||
+ if ( $permissionManager->userHasRight( $user, 'unwatchedpages' ) ||
( $unwatchedPageThreshold !== false &&
$pageCounts['watchers'] >= $unwatchedPageThreshold )
) {
) {
$minToDisclose = $config->get( 'UnwatchedPageSecret' );
if ( $pageCounts['visitingWatchers'] > $minToDisclose ||
- $services->getPermissionManager()->userHasRight( $user, 'unwatchedpages' ) ) {
+ $permissionManager->userHasRight( $user, 'unwatchedpages' ) ) {
$pageInfo['header-basic'][] = [
$this->msg( 'pageinfo-visiting-watchers' ),
$lang->formatNum( $pageCounts['visitingWatchers'] )
*/
use MediaWiki\Auth\AuthManager;
+use MediaWiki\MediaWikiServices;
/**
* Reset password, with AuthManager
$this->requireOnlyOneParameter( $params, 'user', 'email' );
- $passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
+ $passwordReset = new PasswordReset(
+ $this->getConfig(),
+ AuthManager::singleton(),
+ MediaWikiServices::getInstance()->getPermissionManager()
+ );
$status = $passwordReset->isAllowed( $this->getUser() );
if ( !$status->isOK() ) {
* @since 1.25
*/
+use MediaWiki\MediaWikiServices;
+
/**
* This class formats block log entries.
*
$linkRenderer = $this->getLinkRenderer();
if ( $this->entry->isDeleted( LogPage::DELETED_ACTION ) // Action is hidden
|| !( $subtype === 'block' || $subtype === 'reblock' )
- || !$this->context->getUser()->isAllowed( 'block' )
+ || !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->context->getUser(), 'block' )
) {
return '';
}
<?php
+use MediaWiki\MediaWikiServices;
+
class ContentModelLogFormatter extends LogFormatter {
protected function getMessageParameters() {
$lang = $this->context->getLanguage();
public function getActionLinks() {
if ( $this->entry->isDeleted( LogPage::DELETED_ACTION ) // Action is hidden
|| $this->entry->getSubtype() !== 'change'
- || !$this->context->getUser()->isAllowed( 'editcontentmodel' )
+ || !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->context->getUser(), 'editcontentmodel' )
) {
return '';
}
* @since 1.22
*/
+use MediaWiki\MediaWikiServices;
use MediaWiki\Storage\RevisionRecord;
/**
public function getActionLinks() {
$user = $this->context->getUser();
$linkRenderer = $this->getLinkRenderer();
- if ( !$user->isAllowed( 'deletedhistory' )
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( !$permissionManager->userHasRight( $user, 'deletedhistory' )
|| $this->entry->isDeleted( LogPage::DELETED_ACTION )
) {
return '';
switch ( $this->entry->getSubtype() ) {
case 'delete': // Show undelete link
case 'delete_redir':
- if ( $user->isAllowed( 'undelete' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'undelete' ) ) {
$message = 'undeletelink';
} else {
$message = 'undeleteviewlink';
foreach ( LogPage::validTypes() as $type ) {
$page = new LogPage( $type );
$restriction = $page->getRestriction();
- if ( $this->getUser()->isAllowed( $restriction ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), $restriction )
+ ) {
$typesByName[$type] = $page->getName()->text();
}
}
}
$del = '';
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
// Don't show useless checkbox to people who cannot hide log entries
- if ( $user->isAllowed( 'deletedhistory' ) ) {
- $canHide = $user->isAllowed( 'deletelogentry' );
- $canViewSuppressedOnly = $user->isAllowed( 'viewsuppressed' ) &&
- !$user->isAllowed( 'suppressrevision' );
+ if ( $permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
+ $canHide = $permissionManager->userHasRight( $user, 'deletelogentry' );
+ $canViewSuppressedOnly = $permissionManager->userHasRight( $user, 'viewsuppressed' ) &&
+ !$permissionManager->userHasRight( $user, 'suppressrevision' );
$entryIsSuppressed = self::isDeleted( $row, LogPage::DELETED_RESTRICTED );
$canViewThisSuppressedEntry = $canViewSuppressedOnly && $entryIsSuppressed;
if ( $row->log_deleted || $canHide ) {
in_array( $row->log_action, $action ) : $row->log_action == $action;
if ( $match && $right ) {
global $wgUser;
- $match = $wgUser->isAllowed( $right );
+ $match = MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $wgUser, $right );
}
}
$user = $wgUser;
}
$logRestrictions = MediaWikiServices::getInstance()->getMainConfig()->get( 'LogRestrictions' );
- if ( isset( $logRestrictions[$type] ) && !$user->isAllowed( $logRestrictions[$type] ) ) {
+ if ( isset( $logRestrictions[$type] ) && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, $logRestrictions[$type] )
+ ) {
return false;
}
return true;
// Don't show private logs to unprivileged users
foreach ( $wgLogRestrictions as $logType => $right ) {
- if ( $audience == 'public' || !$user->isAllowed( $right ) ) {
+ if ( $audience == 'public' || !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, $right )
+ ) {
$hiddenLogs[] = $logType;
}
}
$logRestrictions = $this->context->getConfig()->get( 'LogRestrictions' );
$type = $this->entry->getType();
return !isset( $logRestrictions[$type] )
- || $this->context->getUser()->isAllowed( $logRestrictions[$type] );
+ || MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->context->getUser(), $logRestrictions[$type] );
}
/**
$needReindex = false;
foreach ( $types as $type ) {
if ( isset( $wgLogRestrictions[$type] )
- && !$user->isAllowed( $wgLogRestrictions[$type] )
+ && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, $wgLogRestrictions[$type] )
) {
$needReindex = true;
$types = array_diff( $types, [ $type ] );
}
$this->actionRestrictionsEnforced = true;
$user = $this->getUser();
- if ( !$user->isAllowed( 'deletedhistory' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_ACTION ) . ' = 0';
- } elseif ( !MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
- ) {
+ } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) {
$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_ACTION ) .
' != ' . LogPage::SUPPRESSED_USER;
}
}
$this->performerRestrictionsEnforced = true;
$user = $this->getUser();
- if ( !$user->isAllowed( 'deletedhistory' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_USER ) . ' = 0';
- } elseif ( !MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
- ) {
+ } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) {
$this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_USER ) .
' != ' . LogPage::SUPPRESSED_ACTION;
}
* @since 1.25
*/
+use MediaWiki\MediaWikiServices;
+
/**
* This class formats merge log entries.
*
public function getActionLinks() {
if ( $this->entry->isDeleted( LogPage::DELETED_ACTION ) // Action is hidden
- || !$this->context->getUser()->isAllowed( 'mergehistory' )
+ || !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->context->getUser(), 'mergehistory' )
) {
return '';
}
* @since 1.22
*/
+use MediaWiki\MediaWikiServices;
+
/**
* This class formats move log entries.
