From: Brad Jorsch Date: Fri, 26 Jul 2013 14:58:02 +0000 (-0400) Subject: Followup Idfee1b4d per Tim X-Git-Tag: 1.31.0-rc.0~19108^2 X-Git-Url: https://git.cyclocoop.org/%7B%24admin_url%7Dcompta/operations/modifier.php?a=commitdiff_plain;h=cdd46ac98e36b1be722a89c65906d3729997e366;p=lhc%2Fweb%2Fwiklou.git Followup Idfee1b4d per Tim OAuth was going to return different values for UserIsEveryoneAllowed depending on whether OAuth headers were provided, so the bolding on Special:SpecialPages wouldn't be odd. That wasn't liked, so instead we'll only mark special pages as restricted based on $wgGroupPermissions and not what extensions might do. Also, it was suggested that if an extension can remove 'read' then the cache headers set by RawAction and the API should reflect that. Change-Id: I381553e79c5320083c6d6d9ddd5bc0b146600f9e --- diff --git a/includes/SpecialPage.php b/includes/SpecialPage.php index ad9618f735..d87f9107ac 100644 --- a/includes/SpecialPage.php +++ b/includes/SpecialPage.php @@ -553,8 +553,8 @@ class SpecialPage { * pages? */ public function isRestricted() { - // DWIM: If everyone can do something, then it is not restricted - return $this->mRestriction != '' && !User::isEveryoneAllowed( $this->mRestriction ); + // DWIM: If anons can do something, then it is not restricted + return $this->mRestriction != '' && !User::groupHasPermission( '*', $this->mRestriction ); } /** diff --git a/includes/actions/RawAction.php b/includes/actions/RawAction.php index dd14311974..32751e4512 100644 --- a/includes/actions/RawAction.php +++ b/includes/actions/RawAction.php @@ -93,7 +93,7 @@ class RawAction extends FormlessAction { $response->header( 'Content-type: ' . $contentType . '; charset=UTF-8' ); # Output may contain user-specific data; # vary generated content for open sessions on private wikis - $privateCache = !User::groupHasPermission( '*', 'read' ) && ( $smaxage == 0 || session_id() != '' ); + $privateCache = !User::isEveryoneAllowed( 'read' ) && ( $smaxage == 0 || session_id() != '' ); # allow the client to cache this for 24 hours $mode = $privateCache ? 'private' : 'public'; $response->header( 'Cache-Control: ' . $mode . ', s-maxage=' . $smaxage . ', max-age=' . $maxage ); diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php index 49a0b3c284..6dd6d596db 100644 --- a/includes/api/ApiMain.php +++ b/includes/api/ApiMain.php @@ -274,7 +274,7 @@ class ApiMain extends ApiBase { return; } - if ( !User::groupHasPermission( '*', 'read' ) ) { + if ( !User::isEveryoneAllowed( 'read' ) ) { // Private wiki, only private headers if ( $mode !== 'private' ) { wfDebug( __METHOD__ . ": ignoring request for $mode cache mode, private wiki\n" );