* @ingroup Watchlist
*/
class WatchedItem {
- var $mTitle, $mUser;
+ /**
+ * Constant to specify that user rights 'editmywatchlist' and
+ * 'viewmywatchlist' should not be checked.
+ * @since 1.22
+ */
+ const IGNORE_USER_RIGHTS = 0;
+
+ /**
+ * Constant to specify that user rights 'editmywatchlist' and
+ * 'viewmywatchlist' should be checked.
+ * @since 1.22
+ */
+ const CHECK_USER_RIGHTS = 1;
+
+ var $mTitle, $mUser, $mCheckRights;
private $loaded = false, $watched, $timestamp;
/**
* Create a WatchedItem object with the given user and title
+ * @since 1.22 $checkRights parameter added
* @param $user User: the user to use for (un)watching
* @param $title Title: the title we're going to (un)watch
+ * @param $checkRights int: Whether to check the 'viewmywatchlist' and 'editmywatchlist' rights.
+ * Pass either WatchedItem::IGNORE_USER_RIGHTS or WatchedItem::CHECK_USER_RIGHTS.
* @return WatchedItem object
*/
- public static function fromUserTitle( $user, $title ) {
+ public static function fromUserTitle( $user, $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
$wl = new WatchedItem;
$wl->mUser = $user;
$wl->mTitle = $title;
+ $wl->mCheckRights = $checkRights;
return $wl;
}
}
$this->loaded = true;
+ // Only loggedin user can have a watchlist
+ if ( $this->mUser->isAnon() ) {
+ $this->watched = false;
+ return;
+ }
+
# Pages and their talk pages are considered equivalent for watching;
# remember that talk namespaces are numbered as page namespace+1.
}
}
+ /**
+ * Check permissions
+ * @param $what string: 'viewmywatchlist' or 'editmywatchlist'
+ */
+ private function isAllowed( $what ) {
+ return !$this->mCheckRights || $this->mUser->isAllowed( $what );
+ }
+
/**
* Is mTitle being watched by mUser?
* @return bool
*/
public function isWatched() {
+ if ( !$this->isAllowed( 'viewmywatchlist' ) ) {
+ return false;
+ }
+
$this->load();
return $this->watched;
}
* the wl_notificationtimestamp field otherwise
*/
public function getNotificationTimestamp() {
+ if ( !$this->isAllowed( 'viewmywatchlist' ) ) {
+ return false;
+ }
+
$this->load();
if ( $this->watched ) {
return $this->timestamp;
* page is not watched or the notification timestamp is already NULL.
*/
public function resetNotificationTimestamp( $force = '' ) {
+ // Only loggedin user can have a watchlist
+ if ( wfReadOnly() || $this->mUser->isAnon() || !$this->isAllowed( 'editmywatchlist' ) ) {
+ return;
+ }
+
if ( $force != 'force' ) {
$this->load();
if ( !$this->watched || $this->timestamp === null ) {
/**
* Given a title and user (assumes the object is setup), add the watch to the
* database.
- * @return bool (always true)
+ * @return bool
*/
public function addWatch() {
wfProfileIn( __METHOD__ );
+ // Only loggedin user can have a watchlist
+ if ( wfReadOnly() || $this->mUser->isAnon() || !$this->isAllowed( 'editmywatchlist' ) ) {
+ wfProfileOut( __METHOD__ );
+ return false;
+ }
+
// Use INSERT IGNORE to avoid overwriting the notification timestamp
// if there's already an entry for this page
$dbw = wfGetDB( DB_MASTER );
public function removeWatch() {
wfProfileIn( __METHOD__ );
+ // Only loggedin user can have a watchlist
+ if ( wfReadOnly() || $this->mUser->isAnon() || !$this->isAllowed( 'editmywatchlist' ) ) {
+ wfProfileOut( __METHOD__ );
+ return false;
+ }
+
$success = false;
$dbw = wfGetDB( DB_MASTER );
$dbw->delete( 'watchlist',
);
}
- if( empty( $values ) ) {
+ if ( empty( $values ) ) {
// Nothing to do
return true;
}
dépôts / lhc / web / wiklou.git / blobdiff