*
public function getActionLinks() {
if ( $this->entry->isDeleted( LogPage::DELETED_ACTION ) // Action is hidden
|| $this->entry->getSubtype() !== 'move'
- || !$this->context->getUser()->isAllowed( 'move' )
+ || !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->context->getUser(), 'move' )
) {
return '';
}
];
// Show change protection link
- if ( $this->context->getUser()->isAllowed( 'protect' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->context->getUser(), 'protect' )
+ ) {
$links[] = $linkRenderer->makeKnownLink(
$title,
$this->msg( 'protect_change' )->text(),
if ( $watchers === [] && !count( $wgUsersNotifiedOnAllChanges ) ) {
$sendEmail = false;
// Only send notification for non minor edits, unless $wgEnotifMinorEdits
- if ( !$minorEdit || ( $wgEnotifMinorEdits && !$editor->isAllowed( 'nominornewtalk' ) ) ) {
+ if ( !$minorEdit || ( $wgEnotifMinorEdits && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $editor, 'nominornewtalk' ) )
+ ) {
$isUserTalkPage = ( $title->getNamespace() == NS_USER_TALK );
if ( $wgEnotifUserTalk
&& $isUserTalkPage
$userTalkId = false;
- if ( !$minorEdit || ( $wgEnotifMinorEdits && !$editor->isAllowed( 'nominornewtalk' ) ) ) {
+ if ( !$minorEdit || ( $wgEnotifMinorEdits && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $editor, 'nominornewtalk' ) )
+ ) {
if ( $wgEnotifUserTalk
&& $isUserTalkPage
&& $this->canSendUserTalkEmail( $editor, $title, $minorEdit )
}
$outputPage->preventClickjacking();
- if ( $user->isAllowed( 'writeapi' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'writeapi' )
+ ) {
$outputPage->addModules( 'mediawiki.page.patrol.ajax' );
}
[ 'delete', $this->getTitle()->getPrefixedText() ] )
) {
# Flag to hide all contents of the archived revisions
- $suppress = $request->getCheck( 'wpSuppress' ) && $user->isAllowed( 'suppressrevision' );
+
+ $suppress = $request->getCheck( 'wpSuppress' ) && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'suppressrevision' );
$this->doDelete( $reason, $suppress );
]
);
}
-
- if ( $user->isAllowed( 'suppressrevision' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( $permissionManager->userHasRight( $user, 'suppressrevision' ) ) {
$fields[] = new OOUI\FieldLayout(
new OOUI\CheckboxInputWidget( [
'name' => 'wpSuppress',
] )
);
- if ( $user->isAllowed( 'editinterface' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'editinterface' ) ) {
$link = Linker::linkKnown(
$ctx->msg( 'deletereason-dropdown' )->inContentLanguage()->getTitle(),
wfMessage( 'delete-edit-reasonlist' )->escaped(),
$row = $selected = '';
// Deletion link
- if ( $local && ( $pm->userHasAnyRight( $user, 'delete', 'deletedhistory' ) )
- ) {
+ if ( $local && ( $pm->userHasAnyRight( $user, 'delete', 'deletedhistory' ) ) ) {
$row .= '<td>';
# Link to remove from history
- if ( $user->isAllowed( 'delete' ) ) {
+ if ( $pm->userHasRight( $user, 'delete' ) ) {
$q = [ 'action' => 'delete' ];
if ( !$iscur ) {
$q['oldimage'] = $img;
);
}
# Link to hide content. Don't show useless link to people who cannot hide revisions.
- $canHide = $user->isAllowed( 'deleterevision' );
- if ( $canHide || ( $user->isAllowed( 'deletedhistory' ) && $file->getVisibility() ) ) {
- if ( $user->isAllowed( 'delete' ) ) {
+ $canHide = $pm->userHasRight( $user, 'deleterevision' );
+ if ( $canHide || ( $pm->userHasRight( $user, 'deletedhistory' )
+ && $file->getVisibility() ) ) {
+ if ( $pm->userHasRight( $user, 'delete' ) ) {
$row .= '<br />';
}
// If file is top revision or locked from this user, don't link
);
}
- if ( $wgEnableUploads && $user->isAllowed( 'upload' ) ) {
+ if ( $wgEnableUploads && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'upload' )
+ ) {
// Only show an upload link if the user can upload
$uploadTitle = SpecialPage::getTitleFor( 'Upload' );
$nofile = [
// TODO: this check is here for backwards-compatibility with 1.31 behavior.
// Checking the minoredit right should be done in the same place the 'bot' right is
// checked for the EDIT_FORCE_BOT flag, which is currently in EditPage::attemptSave.
- if ( ( $flags & EDIT_MINOR ) && !$user->isAllowed( 'minoredit' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( ( $flags & EDIT_MINOR ) && !$permissionManager->userHasRight( $user, 'minoredit' ) ) {
$flags = ( $flags & ~EDIT_MINOR );
}
// TODO: this logic should not be in the storage layer, it's here for compatibility
// with 1.31 behavior. Applying the 'autopatrol' right should be done in the same
// place the 'bot' right is handled, which is currently in EditPage::attemptSave.
- $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
if ( $needsPatrol && $permissionManager->userCan(
'autopatrol', $user, $this->getTitle()
// Save
$flags = EDIT_UPDATE | EDIT_INTERNAL;
- if ( $guser->isAllowed( 'minoredit' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( $permissionManager->userHasRight( $guser, 'minoredit' ) ) {
$flags |= EDIT_MINOR;
}
- if ( $bot && ( MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAnyRight( $guser, 'markbotedits', 'bot' ) )
- ) {
+ if ( $bot && ( $permissionManager->userHasAnyRight( $guser, 'markbotedits', 'bot' ) ) ) {
$flags |= EDIT_FORCE_BOT;
}
// TODO: this logic should not be in the storage layer, it's here for compatibility
// with 1.31 behavior. Applying the 'autopatrol' right should be done in the same
// place the 'bot' right is handled, which is currently in EditPage::attemptSave.
- $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
if ( $wgUseRCPatrol && $permissionManager->userCan(
'autopatrol', $guser, $this->getTitle()
// Set patrolling and bot flag on the edits, which gets rollbacked.
// This is done even on edit failure to have patrolling in that case (T64157).
$set = [];
- if ( $bot && $guser->isAllowed( 'markbotedits' ) ) {
+ if ( $bot && $permissionManager->userHasRight( $guser, 'markbotedits' ) ) {
// Mark all reverted edits as bot
$set['rc_bot'] = 1;
}
# $this->getTitle() will just give Special:Badtitle, which is
# not especially useful as a returnto parameter. Use the title
# from the request instead, if there was one.
- if ( $this->getUser()->isAllowed( 'read' ) ) {
+ if ( $permissionManager->userHasRight( $this->getUser(), 'read' ) ) {
$page = $this->getTitle();
} else {
$page = Title::newFromText( $request->getVal( 'title', '' ) );
'active' => ( $href == $pageurl )
];
- if ( $this->getUser()->isAllowed( 'viewmywatchlist' ) ) {
+ if ( $permissionManager->userHasRight( $this->getUser(), 'viewmywatchlist' ) ) {
$href = self::makeSpecialUrl( 'Watchlist' );
$personal_urls['watchlist'] = [
'text' => $this->msg( 'mywatchlist' )->text(),
$useCombinedLoginLink = false;
}
- $loginlink = $this->getUser()->isAllowed( 'createaccount' ) && $useCombinedLoginLink
- ? 'nav-login-createaccount'
- : 'pt-login';
+ $loginlink = $permissionManager->userHasRight( $this->getUser(), 'createaccount' )
+ && $useCombinedLoginLink ? 'nav-login-createaccount' : 'pt-login';
$login_url = [
'text' => $this->msg( $loginlink )->text(),
if (
$authManager->canCreateAccounts()
- && $this->getUser()->isAllowed( 'createaccount' )
+ && $permissionManager->userHasRight( $this->getUser(), 'createaccount' )
&& !$useCombinedLoginLink
) {
$personal_urls['createaccount'] = $createaccount_url;
if ( $permissionManager->quickUserCan( 'protect', $user, $title ) &&
$title->getRestrictionTypes() &&
- $permissionManager->getNamespaceRestrictionLevels( $title->getNamespace(),
- $user ) !== [ '' ]
+ $permissionManager->getNamespaceRestrictionLevels( $title->getNamespace(), $user ) !== [ '' ]
) {
$mode = $title->isProtected() ? 'unprotect' : 'protect';
$content_navigation['actions'][$mode] = [
'href' => self::makeSpecialUrlSubpage( 'Log', $rootUser )
];
- if ( $this->getUser()->isAllowed( 'block' ) ) {
+ if ( MediawikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'block' )
+ ) {
$nav_urls['blockip'] = [
'text' => $this->msg( 'blockip', $rootUser )->text(),
'href' => self::makeSpecialUrlSubpage( 'Block', $rootUser )
}
}
if ( !$this->isSignup() && $this->showExtraInformation() ) {
- $passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
+ $passwordReset = new PasswordReset(
+ $this->getConfig(),
+ AuthManager::singleton(),
+ MediaWikiServices::getInstance()->getPermissionManager()
+ );
if ( $passwordReset->isAllowed( $this->getUser() )->isGood() ) {
$fieldDefinitions['passwordReset'] = [
'type' => 'info',
private function showCreateAccountLink() {
if ( $this->isSignup() ) {
return true;
- } elseif ( $this->getUser()->isAllowed( 'createaccount' ) ) {
+ } elseif ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'createaccount' )
+ ) {
return true;
} else {
return false;
* @return bool Does the user have permission to view the page?
