From: Happy-melon Date: Fri, 18 Mar 2011 14:48:21 +0000 (+0000) Subject: Allow User::isAllowed() to take varargs. "is allowed X or Y" is by far the more... X-Git-Tag: 1.31.0-rc.0~31353 X-Git-Url: http://git.cyclocoop.org/ecrire?a=commitdiff_plain;h=81852ea1a64a592255cecfd15d7a28a2ec22a248;p=lhc%2Fweb%2Fwiklou.git Allow User::isAllowed() to take varargs. "is allowed X or Y" is by far the more common multiple permission check in core, so this is now the behaviour of isAllowed( X, Y ); also add isAllowedAll(...) for testing "is allowed X and Y". Has the nice side effect of adding visibility to a very old function. --- diff --git a/includes/Article.php b/includes/Article.php index bcb33056d7..254403c44a 100644 --- a/includes/Article.php +++ b/includes/Article.php @@ -3458,7 +3458,7 @@ class Article { $flags |= EDIT_MINOR; } - if ( $bot && ( $wgUser->isAllowed( 'markbotedits' ) || $wgUser->isAllowed( 'bot' ) ) ) { + if ( $bot && ( $wgUser->isAllowed( 'markbotedits', 'bot' ) ) ) { $flags |= EDIT_FORCE_BOT; } diff --git a/includes/HistoryPage.php b/includes/HistoryPage.php index 63b14b1a67..d5991aa50a 100644 --- a/includes/HistoryPage.php +++ b/includes/HistoryPage.php @@ -510,7 +510,7 @@ class HistoryPager extends ReverseChronologicalPager { $del = ''; // Show checkboxes for each revision - if ( $wgUser->isAllowed( 'deleterevision' ) || $wgUser->isAllowed( 'revisionmove' ) ) { + if ( $wgUser->isAllowed( 'deleterevision', 'revisionmove' ) ) { $this->preventClickjacking(); // If revision was hidden from sysops, disable the checkbox // However, if the user has revisionmove rights, we cannot disable the checkbox diff --git a/includes/ImagePage.php b/includes/ImagePage.php index cbac9dc5c3..183e933ebd 100644 --- a/includes/ImagePage.php +++ b/includes/ImagePage.php @@ -930,7 +930,7 @@ class ImageHistoryList { . $navLinks . "\n" . Xml::openElement( 'table', array( 'class' => 'wikitable filehistory' ) ) . "\n" . '' - . ( $this->current->isLocal() && ( $wgUser->isAllowed( 'delete' ) || $wgUser->isAllowed( 'deletedhistory' ) ) ? '' : '' ) + . ( $this->current->isLocal() && ( $wgUser->isAllowed( 'delete', 'deletedhistory' ) ) ? '' : '' ) . '' . wfMsgHtml( 'filehist-datetime' ) . '' . ( $this->showThumb ? '' . wfMsgHtml( 'filehist-thumb' ) . '' : '' ) . '' . wfMsgHtml( 'filehist-dimensions' ) . '' @@ -961,7 +961,7 @@ class ImageHistoryList { $row = $selected = ''; // Deletion link - if ( $local && ( $wgUser->isAllowed( 'delete' ) || $wgUser->isAllowed( 'deletedhistory' ) ) ) { + if ( $local && ( $wgUser->isAllowed( 'delete', 'deletedhistory' ) ) ) { $row .= ''; # Link to remove from history if ( $wgUser->isAllowed( 'delete' ) ) { diff --git a/includes/ProtectionForm.php b/includes/ProtectionForm.php index c836352073..5f9d5d88d9 100644 --- a/includes/ProtectionForm.php +++ b/includes/ProtectionForm.php @@ -133,7 +133,7 @@ class ProtectionForm { // Prevent users from setting levels that they cannot later unset if( $val == 'sysop' ) { // Special case, rewrite sysop to either protect and editprotected - if( !$wgUser->isAllowed('protect') && !$wgUser->isAllowed('editprotected') ) + if( !$wgUser->isAllowed( 'protect', 'editprotected' ) ) continue; } else { if( !$wgUser->isAllowed($val) ) @@ -527,7 +527,7 @@ class ProtectionForm { //don't let them choose levels above their own (aka so they can still unprotect and edit the page). but only when the form isn't disabled if( $key == 'sysop' ) { //special case, rewrite sysop to protect and editprotected - if( !$wgUser->isAllowed('protect') && !$wgUser->isAllowed('editprotected') && !$this->disabled ) + if( !$wgUser->isAllowed( 'protect', 'editprotected' ) && !$this->disabled ) continue; } else { if( !$wgUser->isAllowed($key) && !