From: Jackmcbarn Date: Thu, 8 May 2014 19:26:31 +0000 (-0400) Subject: Include action in permission error messages X-Git-Tag: 1.31.0-rc.0~14394^2 X-Git-Url: https://git.cyclocoop.org/%242?a=commitdiff_plain;h=f51a1c4659b17343846f2d54db03d758f11b76c9;p=lhc%2Fweb%2Fwiklou.git Include action in permission error messages In permission error messages that can be displayed for multiple actions, add a parameter indicating which action was attempted. This allows fixing confusing messages such as "You can't edit this page" when a user tries to move a page that they can edit but not move. Bug: 40145 Change-Id: Ib4b75d8b1e0db96fe8a58f7343b0b2811fd19682 --- diff --git a/includes/Title.php b/includes/Title.php index 9d8614df44..0de50f44b2 100644 --- a/includes/Title.php +++ b/includes/Title.php @@ -2120,7 +2120,7 @@ class Title { $ns = $this->mNamespace == NS_MAIN ? wfMessage( 'nstab-main' )->text() : $this->getNsText(); $errors[] = $this->mNamespace == NS_MEDIAWIKI ? - array( 'protectedinterface' ) : array( 'namespaceprotected', $ns ); + array( 'protectedinterface', $action ) : array( 'namespaceprotected', $ns, $action ); } return $errors; @@ -2144,15 +2144,15 @@ class Title { if ( $action != 'patrol' && !$user->isAllowed( 'editusercssjs' ) ) { if ( preg_match( '/^' . preg_quote( $user->getName(), '/' ) . '\//', $this->mTextform ) ) { if ( $this->isCssSubpage() && !$user->isAllowedAny( 'editmyusercss', 'editusercss' ) ) { - $errors[] = array( 'mycustomcssprotected' ); + $errors[] = array( 'mycustomcssprotected', $action ); } elseif ( $this->isJsSubpage() && !$user->isAllowedAny( 'editmyuserjs', 'edituserjs' ) ) { - $errors[] = array( 'mycustomjsprotected' ); + $errors[] = array( 'mycustomjsprotected', $action ); } } else { if ( $this->isCssSubpage() && !$user->isAllowed( 'editusercss' ) ) { - $errors[] = array( 'customcssprotected' ); + $errors[] = array( 'customcssprotected', $action ); } elseif ( $this->isJsSubpage() && !$user->isAllowed( 'edituserjs' ) ) { - $errors[] = array( 'customjsprotected' ); + $errors[] = array( 'customjsprotected', $action ); } } } @@ -2187,9 +2187,9 @@ class Title { continue; } if ( !$user->isAllowed( $right ) ) { - $errors[] = array( 'protectedpagetext', $right ); + $errors[] = array( 'protectedpagetext', $right, $action ); } elseif ( $this->mCascadeRestriction && !$user->isAllowed( 'protect' ) ) { - $errors[] = array( 'protectedpagetext', 'protect' ); + $errors[] = array( 'protectedpagetext', 'protect', $action ); } } @@ -2236,7 +2236,7 @@ class Title { foreach ( $cascadingSources as $page ) { $pages .= '* [[:' . $page->getPrefixedText() . "]]\n"; } - $errors[] = array( 'cascadeprotected', count( $cascadingSources ), $pages ); + $errors[] = array( 'cascadeprotected', count( $cascadingSources ), $pages, $action ); } } } @@ -2476,6 +2476,19 @@ class Title { 'checkPermissionHooks', 'checkReadPermissions', ); + # Don't call checkSpecialsAndNSPermissions or checkCSSandJSPermissions + # here as it will lead to duplicate error messages. This is okay to do + # since anywhere that checks for create will also check for edit, and + # those checks are called for edit. + } elseif ( $action == 'create' ) { + $checks = array( + 'checkQuickPermissions', + 'checkPermissionHooks', + 'checkPageRestrictions', + 'checkCascadingSourcesRestrictions', + 'checkActionPermissions', + 'checkUserBlock' + ); } else { $checks = array( 'checkQuickPermissions', diff --git a/languages/i18n/qqq.json b/languages/i18n/qqq.json index 2dd4d63e81..916cf8dc12 100644 --- a/languages/i18n/qqq.json +++ b/languages/i18n/qqq.json @@ -512,17 +512,17 @@ "viewsource-title": "Page title shown when trying to edit a protected page. Parameters:\n* $1 - the name of the page", "actionthrottled": "This is the title of an error page. Read it in combination with {{msg-mw|actionthrottledtext}}.", "actionthrottledtext": "Used as error message. Read it in combination with {{msg-mw|actionthrottled}}.", - "protectedpagetext": "This message is displayed when trying to edit a page you can't edit because it has been protected.