*/
public function userCanExecute( User $user ) {
- return $user->isAllowed( $this->mRestriction );
+ return MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, $this->mRestriction );
}
/**
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
+
/**
* @ingroup SpecialPage
* @since 1.27
$out = $this->getOutput();
$this->addHelpLink( 'Help:ApiSandbox' );
- $out->addJsConfigVars( 'apihighlimits', $this->getUser()->isAllowed( 'apihighlimits' ) );
+ $out->addJsConfigVars( 'apihighlimits', MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'apihighlimits' )
+ );
$out->addModuleStyles( [
'mediawiki.special',
'mediawiki.hlist',
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
+
/**
* A special page that lists autoblocks
*
'ipb_parent_block_id IS NOT NULL'
];
# Is the user allowed to see hidden blocks?
- if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'hideuser' )
+ ) {
$conds['ipb_deleted'] = 0;
}
use MediaWiki\Block\Restriction\PageRestriction;
use MediaWiki\Block\Restriction\NamespaceRestriction;
use MediaWiki\MediaWikiServices;
+use MediaWiki\User\UserIdentity;
/**
* A special page that allows users with 'block' right to block users from
];
# Allow some users to hide name from block log, blocklist and listusers
- if ( $user->isAllowed( 'hideuser' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'hideuser' )
+ ) {
$a['HideUser'] = [
'type' => 'check',
'label-message' => 'ipbhidename',
// If the username was hidden (ipb_deleted == 1), don't show the reason
// unless this user also has rights to hideuser: T37839
- if ( !$block->getHideName() || $this->getUser()->isAllowed( 'hideuser' ) ) {
+ if ( !$block->getHideName() || MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'hideuser' )
+ ) {
$fields['Reason']['default'] = $block->getReason();
} else {
$fields['Reason']['default'] = '';
$user = $this->getUser();
# Link to edit the block dropdown reasons, if applicable
- if ( $user->isAllowed( 'editinterface' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( $permissionManager->userHasRight( $user, 'editinterface' ) ) {
$links[] = $linkRenderer->makeKnownLink(
$this->msg( 'ipbreason-dropdown' )->inContentLanguage()->getTitle(),
$this->msg( 'ipb-edit-dropdown' )->text(),
$text .= $out;
# Add suppression block entries if allowed
- if ( $user->isAllowed( 'suppressionlog' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'suppressionlog' ) ) {
LogEventsList::showLogExtract(
$out,
'suppress',
}
if ( $data['HideUser'] ) {
- if ( !$performer->isAllowed( 'hideuser' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $performer, 'hideuser' )
+ ) {
# this codepath is unreachable except by a malicious user spoofing forms,
# or by race conditions (user has hideuser and block rights, loads block form,
# and loses hideuser rights before submission); so need to fail completely
}
# If the name was hidden and the blocking user cannot hide
# names, then don't allow any block changes...
- if ( $currentBlock->getHideName() && !$performer->isAllowed( 'hideuser' ) ) {
+ if ( $currentBlock->getHideName() && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $performer, 'hideuser' )
+ ) {
return [ 'cant-see-hidden-user' ];
}
/**
* Can we do an email block?
- * @param User $user The sysop wanting to make a block
+ * @param UserIdentity $user The sysop wanting to make a block
* @return bool
*/
- public static function canBlockEmail( $user ) {
+ public static function canBlockEmail( UserIdentity $user ) {
global $wgEnableUserEmail, $wgSysopEmailBans;
- return ( $wgEnableUserEmail && $wgSysopEmailBans && $user->isAllowed( 'blockemail' ) );
+ return ( $wgEnableUserEmail && $wgSysopEmailBans && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'blockemail' ) );
}
/**
if ( $performer->getBlock() ) {
if ( $target instanceof User && $target->getId() == $performer->getId() ) {
# User is trying to unblock themselves
- if ( $performer->isAllowed( 'unblockself' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $performer, 'unblockself' )
+ ) {
return true;
# User blocked themselves and is now trying to reverse it
} elseif ( $performer->blockedBy() === $performer->getName() ) {
*/
use MediaWiki\Block\DatabaseBlock;
+use MediaWiki\MediaWikiServices;
/**
* A special page that lists existing blocks
$conds = [];
$db = $this->getDB();
# Is the user allowed to see hidden blocks?
- if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'hideuser' )
+ ) {
$conds['ipb_deleted'] = 0;
}
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
use Wikimedia\Rdbms\IResultWrapper;
use Wikimedia\Rdbms\IDatabase;
}
$linkRenderer = $this->getLinkRenderer();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+
// $toObj may very easily be false if the $result list is cached
if ( !is_object( $toObj ) ) {
return '<del>' . $linkRenderer->makeLink( $fromObj ) . '</del>';
// if the page is editable, add an edit link
if (
// check user permissions
- $this->getUser()->isAllowed( 'edit' ) &&
+ $permissionManager->userHasRight( $this->getUser(), 'edit' ) &&
// check, if the content model is editable through action=edit
ContentHandler::getForTitle( $fromObj )->supportsDirectEditing()
) {
$out = $from . $this->msg( 'word-separator' )->escaped();
- if ( $this->getUser()->isAllowed( 'delete' ) ) {
+ if ( $permissionManager->userHasRight( $this->getUser(), 'delete' ) ) {
$links[] = $linkRenderer->makeKnownLink(
$fromObj,
$this->msg( 'brokenredirects-delete' )->text(),
<?php
+use MediaWiki\MediaWikiServices;
+
class SpecialChangeContentModel extends FormSpecialPage {
public function __construct() {
$flags = $this->oldRevision ? EDIT_UPDATE : EDIT_NEW;
$flags |= EDIT_INTERNAL;
- if ( $user->isAllowed( 'bot' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'bot' )
+ ) {
$flags |= EDIT_FORCE_BOT;
}
use MediaWiki\Auth\AuthManager;
use MediaWiki\Logger\LoggerFactory;
+use MediaWiki\MediaWikiServices;
/**
* Let users change their email address.
// This could also let someone check the current email address, so
// require both permissions.
- if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'viewmyprivateinfo' )
+ ) {
throw new PermissionsError( 'viewmyprivateinfo' );
}
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
+
/**
* Special page allows users to request email confirmation message, and handles
* processing of the confirmation code when the link in the email is followed
// This could also let someone check the current email address, so
// require both permissions.