$this->disabled ) diff --git a/includes/Title.php b/includes/Title.php index 635c75900d..9141474c3e 100644 --- a/includes/Title.php +++ b/includes/Title.php @@ -1999,7 +1999,7 @@ class Title { */ public function userCanEditCssSubpage() { global $wgUser; - return ( ( $wgUser->isAllowed( 'editusercssjs' ) && $wgUser->isAllowed( 'editusercss' ) ) + return ( ( $wgUser->isAllowedAll( 'editusercssjs', 'editusercss' ) ) || preg_match( '/^' . preg_quote( $wgUser->getName(), '/' ) . '\//', $this->mTextform ) ); } @@ -2012,7 +2012,7 @@ class Title { */ public function userCanEditJsSubpage() { global $wgUser; - return ( ( $wgUser->isAllowed( 'editusercssjs' ) && $wgUser->isAllowed( 'edituserjs' ) ) + return ( ( $wgUser->isAllowedAll( 'editusercssjs', 'edituserjs' ) ) || preg_match( '/^' . preg_quote( $wgUser->getName(), '/' ) . '\//', $this->mTextform ) ); } diff --git a/includes/User.php b/includes/User.php index 9d981ac685..4fb0d1ec3a 100644 --- a/includes/User.php +++ b/includes/User.php @@ -2245,10 +2245,39 @@ class User { /** * Check if user is allowed to access a feature / make an action - * @param $action String action to be checked - * @return Boolean: True if action is allowed, else false + * @param varargs String permissions to test + * @return Boolean: True if user is allowed to perform *any* of the given actions */ - function isAllowed( $action = '' ) { + public function isAllowed( /*...*/ ){ + $permissions = func_get_args(); + foreach( $permissions as $permission ){ + if( $this->isAllowedInternal( $permission ) ){ + return true; + } + } + return false; + } + + /** + * @param varargs String + * @return bool True if the user is allowed to perform *all* of the given actions + */ + public function isAllowedAll( /*...*/ ){ + $permissions = func_get_args(); + foreach( $permissions as $permission ){ + if( !$this->isAllowedInternal( $permission ) ){ + return false; + } + } + return true; + } + + /** + * Internal mechanics of testing a permission + * @param $action String + * @return bool + */ + private function isAllowedInternal( $action = '' ) { if ( $action === '' ) { return true; // In the spirit of DWIM } @@ -2269,7 +2298,7 @@ class User { */ public function useRCPatrol() { global $wgUseRCPatrol; - return( $wgUseRCPatrol && ( $this->isAllowed( 'patrol' ) || $this->isAllowed( 'patrolmarks' ) ) ); + return $wgUseRCPatrol && $this->isAllowedAny( 'patrol', 'patrolmarks' ); } /** @@ -2278,7 +2307,7 @@ class User { */ public function useNPPatrol() { global $wgUseRCPatrol, $wgUseNPPatrol; - return( ( $wgUseRCPatrol || $wgUseNPPatrol ) && ( $this->isAllowed( 'patrol' ) || $this->isAllowed( 'patrolmarks' ) ) ); + return( ( $wgUseRCPatrol || $wgUseNPPatrol ) && ( $this->isAllowedAny( 'patrol', 'patrolmarks' ) ) ); } /** diff --git a/includes/api/ApiFileRevert.php b/includes/api/ApiFileRevert.php index 3a183a4780..2cf3b90561 100644 --- a/includes/api/ApiFileRevert.php +++ b/includes/api/ApiFileRevert.php @@ -78,7 +78,7 @@ class ApiFileRevert extends ApiBase { * @param $user User The user to check. */ protected function checkPermissions( $user ) { - $permission = $user->isAllowed( 'edit' ) && $user->isAllowed( 'upload' ); + $permission = $user->isAllowedAll( 'edit', 'upload' ); if ( $permission !== true ) { if ( !$user->isLoggedIn() ) { diff --git a/includes/specials/SpecialImport.php b/includes/specials/SpecialImport.php index 73416a8e0a..b1292d2d10 100644 --- a/includes/specials/SpecialImport.php +++ b/includes/specials/SpecialImport.php @@ -144,7 +144,7 @@ class SpecialImport extends SpecialPage { private function showForm() { global $wgUser, $wgOut, $wgImportSources, $wgExportMaxLinkDepth; - if( !$wgUser->isAllowed( 'import' ) && !$wgUser->isAllowed( 'importupload' ) ) + if( !$wgUser->isAllowed( 'import', 'importupload' ) ) return $wgOut->permissionRequired( 'import' ); $action = $this->getTitle()->getLocalUrl( array( 'action' => 'submit' ) );