\n\nThe title for this message is {{msg-mw|Protectedpage}}.\n\nParameters:\n* $1 - (Unused) the raw name of the right which is needed to edit the page", + "protectedpagetext": "This message is displayed when trying to edit a page you can't edit because it has been protected.\n\nThe title for this message is {{msg-mw|Protectedpage}}.\n\nParameters:\n* $1 - (Unused) the raw name of the right which is needed to edit the page\n* $2 - (Unused) the action the user attempted to perform", "viewsourcetext": "The text shown when displaying the source of a page that the user has no permission to edit", "viewyourtext": "Same as {{msg-mw|viewsourcetext}} but when showing the text submitted by the user, this happens e.g. when the user was blocked while he is editing the page", - "protectedinterface": "Message shown if a user without the \"editinterface\" right tries to edit a page in the MediaWiki namespace.\n\nSee also {{msg-mw|editinginterface}}.", + "protectedinterface": "Message shown if a user without the \"editinterface\" right tries to edit a page in the MediaWiki namespace.\n\nSee also {{msg-mw|editinginterface}}. Parameters:\n* $1 - (Unused) the action the user attempted to perform", "editinginterface": "A message shown when editing pages in the namespace MediaWiki:.\n\nSee also {{msg-mw|protectedinterface}}.", - "cascadeprotected": "Parameters:\n* $1 - number of cascade-protected pages, used for PLURAL\n* $2 - list of cascade-protected pages", - "namespaceprotected": "Parameters:\n* $1 - namespace name", - "customcssprotected": "Used as error message.", - "customjsprotected": "Used as error message.", - "mycustomcssprotected": "Used as error message.", - "mycustomjsprotected": "Used as error message.", + "cascadeprotected": "Parameters:\n* $1 - number of cascade-protected pages, used for PLURAL\n* $2 - list of cascade-protected pages\n* $3 - (Unused) the action the user attempted to perform", + "namespaceprotected": "Parameters:\n* $1 - namespace name\n* $2 - (Unused) the action the user attempted to perform", + "customcssprotected": "Used as error message. Parameters:\n* $1 - (Unused) the action the user attempted to perform", + "customjsprotected": "Used as error message. Parameters:\n* $1 - (Unused) the action the user attempted to perform", + "mycustomcssprotected": "Used as error message. Parameters:\n* $1 - (Unused) the action the user attempted to perform", + "mycustomjsprotected": "Used as error message. Parameters:\n* $1 - (Unused) the action the user attempted to perform", "myprivateinfoprotected": "Used as error message.", "mypreferencesprotected": "Used as error message.", "ns-specialprotected": "Error message displayed when trying to edit a page in the Special namespace", diff --git a/tests/phpunit/includes/TitlePermissionTest.php b/tests/phpunit/includes/TitlePermissionTest.php index ac80a9aa37..2a7e3d33a7 100644 --- a/tests/phpunit/includes/TitlePermissionTest.php +++ b/tests/phpunit/includes/TitlePermissionTest.php @@ -400,17 +400,17 @@ class TitlePermissionTest extends MediaWikiLangTestCase { $this->setTitle( NS_USER ); $this->setUserPerm( '' ); - $this->assertEquals( array( array( 'badaccess-group0' ), array( 'namespaceprotected', 'User' ) ), + $this->assertEquals( array( array( 'badaccess-group0' ), array( 'namespaceprotected', 'User', 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); $this->setTitle( NS_MEDIAWIKI ); $this->setUserPerm( 'bogus' ); - $this->assertEquals( array( array( 'protectedinterface' ) ), + $this->assertEquals( array( array( 'protectedinterface', 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); $this->setTitle( NS_MEDIAWIKI ); $this->setUserPerm( 'bogus' ); - $this->assertEquals( array( array( 'protectedinterface' ) ), + $this->assertEquals( array( array( 'protectedinterface', 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); $wgNamespaceProtection = null; @@ -437,38 +437,38 @@ class TitlePermissionTest extends MediaWikiLangTestCase { $this->setTitle( NS_USER, $this->userName . '/test.js' ); $this->runCSSandJSPermissions( - array( array( 'badaccess-group0' ), array( 'mycustomjsprotected' ) ), - array( array( 'badaccess-group0' ), array( 'mycustomjsprotected' ) ), + array( array( 'badaccess-group0' ), array( 'mycustomjsprotected', 'bogus' ) ), + array( array( 'badaccess-group0' ), array( 'mycustomjsprotected', 'bogus' ) ), array( array( 'badaccess-group0' ) ), - array( array( 'badaccess-group0' ), array( 'mycustomjsprotected' ) ), + array( array( 'badaccess-group0' ), array( 'mycustomjsprotected', 'bogus' ) ), array( array( 'badaccess-group0' ) ) ); $this->setTitle( NS_USER, $this->userName . '/test.css' ); $this->runCSSandJSPermissions( - array( array( 'badaccess-group0' ), array( 'mycustomcssprotected' ) ), + array( array( 'badaccess-group0' ), array( 'mycustomcssprotected', 'bogus' ) ), array( array( 'badaccess-group0' ) ), - array( array( 'badaccess-group0' ), array( 'mycustomcssprotected' ) ), + array( array( 'badaccess-group0' ), array( 'mycustomcssprotected', 'bogus' ) ), array( array( 'badaccess-group0' ) ), - array( array( 'badaccess-group0' ), array( 'mycustomcssprotected' ) ) + array( array( 'badaccess-group0' ), array( 'mycustomcssprotected', 'bogus' ) ) ); $this->setTitle( NS_USER, $this->altUserName . '/test.js' ); $this->runCSSandJSPermissions( - array( array( 'badaccess-group0' ), array( 'customjsprotected' ) ), - array( array( 'badaccess-group0' ), array( 'customjsprotected' ) ), - array( array( 'badaccess-group0' ), array( 'customjsprotected' ) ), - array( array( 'badaccess-group0' ), array( 'customjsprotected' ) ), + array( array( 'badaccess-group0' ), array( 'customjsprotected', 'bogus' ) ), + array( array( 'badaccess-group0' ), array( 'customjsprotected', 'bogus' ) ), + array( array( 'badaccess-group0' ), array( 'customjsprotected', 'bogus' ) ), + array( array( 'badaccess-group0' ), array( 'customjsprotected', 'bogus' ) ), array( array( 'badaccess-group0' ) ) ); $this->setTitle( NS_USER, $this->altUserName . '/test.css' ); $this->runCSSandJSPermissions( - array( array( 'badaccess-group0' ), array( 'customcssprotected' ) ), - array( array( 'badaccess-group0' ), array( 'customcssprotected' ) ), - array( array( 'badaccess-group0' ), array( 'customcssprotected' ) ), + array( array( 'badaccess-group0' ), array( 'customcssprotected', 'bogus' ) ), + array( array( 'badaccess-group0' ), array( 'customcssprotected', 'bogus' ) ), + array( array( 'badaccess-group0' ), array( 'customcssprotected', 'bogus' ) ), array( array( 'badaccess-group0' ) ), - array( array( 'badaccess-group0' ), array( 'customcssprotected' ) ) + array( array( 'badaccess-group0' ), array( 'customcssprotected', 'bogus' ) ) ); $this->setTitle( NS_USER, $this->altUserName . '/tempo' ); @@ -542,38 +542,38 @@ class TitlePermissionTest extends MediaWikiLangTestCase { "bogus" => array( 'bogus', "sysop", "protect", "" ) ); $this->assertEquals( array( array( 'badaccess-group0' ), - array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'editprotected' ), - array( 'protectedpagetext', 'protect' ) ), + array( 'protectedpagetext', 'bogus', 'bogus' ), + array( 'protectedpagetext', 'editprotected', 'bogus' ), + array( 'protectedpagetext', 'protect', 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); - $this->assertEquals( array( array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'editprotected' ), - array( 'protectedpagetext', 'protect' ) ), + $this->assertEquals( array( array( 'protectedpagetext', 'bogus', 'edit' ), + array( 'protectedpagetext', 'editprotected', 'edit' ), + array( 'protectedpagetext', 'protect', 'edit' ) ), $this->title->getUserPermissionsErrors( 'edit', $this->user ) ); $this->setUserPerm( "" ); $this->assertEquals( array( array( 