- if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'viewmyprivateinfo' )
+ ) {
throw new PermissionsError( 'viewmyprivateinfo' );
}
// Allows reverts to have the bot flag in recent changes. It is just here to
// be passed in the form at the top of the page
- if ( $user->isAllowed( 'markbotedits' ) && $request->getBool( 'bot' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'markbotedits' ) && $request->getBool( 'bot' )
+ ) {
$this->opts['bot'] = '1';
}
);
}
- if ( $sp->getUser()->isAllowed( 'block' ) ) { # Block / Change block / Unblock links
+ # Block / Change block / Unblock links
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( $permissionManager->userHasRight( $sp->getUser(), 'block' ) ) {
if ( $target->getBlock() && $target->getBlock()->getType() != DatabaseBlock::TYPE_AUTO ) {
$tools['block'] = $linkRenderer->makeKnownLink( # Change block link
SpecialPage::getTitleFor( 'Block', $username ),
);
# Suppression log link (T61120)
- if ( $sp->getUser()->isAllowed( 'suppressionlog' ) ) {
+ if ( $permissionManager->userHasRight( $sp->getUser(), 'suppressionlog' ) ) {
$tools['log-suppression'] = $linkRenderer->makeKnownLink(
SpecialPage::getTitleFor( 'Log', 'suppress' ),
$sp->msg( 'sp-contributions-suppresslog', $username )->text(),
# Don't show some links for IP ranges
if ( !$isRange ) {
# Uploads: hide if IPs cannot upload (T220674)
- if ( !$isIP || $target->isAllowed( 'upload' ) ) {
+ if ( !$isIP || $permissionManager->userHasRight( $target, 'upload' ) ) {
$tools['uploads'] = $linkRenderer->makeKnownLink(
SpecialPage::getTitleFor( 'Listfiles', $username ),
$sp->msg( 'sp-contributions-uploads' )->text()
# Add link to deleted user contributions for priviledged users
# Todo: T183457
- if ( $sp->getUser()->isAllowed( 'deletedhistory' ) ) {
+ if ( $permissionManager->userHasRight( $sp->getUser(), 'deletedhistory' ) ) {
$tools['deletedcontribs'] = $linkRenderer->makeKnownLink(
SpecialPage::getTitleFor( 'DeletedContributions', $username ),
$sp->msg( 'sp-contributions-deleted', $username )->text()
$filters = [];
- if ( $this->getUser()->isAllowed( 'deletedhistory' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'deletedhistory' )
+ ) {
$filters[] = Html::rawElement(
'span',
[ 'class' => 'mw-input-with-label' ],
}
public function userCanExecute( User $user ) {
- return $user->isAllowed( 'createaccount' );
+ return MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'createaccount' );
}
public function checkPermissions() {
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
use Wikimedia\Rdbms\IResultWrapper;
use Wikimedia\Rdbms\IDatabase;
// if the page is editable, add an edit link
if (
// check user permissions
- $this->getUser()->isAllowed( 'edit' ) &&
+ MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'edit' ) &&
// check, if the content model is editable through action=edit
ContentHandler::getForTitle( $titleA )->supportsDirectEditing()
) {
$this->ids
);
- $this->isAllowed = $user->isAllowed( 'changetags' );
+ $this->isAllowed = $this->permissionManager->userHasRight( $user, 'changetags' );
$this->reason = $request->getVal( 'wpReason' );
// We need a target page!
return 'mailnologin';
}
- if ( !$user->isAllowed( 'sendemail' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'sendemail' )
+ ) {
return 'badaccess';
}
// allowed and a valid edit token is not provided (T73111). However, MediaWiki
// does not currently provide logged-out users with CSRF protection; in that case,
// do not show the preview unless anonymous editing is allowed.
- if ( $user->isAnon() && !$user->isAllowed( 'edit' ) ) {
+ if ( $user->isAnon() && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'edit' )
+ ) {
$error = [ 'expand_templates_preview_fail_html_anon' ];
} elseif ( !$user->matchEditToken( $request->getVal( 'wpEditToken' ), '', $request ) ) {
$error = [ 'expand_templates_preview_fail_html' ];
* @return bool
*/
private function userCanOverrideExportDepth() {
- return $this->getUser()->isAllowed( 'override-export-depth' );
+ return MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'override-export-depth' );
}
/**
}
$user = $this->getUser();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
if ( !$user->matchEditToken( $request->getVal( 'editToken' ) ) ) {
$source = Status::newFatal( 'import-token-mismatch' );
} elseif ( $this->sourceName === 'upload' ) {
$isUpload = true;
$this->usernamePrefix = $this->fullInterwikiPrefix = $request->getVal( 'usernamePrefix' );
- if ( $user->isAllowed( 'importupload' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'importupload' ) ) {
$source = ImportStreamSource::newFromUpload( "xmlimport" );
} else {
throw new PermissionsError( 'importupload' );
}
} elseif ( $this->sourceName === 'interwiki' ) {
- if ( !$user->isAllowed( 'import' ) ) {
+ if ( !$permissionManager->userHasRight( $user, 'import' ) ) {
throw new PermissionsError( 'import' );
}
$this->interwiki = $this->fullInterwikiPrefix = $request->getVal( 'interwiki' );
private function showForm() {
$action = $this->getPageTitle()->getLocalURL( [ 'action' => 'submit' ] );
$user = $this->getUser();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
$out = $this->getOutput();
$this->addHelpLink( 'https://meta.wikimedia.org/wiki/Special:MyLanguage/Help:Import', true );
- if ( $user->isAllowed( 'importupload' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'importupload' ) ) {
$mappingSelection = $this->getMappingFormPart( 'upload' );
$out->addHTML(
Xml::fieldset( $this->msg( 'import-upload' )->text() ) .
$out->addWikiMsg( 'importnosources' );
}
- if ( $user->isAllowed( 'import' ) && !empty( $this->importSources ) ) {
+ if ( $permissionManager->userHasRight( $user, 'import' ) && !empty( $this->importSources ) ) {
# Show input field for import depth only if $wgExportMaxLinkDepth > 0
$importDepth = '';
if ( $this->getConfig()->get( 'ExportMaxLinkDepth' ) > 0 ) {
if ( !LogPage::isLogType( $type ) ) {
$opts->setValue( 'type', '' );
} elseif ( isset( $logRestrictions[$type] )
- && !$this->getUser()->isAllowed( $logRestrictions[$type] )
+ && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), $logRestrictions[$type] )
) {
throw new PermissionsError( $logRestrictions[$type] );
}
}
if ( count( $err ) == 1 && isset( $err[0][0] ) && $err[0][0] == 'file-exists-sharedrepo'
- && $user->isAllowed( 'reupload-shared' )
+ && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'reupload-shared' )
) {
$out->wrapWikiMsg(
"<div class='warningbox'>\n$1\n</div>\n",
);
}
- if ( $user->isAllowed( 'suppressredirect' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'suppressredirect' )
+ ) {
if ( $handlerSupportsRedirects ) {
$isChecked = $this->leaveRedirect;
$isDisabled = false;
function doSubmit() {
$user = $this->getUser();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
if ( $user->pingLimiter( 'move' ) ) {
throw new ThrottledError;
# Show a warning if the target file exists on a shared repo
$repoGroup = $services->getRepoGroup();
if ( $nt->getNamespace() == NS_FILE
- && !( $this->moveOverShared && $user->isAllowed( 'reupload-shared' ) )
+ && !( $this->moveOverShared && $permissionManager->userHasRight( $user, 'reupload-shared' ) )
&& !$repoGroup->getLocalRepo()->findFile( $nt )
&& $repoGroup->findFile( $nt )
) {
# Delete to make way if requested
if ( $this->deleteAndMove ) {
- $permErrors = $nt->getUserPermissionsErrors( 'delete', $user );
+ $permErrors = $permissionManager->getPermissionErrors( 'delete', $user, $nt );
if ( count( $permErrors ) ) {
# Only show the first error
$this->showForm( $permErrors, true );
if ( !$handler->supportsRedirects() ) {
$createRedirect = false;
- } elseif ( $user->isAllowed( 'suppressredirect' ) ) {
+ } elseif ( $permissionManager->userHasRight( $user, 'suppressredirect' ) ) {
$createRedirect = $this->leaveRedirect;
} else {
$createRedirect = true;
$this->moveTalk = false;
}
if ( $this->moveSubpages ) {
- $permissionManager = $services->getPermissionManager();
$this->moveSubpages = $permissionManager->userCan( 'move-subpages', $user, $ot );
}
*/
use MediaWiki\Auth\AuthManager;
+use MediaWiki\MediaWikiServices;
/**
* Special page for requesting a password reset email.
