$request = $this->getRequest();
// Check blocks
- if ( $user->isBlocked() ) {
- throw new UserBlockedError( $user->getBlock() );
+ // @TODO Use PermissionManager::isBlockedFrom() instead.
+ $block = $user->getBlock();
+ if ( $block ) {
+ throw new UserBlockedError( $block );
}
$this->setHeaders();
$list = $this->getList();
for ( $list->reset(); $list->current(); $list->next() ) {
$item = $list->current();
+ if ( !$item->canView() ) {
+ throw new ErrorPageError( 'permissionserrors', 'tags-update-no-permission' );
+ }
$numRevisions++;
$out->addHTML( $item->getHTML() );
}
// HTML maxlength uses "UTF-16 code units", which means that characters outside BMP
// (e.g. emojis) count for two each. This limit is overridden in JS to instead count
// Unicode codepoints.
- // "- 155" is to leave room for the auto-generated part of the log entry.
- 'maxlength' => CommentStore::COMMENT_CHARACTER_LIMIT - 155,
+ 'maxlength' => CommentStore::COMMENT_CHARACTER_LIMIT,
] ) .
'</td>' .
"</tr><tr>\n" .