'badaccess-group0' ), - array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'editprotected' ), - array( 'protectedpagetext', 'protect' ) ), + array( 'protectedpagetext', 'bogus', 'bogus' ), + array( 'protectedpagetext', 'editprotected', 'bogus' ), + array( 'protectedpagetext', 'protect', 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); $this->assertEquals( array( array( 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ), - array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'editprotected' ), - array( 'protectedpagetext', 'protect' ) ), + array( 'protectedpagetext', 'bogus', 'edit' ), + array( 'protectedpagetext', 'editprotected', 'edit' ), + array( 'protectedpagetext', 'protect', 'edit' ) ), $this->title->getUserPermissionsErrors( 'edit', $this->user ) ); $this->setUserPerm( array( "edit", "editprotected" ) ); $this->assertEquals( array( array( 'badaccess-group0' ), - array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'protect' ) ), + array( 'protectedpagetext', 'bogus', 'bogus' ), + array( 'protectedpagetext', 'protect', 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); $this->assertEquals( array( - array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'protect' ) ), + array( 'protectedpagetext', 'bogus', 'edit' ), + array( 'protectedpagetext', 'protect', 'edit' ) ), $this->title->getUserPermissionsErrors( 'edit', $this->user ) ); @@ -584,14 +584,14 @@ class TitlePermissionTest extends MediaWikiLangTestCase { $this->assertEquals( false, $this->title->quickUserCan( 'edit', $this->user ) ); $this->assertEquals( array( array( 'badaccess-group0' ), - array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'editprotected' ), - array( 'protectedpagetext', 'protect' ) ), + array( 'protectedpagetext', 'bogus', 'bogus' ), + array( 'protectedpagetext', 'editprotected', 'bogus' ), + array( 'protectedpagetext', 'protect', 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); - $this->assertEquals( array( array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'editprotected' ), - array( 'protectedpagetext', 'protect' ) ), + $this->assertEquals( array( array( 'protectedpagetext', 'bogus', 'edit' ), + array( 'protectedpagetext', 'editprotected', 'edit' ), + array( 'protectedpagetext', 'protect', 'edit' ) ), $this->title->getUserPermissionsErrors( 'edit', $this->user ) ); @@ -601,14 +601,14 @@ class TitlePermissionTest extends MediaWikiLangTestCase { $this->assertEquals( false, $this->title->quickUserCan( 'edit', $this->user ) ); $this->assertEquals( array( array( 'badaccess-group0' ), - array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'protect' ), - array( 'protectedpagetext', 'protect' ) ), + array( 'protectedpagetext', 'bogus', 'bogus' ), + array( 'protectedpagetext', 'protect', 'bogus' ), + array( 'protectedpagetext', 'protect', 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); - $this->assertEquals( array( array( 'protectedpagetext', 'bogus' ), - array( 'protectedpagetext', 'protect' ), - array( 'protectedpagetext', 'protect' ) ), + $this->assertEquals( array( array( 'protectedpagetext', 'bogus', 'edit' ), + array( 'protectedpagetext', 'protect', 'edit' ), + array( 'protectedpagetext', 'protect', 'edit' ) ), $this->title->getUserPermissionsErrors( 'edit', $this->user ) ); } @@ -627,9 +627,9 @@ class TitlePermissionTest extends MediaWikiLangTestCase { $this->assertEquals( false, $this->title->userCan( 'bogus', $this->user ) ); - $this->assertEquals( array( array( "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n" ), - array( "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n" ), - array( "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n" ) ), + $this->assertEquals( array( array( "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ), + array( "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ), + array( "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ) ), $this->title->getUserPermissionsErrors( 'bogus', $this->user ) ); $this->assertEquals( true,