private function getPasswordReset() {
if ( $this->passwordReset === null ) {
- $this->passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
+ $this->passwordReset = new PasswordReset(
+ $this->getConfig(),
+ AuthManager::singleton(),
+ MediaWikiServices::getInstance()->getPermissionManager()
+ );
}
return $this->passwordReset;
}
}
protected function showResetForm() {
- if ( !$this->getUser()->isAllowed( 'editmyoptions' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'editmyoptions' )
+ ) {
throw new PermissionsError( 'editmyoptions' );
}
}
public function submitReset( $formData ) {
- if ( !$this->getUser()->isAllowed( 'editmyoptions' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'editmyoptions' )
+ ) {
throw new PermissionsError( 'editmyoptions' );
}
if (
!$this->including() &&
$this->getUser()->isLoggedIn() &&
- $this->getUser()->isAllowed( 'viewmywatchlist' )
+ MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'viewmywatchlist' )
) {
$this->registerFiltersFromDefinitions( [ $this->watchlistFilterGroupDefinition ] );
$watchlistGroup = $this->getFilterGroup( 'watchlist' );
$join_conds = array_merge( $join_conds, $rcQuery['joins'] );
// JOIN on watchlist for users
- if ( $user->isLoggedIn() && $user->isAllowed( 'viewmywatchlist' ) ) {
+ if ( $user->isLoggedIn() && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'viewmywatchlist' )
+ ) {
$tables[] = 'watchlist';
$fields[] = 'wl_user';
$fields[] = 'wl_notificationtimestamp';
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
+
/**
* This is to display changes made to all articles linked in an article.
*
// left join with watchlist table to highlight watched rows
$uid = $this->getUser()->getId();
- if ( $uid && $this->getUser()->isAllowed( 'viewmywatchlist' ) ) {
+ if ( $uid && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'viewmywatchlist' )
+ ) {
$tables[] = 'watchlist';
$select[] = 'wl_user';
$join_conds['watchlist'] = [ 'LEFT JOIN', [
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
use MediaWiki\Storage\RevisionRecord;
use MediaWiki\Permissions\PermissionManager;
$this->typeLabels = self::$UILabels[$this->typeName];
$list = $this->getList();
$list->reset();
- $this->mIsAllowed = $user->isAllowed( RevisionDeleter::getRestriction( $this->typeName ) );
- $canViewSuppressedOnly = $this->getUser()->isAllowed( 'viewsuppressed' ) &&
- !$this->getUser()->isAllowed( 'suppressrevision' );
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ $this->mIsAllowed = $permissionManager->userHasRight( $user,
+ RevisionDeleter::getRestriction( $this->typeName ) );
+ $canViewSuppressedOnly = $permissionManager->userHasRight( $user, 'viewsuppressed' ) &&
+ !$permissionManager->userHasRight( $user, 'suppressrevision' );
$pageIsSuppressed = $list->areAnySuppressed();
$this->mIsAllowed = $this->mIsAllowed && !( $canViewSuppressedOnly && $pageIsSuppressed );
[ 'revdelete-hide-comment', 'wpHideComment', RevisionRecord::DELETED_COMMENT ],
[ 'revdelete-hide-user', 'wpHideUser', RevisionRecord::DELETED_USER ]
];
- if ( $user->isAllowed( 'suppressrevision' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'suppressrevision' ) ) {
$this->checks[] = [ 'revdelete-hide-restricted',
'wpHideRestricted', RevisionRecord::DELETED_RESTRICTED ];
}
$this->showForm();
}
- if ( $user->isAllowed( 'deletedhistory' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
$qc = $this->getLogQueryCond();
# Show relevant lines from the deletion log
$deleteLogPage = new LogPage( 'delete' );
);
}
# Show relevant lines from the suppression log
- if ( $user->isAllowed( 'suppressionlog' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'suppressionlog' ) ) {
$suppressLogPage = new LogPage( 'suppress' );
$output->addHTML( "<h2>" . $suppressLogPage->getName()->escaped() . "</h2>\n" );
LogEventsList::showLogExtract(
[ 'action' => 'history' ]
);
# Link to deleted edits
- if ( $this->getUser()->isAllowed( 'undelete' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'undelete' )
+ ) {
$undelete = SpecialPage::getTitleFor( 'Undelete' );
$links[] = $linkRenderer->makeKnownLink(
$undelete,
Xml::closeElement( 'fieldset' ) . "\n" .
Xml::closeElement( 'form' ) . "\n";
// Show link to edit the dropdown reasons
- if ( $this->getUser()->isAllowed( 'editinterface' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'editinterface' )
+ ) {
$link = $this->getLinkRenderer()->makeKnownLink(
$this->msg( 'revdelete-reason-dropdown' )->inContentLanguage()->getTitle(),
$this->msg( 'revdelete-edit-reasonlist' )->text(),
'revdelete-text-others'
);
- if ( $this->getUser()->isAllowed( 'suppressrevision' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'suppressrevision' )
+ ) {
$this->getOutput()->addWikiMsg( 'revdelete-suppress-text' );
}
}
# Can the user set this field?
if ( $bitParams[RevisionRecord::DELETED_RESTRICTED] == 1
- && !$this->getUser()->isAllowed( 'suppressrevision' )
+ && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'suppressrevision' )
) {
throw new PermissionsError( 'suppressrevision' );
}
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
+
/**
* A special page that lists tags for edits
*
$out->wrapWikiMsg( "<div class='mw-tags-intro'>\n$1\n</div>", 'tags-intro' );
$user = $this->getUser();
- $userCanManage = $user->isAllowed( 'managechangetags' );
- $userCanDelete = $user->isAllowed( 'deletechangetags' );
- $userCanEditInterface = $user->isAllowed( 'editinterface' );
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ $userCanManage = $permissionManager->userHasRight( $user, 'managechangetags' );
+ $userCanDelete = $permissionManager->userHasRight( $user, 'deletechangetags' );
+ $userCanEditInterface = $permissionManager->userHasRight( $user, 'editinterface' );
// Show form to create a tag
if ( $userCanManage ) {
protected function showDeleteTagForm( $tag ) {
$user = $this->getUser();
- if ( !$user->isAllowed( 'deletechangetags' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'deletechangetags' ) ) {
throw new PermissionsError( 'deletechangetags' );
}
$actionStr = $activate ? 'activate' : 'deactivate';
$user = $this->getUser();
- if ( !$user->isAllowed( 'managechangetags' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'managechangetags' ) ) {
throw new PermissionsError( 'managechangetags' );
}
*/
use MediaWiki\Block\DatabaseBlock;
+use MediaWiki\MediaWikiServices;
