From: Neil Kandalgaonkar <neilk@users.mediawiki.org>
Date: Fri, 25 Mar 2011 20:42:05 +0000 (+0000)
Subject: don't check title permissions if upload is destined for stash anyway
X-Git-Tag: 1.31.0-rc.0~31188
X-Git-Url: http://git.cyclocoop.org/wiki/Target_page?a=commitdiff_plain;h=331406bf46fa8bb1acf0f4510b704928999ee89d;p=lhc%2Fweb%2Fwiklou.git

don't check title permissions if upload is destined for stash anyway
---

diff --git a/includes/api/ApiUpload.php b/includes/api/ApiUpload.php
index 7af6818057..c9ad2838cb 100644
--- a/includes/api/ApiUpload.php
+++ b/includes/api/ApiUpload.php
@@ -82,11 +82,15 @@ class ApiUpload extends ApiBase {
 		// Check if the uploaded file is sane
 		$this->verifyUpload();
 
-		// Check permission to upload this file
-		$permErrors = $this->mUpload->verifyTitlePermissions( $wgUser );
-		if ( $permErrors !== true ) {
-			// TODO: stash the upload and allow choosing a new name
-			$this->dieUsageMsg( array( 'badaccess-groups' ) );
+		// Check if the user has the rights to modify or overwrite the requested title
+		// (This check is irrelevant if stashing is already requested, since the errors
+		//  can always be fixed by changing the title)
+		if ( ! $this->mParams['stash'] ) {
+			$permErrors = $this->mUpload->verifyTitlePermissions( $wgUser );
+			if ( $permErrors !== true ) {
+				// TODO: stash the upload and allow choosing a new name
+				$this->dieUsageMsg( array( 'badaccess-groups' ) );
+			}
 		}
 
 		// Prepare the API result