/**
* A special page for unblocking users
# If the name was hidden and the blocking user cannot hide
# names, then don't allow any block removals...
- if ( !$performer->isAllowed( 'hideuser' ) && $block->getHideName() ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $performer, 'hideuser' ) && $block->getHideName()
+ ) {
return [ 'unblock-hideuser' ];
}
$this->mDiff = $request->getCheck( 'diff' );
$this->mDiffOnly = $request->getBool( 'diffonly', $this->getUser()->getOption( 'diffonly' ) );
$this->mComment = $request->getText( 'wpComment' );
- $this->mUnsuppress = $request->getVal( 'wpUnsuppress' ) && $user->isAllowed( 'suppressrevision' );
+ $this->mUnsuppress = $request->getVal( 'wpUnsuppress' ) && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'suppressrevision' );
$this->mToken = $request->getVal( 'token' );
$block = $user->getBlock();
if ( $this->mTargetObj !== null ) {
return $permissionManager->userCan( $permission, $user, $this->mTargetObj );
} else {
- return $user->isAllowed( $permission );
+ return $permissionManager->userHasRight( $user, $permission );
}
}
$out->addWikiMsg( 'undelete-header' );
# Not all users can just browse every deleted page from the list
- if ( $user->isAllowed( 'browsearchive' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'browsearchive' )
+ ) {
$this->showSearchForm();
}
LogEventsList::showLogExtract( $out, 'delete', $this->mTargetObj );
# Show relevant lines from the suppression log:
$suppressLogPage = new LogPage( 'suppress' );
- if ( $this->getUser()->isAllowed( 'suppressionlog' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( $permissionManager->userHasRight( $this->getUser(), 'suppressionlog' ) ) {
$out->addHTML( Xml::element( 'h2', null, $suppressLogPage->getName()->text() ) . "\n" );
LogEventsList::showLogExtract( $out, 'suppress', $this->mTargetObj );
}
] )
);
- if ( $this->getUser()->isAllowed( 'suppressrevision' ) ) {
+ if ( $permissionManager->userHasRight( $this->getUser(), 'suppressrevision' ) ) {
$fields[] = new OOUI\FieldLayout(
new OOUI\CheckboxInputWidget( [
'name' => 'wpUnsuppress',
if ( $haveRevisions ) {
# Show the page's stored (deleted) history
- if ( $this->getUser()->isAllowed( 'deleterevision' ) ) {
+ if ( $permissionManager->userHasRight( $this->getUser(), 'deleterevision' ) ) {
$history .= Html::element(
'button',
[
protected function showViewDeletedLinks() {
$title = Title::makeTitleSafe( NS_FILE, $this->mDesiredDestName );
$user = $this->getUser();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
// Show a subtitle link to deleted revisions (to sysops et al only)
if ( $title instanceof Title ) {
$count = $title->isDeleted();
- if ( $count > 0 && $user->isAllowed( 'deletedhistory' ) ) {
+ if ( $count > 0 && $permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
$restorelink = $this->getLinkRenderer()->makeKnownLink(
SpecialPage::getTitleFor( 'Undelete', $title->getPrefixedText() ),
$this->msg( 'restorelink' )->numParams( $count )->text()
);
- $link = $this->msg( $user->isAllowed( 'delete' ) ? 'thisisdeleted' : 'viewdeleted' )
- ->rawParams( $restorelink )->parseAsBlock();
+ $link = $this->msg(
+ $permissionManager->userHasRight( $user, 'delete' ) ? 'thisisdeleted' : 'viewdeleted'
+ )->rawParams( $restorelink )->parseAsBlock();
$this->getOutput()->addHTML(
Html::rawElement(
'div',
* @ingroup SpecialPage
*/
+use MediaWiki\MediaWikiServices;
+
/**
* Special page to allow managing user group membership
*
* (e.g. they don't have the userrights permission), then don't
* allow them to change any user rights.
*/
- if ( !$user->isAllowed( 'userrights' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'userrights' )
+ ) {
$block = $user->getBlock();
if ( $block && $block->isSitewide() ) {
throw new UserBlockedError( $block );
if ( WikiMap::isCurrentWikiId( $dbDomain ) ) {
$dbDomain = '';
} else {
- if ( $writing && !$this->getUser()->isAllowed( 'userrights-interwiki' ) ) {
+ if ( $writing && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'userrights-interwiki' )
+ ) {
return Status::newFatal( 'userrights-no-interwiki' );
}
if ( !UserRightsProxy::validDatabase( $dbDomain ) ) {
// Log entries with DELETED_ACTION must not show up unless the user has
// the necessary rights.
- if ( !$user->isAllowed( 'deletedhistory' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
$bitmask = LogPage::DELETED_ACTION;
- } elseif ( !MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
- ) {
+ } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) {
$bitmask = LogPage::DELETED_ACTION | LogPage::DELETED_RESTRICTED;
} else {
$bitmask = 0;
* @todo Use some variant of Pager or something; the pagination here is lousy.
*/
+use MediaWiki\MediaWikiServices;
use Wikimedia\Rdbms\IDatabase;
/**
// if the page is editable, add an edit link
if (
// check user permissions
- $this->getUser()->isAllowed( 'edit' ) &&
+ MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'edit' ) &&
// check, if the content model is editable through action=edit
ContentHandler::getForTitle( $target )->supportsDirectEditing()
) {
* @return string
*/
function getButtons() {
- if ( !MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAnyRight( $this->getModifiedUser(), 'editmyprivateinfo', 'editmyoptions' )
- ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( !$permissionManager->userHasAnyRight(
+ $this->getModifiedUser(),
+ 'editmyprivateinfo',
+ 'editmyoptions'
+ ) ) {
return '';
}
$html = parent::getButtons();
- if ( $this->getModifiedUser()->isAllowed( 'editmyoptions' ) ) {
+ if ( $permissionManager->userHasRight( $this->getModifiedUser(), 'editmyoptions' ) ) {
$t = $this->getTitle()->getSubpage( 'reset' );
$html .= new OOUI\ButtonWidget( [
parent::__construct( $descriptor, $context, 'upload' );
# Add a link to edit MediaWiki:Licenses
- if ( $this->getUser()->isAllowed( 'editinterface' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'editinterface' )
+ ) {
$this->getOutput()->addModuleStyles( 'mediawiki.special' );
$licensesLink = $linkRenderer->makeKnownLink(
$this->msg( 'licenses' )->inContentLanguage()->getTitle(),
* @ingroup Pager
*/
+use MediaWiki\MediaWikiServices;
+
/**
* This class is used to get a list of active users. The ones with specials
* rights (sysop, bureaucrat, developer) will have them displayed
] ];
$conds['ug2.ug_user'] = null;
}
- if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'hideuser' )
+ ) {
$conds[] = 'NOT EXISTS (' . $dbr->selectSQLText(
'ipblocks', '1', [ 'ipb_user=user_id', 'ipb_deleted' => 1 ]
) . ')';
$value,
/* User preference timezone */true
) );
- if ( $this->getUser()->isAllowed( 'block' ) ) {
+ if ( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'block' )
+ ) {
$links = [];
if ( $row->ipb_auto ) {
$links[] = $linkRenderer->makeKnownLink(
$info['conds'][] = 'ipb_expiry > ' . $db->addQuotes( $db->timestamp() );
# Is the user allowed to see hidden blocks?
- if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'hideuser' )
+ ) {
$info['conds']['ipb_deleted'] = 0;
}
'options' => [],
'join_conds' => $revQuery['joins'],
];
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
// WARNING: Keep this in sync with getTargetTable()!
$user = User::newFromName( $this->target, false );
$queryInfo['conds'] = array_merge( $queryInfo['conds'], $this->getNamespaceCond() );
// Paranoia: avoid brute force searches (T19342)
- if ( !$user->isAllowed( 'deletedhistory' ) ) {
+ if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
$queryInfo['conds'][] = $this->mDb->bitAnd(
'rev_deleted', RevisionRecord::DELETED_USER
) . ' = 0';
- } elseif ( !MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
- ) {
+ } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) {
$queryInfo['conds'][] = $this->mDb->bitAnd(
'rev_deleted', RevisionRecord::SUPPRESSED_USER
) . ' != ' . RevisionRecord::SUPPRESSED_USER;
];
$conds = array_merge( $userCond, $this->getNamespaceCond() );
$user = $this->getUser();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
// Paranoia: avoid brute force searches (T19792)
- if ( !$user->isAllowed( 'deletedhistory' ) ) {
+ if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
$conds[] = $this->mDb->bitAnd( 'ar_deleted', RevisionRecord::DELETED_USER ) . ' = 0';
- } elseif ( !MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
- ) {
+ } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) {
$conds[] = $this->mDb->bitAnd( 'ar_deleted', RevisionRecord::SUPPRESSED_USER ) .
' != ' . RevisionRecord::SUPPRESSED_USER;
}
);
$user = $this->getUser();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
- if ( $user->isAllowed( 'deletedtext' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'deletedtext' ) ) {
$last = $linkRenderer->makeKnownLink(
$undelete,
$this->messages['diff'],
$comment = Linker::revComment( $rev );
$date = $this->getLanguage()->userTimeAndDate( $rev->getTimestamp(), $user );
- if ( !$user->isAllowed( 'undelete' ) || !$rev->userCan( RevisionRecord::DELETED_TEXT, $user ) ) {
+ if ( !$permissionManager->userHasRight( $user, 'undelete' ) ||
+ !$rev->userCan( RevisionRecord::DELETED_TEXT, $user )
+ ) {
$link = htmlspecialchars( $date ); // unusable link
} else {
$link = $linkRenderer->makeKnownLink(
*/
use MediaWiki\Linker\LinkRenderer;
+use MediaWiki\MediaWikiServices;
class ProtectedPagesPager extends TablePager {
$formatted = htmlspecialchars( $this->getLanguage()->formatExpiry(
$value, /* User preference timezone */true ) );
$title = Title::makeTitleSafe( $row->page_namespace, $row->page_title );
- if ( $this->getUser()->isAllowed( 'protect' ) && $title ) {
+ if ( $title && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'protect' )
+ ) {
$changeProtection = $linkRenderer->makeKnownLink(
$title,
$this->msg( 'protect_change' )->text(),
* @ingroup Pager
*/
+use MediaWiki\MediaWikiServices;
+
/**
* This class is used to get a list of user. The ones with specials
* rights (sysop, bureaucrat, developer) will have them displayed
$conds = [];
// Don't show hidden names
- if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $this->getUser(), 'hideuser' )
+ ) {
$conds[] = 'ipb_deleted IS NULL OR ipb_deleted = 0';
}
* @file
* @ingroup Upload
*/
+
+use MediaWiki\MediaWikiServices;
use MediaWiki\Shell\Shell;
+use MediaWiki\User\UserIdentity;
/**
* @defgroup Upload Upload related
* identifying the missing permission.
* Can be overridden by subclasses.
*
- * @param User $user
+ * @param UserIdentity $user
* @return bool|string
*/
- public static function isAllowed( $user ) {
+ public static function isAllowed( UserIdentity $user ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
foreach ( [ 'upload', 'edit' ] as $permission ) {
- if ( !$user->isAllowed( $permission ) ) {
+ if ( !$permissionManager->userHasRight( $user, $permission ) ) {
return $permission;
}
}
* wfFindFile finds a file, it exists in a shared repository.
*/
$file = wfFindFile( $this->getTitle(), [ 'latest' => true ] );
- if ( $file && !$user->isAllowed( 'reupload-shared' ) ) {
+ if ( $file && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'reupload-shared' )
+ ) {
return [ 'fileexists-shared-forbidden', $file->getName() ];
}
* @return bool
*/
public static function userCanReUpload( User $user, File $img ) {
- if ( $user->isAllowed( 'reupload' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( $permissionManager->userHasRight( $user, 'reupload' ) ) {
return true; // non-conditional
- } elseif ( !$user->isAllowed( 'reupload-own' ) ) {
+ } elseif ( !$permissionManager->userHasRight( $user, 'reupload-own' ) ) {
return false;
}
<?php
-
-use MediaWiki\MediaWikiServices;
-
/**
* Backend for uploading files from a HTTP resource.
*
* @ingroup Upload
*/
+use MediaWiki\MediaWikiServices;
+use MediaWiki\User\UserIdentity;
+
/**
* Implements uploading from a HTTP resource.
*
* user is not allowed, return the name of the user right as a string. If
* the user is allowed, have the parent do further permissions checking.
*
- * @param User $user
+ * @param UserIdentity $user
*
* @return bool|string
*/
- public static function isAllowed( $user ) {
- if ( !$user->isAllowed( 'upload_by_url' ) ) {
+ public static function isAllowed( UserIdentity $user ) {
+ if ( !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'upload_by_url' )
+ ) {
return 'upload_by_url';
}
$url = $request->getVal( 'wpUploadFileURL' );
return !empty( $url )
- && $wgUser->isAllowed( 'upload_by_url' );
+ && MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $wgUser, 'upload_by_url' );
}
/**
* @file
*/
+use MediaWiki\MediaWikiServices;
+
/**
* A CentralIdLookup provider that just uses local IDs. Useful if the wiki
* isn't part of a cluster or you're using shared user tables.
'user_id' => array_map( 'intval', array_keys( $idToName ) ),
];
$join = [];
- if ( $audience && !$audience->isAllowed( 'hideuser' ) ) {
+ if ( $audience && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $audience, 'hideuser' )
+ ) {
$tables[] = 'ipblocks';
$join['ipblocks'] = [ 'LEFT JOIN', 'ipb_user=user_id' ];
$fields[] = 'ipb_deleted';
'user_name' => array_map( 'strval', array_keys( $nameToId ) ),
];
$join = [];
- if ( $audience && !$audience->isAllowed( 'hideuser' ) ) {
+ if ( $audience && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $audience, 'hideuser' )
+ ) {
$tables[] = 'ipblocks';
$join['ipblocks'] = [ 'LEFT JOIN', 'ipb_user=user_id' ];
$where[] = 'ipb_deleted = 0 OR ipb_deleted IS NULL';
use MediaWiki\Auth\AuthManager;
use MediaWiki\Auth\TemporaryPasswordAuthenticationRequest;
+use MediaWiki\Permissions\PermissionManager;
use Psr\Log\LoggerAwareInterface;
use Psr\Log\LoggerInterface;
use MediaWiki\Logger\LoggerFactory;
/** @var AuthManager */
protected $authManager;
+ /** @var PermissionManager */
+ private $permissionManager;
+
/** @var LoggerInterface */
protected $logger;
*/
private $permissionCache;
- public function __construct( Config $config, AuthManager $authManager ) {
+ public function __construct(
+ Config $config,
+ AuthManager $authManager,
+ PermissionManager $permissionManager
+ ) {
$this->config = $config;
$this->authManager = $authManager;
+ $this->permissionManager = $permissionManager;
$this->permissionCache = new MapCacheLRU( 1 );
$this->logger = LoggerFactory::getInstance( 'authentication' );
}
} elseif ( !$this->config->get( 'EnableEmail' ) ) {
// Maybe email features have been disabled
$status = StatusValue::newFatal( 'passwordreset-emaildisabled' );
- } elseif ( !$user->isAllowed( 'editmyprivateinfo' ) ) {
+ } elseif ( !$this->permissionManager->userHasRight( $user, 'editmyprivateinfo' ) ) {
// Maybe not all users have permission to change private data
$status = StatusValue::newFatal( 'badaccess' );
} elseif ( $this->isBlocked( $user ) ) {
* @file
*/
+use MediaWiki\MediaWikiServices;
+
/**
* Handles searching prefixes of user names
*
$joinConds = [];
// Filter out hidden user names
- if ( $audience === 'public' || !$audience->isAllowed( 'hideuser' ) ) {
+ if ( $audience === 'public' || !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $audience, 'hideuser' )
+ ) {
$tables[] = 'ipblocks';
$cond['ipb_deleted'] = [ 0, null ];
$joinConds['ipblocks'] = [ 'LEFT JOIN', 'user_id=ipb_user' ];
use Content;
use Language;
+use MediaWiki\MediaWikiServices;
use MediaWiki\Revision\MutableRevisionRecord;
use MediaWiki\Revision\MutableRevisionSlots;
use MediaWiki\Revision\RenderedRevision;
$mock->expects( $this->any() )
->method( 'userCan' )
->willReturnCallback( function ( $perm, User $user ) use ( $mock ) {
- return $user->isAllowed( $perm );
+ return MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, $perm );
} );
return $mock;
<?php
use MediaWiki\Block\DatabaseBlock;
+use MediaWiki\MediaWikiServices;
/**
* @covers LocalIdLookup
public function testLookupCentralIds() {
$lookup = new LocalIdLookup();
-
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
$user1 = $this->getLookupUser();
$user2 = User::newFromName( 'UTLocalIdLookup2' );
- $this->assertTrue( $user1->isAllowed( 'hideuser' ), 'sanity check' );
- $this->assertFalse( $user2->isAllowed( 'hideuser' ), 'sanity check' );
+ $this->assertTrue( $permissionManager->userHasRight( $user1, 'hideuser' ), 'sanity check' );
+ $this->assertFalse( $permissionManager->userHasRight( $user2, 'hideuser' ), 'sanity check' );
$this->assertSame( [], $lookup->lookupCentralIds( [] ) );
public function testLookupUserNames() {
$lookup = new LocalIdLookup();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
$user1 = $this->getLookupUser();
$user2 = User::newFromName( 'UTLocalIdLookup2' );
- $this->assertTrue( $user1->isAllowed( 'hideuser' ), 'sanity check' );
- $this->assertFalse( $user2->isAllowed( 'hideuser' ), 'sanity check' );
+ $this->assertTrue( $permissionManager->userHasRight( $user1, 'hideuser' ), 'sanity check' );
+ $this->assertFalse( $permissionManager->userHasRight( $user2, 'hideuser' ), 'sanity check' );
$this->assertSame( [], $lookup->lookupUserNames( [] ) );
use MediaWiki\Block\DatabaseBlock;
use MediaWiki\Block\CompositeBlock;
use MediaWiki\Block\SystemBlock;
+use MediaWiki\Permissions\PermissionManager;
/**
* @covers PasswordReset
$user->expects( $this->any() )->method( 'getName' )->willReturn( 'Foo' );
$user->expects( $this->any() )->method( 'getBlock' )->willReturn( $block );
$user->expects( $this->any() )->method( 'getGlobalBlock' )->willReturn( $globalBlock );
- $user->expects( $this->any() )->method( 'isAllowed' )
- ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate ) {
- if ( $perm === 'editmyprivateinfo' ) {
- return $canEditPrivate;
- } else {
- $this->fail( 'Unexpected permission check' );
- }
- } ) );
- $passwordReset = new PasswordReset( $config, $authManager );
+ $permissionManager = $this->getMockBuilder( PermissionManager::class )
+ ->disableOriginalConstructor()
+ ->getMock();
+ $permissionManager->method( 'userHasRight' )
+ ->with( $user, 'editmyprivateinfo' )
+ ->willReturn( $canEditPrivate );
+
+ $passwordReset = new PasswordReset(
+ $config,
+ $authManager,
+ $permissionManager
+ );
$this->assertSame( $isAllowed, $passwordReset->isAllowed( $user )->isGood() );
}
$request->setIP( '1.2.3.4' );
$performingUser = $this->getMockBuilder( User::class )->getMock();
$performingUser->expects( $this->any() )->method( 'getRequest' )->willReturn( $request );
- $performingUser->expects( $this->any() )->method( 'isAllowed' )->willReturn( true );
$performingUser->expects( $this->any() )->method( 'getName' )->willReturn( 'Performer' );
+ $permissionManager = $this->getMockBuilder( PermissionManager::class )
+ ->disableOriginalConstructor()
+ ->getMock();
+ $permissionManager->expects( $this->once() )
+ ->method( 'userHasRight' )
+ ->with( $performingUser, 'editmyprivateinfo' )
+ ->willReturn( true );
+
$targetUser1 = $this->getMockBuilder( User::class )->getMock();
$targetUser2 = $this->getMockBuilder( User::class )->getMock();
$targetUser1->expects( $this->any() )->method( 'getName' )->willReturn( 'User1' );
$targetUser2->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
$passwordReset = $this->getMockBuilder( PasswordReset::class )
- ->setMethods( [ 'getUsersByEmail' ] )->setConstructorArgs( [ $config, $authManager ] )
+ ->setConstructorArgs( [ $config, $authManager, $permissionManager ] )
+ ->setMethods( [ 'getUsersByEmail' ] )
->getMock();
$passwordReset->expects( $this->any() )->method( 'getUsersByEmail' )->with( 'foo@bar.baz' )
->willReturn( [ $targetUser1, $targetUser2 ] );
<?php
+use MediaWiki\MediaWikiServices;
+
/**
* @group Database
*/
$user->clearInstanceCache();
$this->assertContains( 'unittesters', $user->getGroups() );
$this->assertArrayHasKey( 'unittesters', $user->getGroupMemberships() );
- $this->assertTrue( $user->isAllowed( 'runtest' ) );
+ $this->assertTrue( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'runtest' ) );
// try updating without allowUpdate. Should fail
$ugm = new UserGroupMembership( $user->getId(), 'unittesters', $this->expiryTime );
$user->clearInstanceCache();
$this->assertContains( 'unittesters', $user->getGroups() );
$this->assertArrayHasKey( 'unittesters', $user->getGroupMemberships() );
- $this->assertTrue( $user->isAllowed( 'runtest' ) );
+ $this->assertTrue( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'runtest' ) );
// try removing the group
$ugm->delete();
$this->logicalNot( $this->contains( 'unittesters' ) ) );
$this->assertThat( $user->getGroupMemberships(),
$this->logicalNot( $this->arrayHasKey( 'unittesters' ) ) );
- $this->assertFalse( $user->isAllowed( 'runtest' ) );
+ $this->assertFalse( MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'runtest' ) );
// check that the user group is now in user_former_groups
$this->assertContains( 'unittesters', $user->getFormerGroups() );