$vars['wgUserVariant'] = $contLang->getPreferredVariant();
}
// Same test as SkinTemplate
- $vars['wgIsProbablyEditable'] = $title->quickUserCan( 'edit', $user )
- && ( $title->exists() || $title->quickUserCan( 'create', $user ) );
+ $vars['wgIsProbablyEditable'] = $this->userCanEditOrCreate( $user, $title );
- $vars['wgRelevantPageIsProbablyEditable'] = $relevantTitle
- && $relevantTitle->quickUserCan( 'edit', $user )
- && ( $relevantTitle->exists() || $relevantTitle->quickUserCan( 'create', $user ) );
+ $vars['wgRelevantPageIsProbablyEditable'] = $relevantTitle &&
+ $this->userCanEditOrCreate( $user, $relevantTitle );
foreach ( $title->getRestrictionTypes() as $type ) {
// Following keys are set in $vars:
return true;
}
+ /**
+ * @param User $user
+ * @param LinkTarget $title
+ * @return bool
+ */
+ private function userCanEditOrCreate(
+ User $user,
+ LinkTarget $title
+ ) {
+ $pm = MediaWikiServices::getInstance()->getPermissionManager();
+ return $pm->quickUserCan( 'edit', $user, $title )
+ && ( $this->getTitle()->exists() ||
+ $pm->quickUserCan( 'create', $user, $title ) );
+ }
+
/**
* @return array Array in format "link name or number => 'link html'".
*/
# Universal edit button
if ( $config->get( 'UniversalEditButton' ) && $this->isArticleRelated() ) {
- $user = $this->getUser();
- if ( $this->getTitle()->quickUserCan( 'edit', $user )
- && ( $this->getTitle()->exists() ||
- $this->getTitle()->quickUserCan( 'create', $user ) )
- ) {
+ if ( $this->userCanEditOrCreate( $this->getUser(), $this->getTitle() ) ) {
// Original UniversalEditButton
$msg = $this->msg( 'edit' )->text();
$tags['universal-edit-button'] = Html::element( 'link', [
return !count( $this->getPermissionErrorsInternal( $action, $user, $page, $rigor, true ) );
}
+ /**
+ * A convenience method for calling PermissionManager::userCan
+ * with PermissionManager::RIGOR_QUICK
+ *
+ * Suitable for use for nonessential UI controls in common cases, but
+ * _not_ for functional access control.
+ * May provide false positives, but should never provide a false negative.
+ *
+ * @see PermissionManager::userCan()
+ *
+ * @param string $action
+ * @param User $user
+ * @param LinkTarget $page
+ * @return bool
+ */
+ public function quickUserCan( $action, User $user, LinkTarget $page ) {
+ return $this->userCan( $action, $user, $page, self::RIGOR_QUICK );
+ }
+
/**
* Can $user perform $action on a page?
*
use MediaWiki\Linker\LinkRenderer;
use MediaWiki\Linker\LinkTarget;
+use MediaWiki\MediaWikiServices;
/**
* Handles formatting for the "templates used on this page"
* Return a link to the edit page, with the text
* saying "view source" if the user can't edit the page
*
- * @param Title $titleObj
+ * @param LinkTarget $titleObj
* @return string
*/
- private function buildEditLink( Title $titleObj ) {
- if ( $titleObj->quickUserCan( 'edit', $this->context->getUser() ) ) {
+ private function buildEditLink( LinkTarget $titleObj ) {
+ if ( MediaWikiServices::getInstance()->getPermissionManager()
+ ->quickUserCan( 'edit', $this->context->getUser(), $titleObj )
+ ) {
$linkMsg = 'editlink';
} else {
$linkMsg = 'viewsourcelink';
$tools = [];
# Rollback and undo links
- if ( $prevRev && $this->getTitle()->quickUserCan( 'edit', $user ) ) {
- if ( $latest && $this->getTitle()->quickUserCan( 'rollback', $user ) ) {
+
+ if ( $prevRev && $permissionManager->quickUserCan( 'edit', $user, $this->getTitle() ) ) {
+ if ( $latest && $permissionManager->quickUserCan( 'rollback',
+ $user, $this->getTitle() )
+ ) {
// Get a rollback link without the brackets
$rollbackLink = Linker::generateRollback(
$rev,
/** Check for rollback permissions, disallow special pages, and only
* show a link on the top-most revision
*/
- if ( $title->quickUserCan( 'rollback', $this->getUser() ) ) {
+ if ( MediaWikiServices::getInstance()->getPermissionManager()
+ ->quickUserCan( 'rollback', $this->getUser(), $title )
+ ) {
$rev = new Revision( [
'title' => $title,
'id' => $rc->mAttribs['rc_this_oldid'],
*/
use MediaWiki\MediaWikiServices;
-use MediaWiki\Permissions\PermissionManager;
use MediaWiki\Revision\RevisionRecord;
use MediaWiki\Revision\SlotRecord;
use MediaWiki\Storage\NameTableAccessException;
$permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
- if ( $samePage && $this->mNewPage && $permissionManager->userCan(
- 'edit', $user, $this->mNewPage, PermissionManager::RIGOR_QUICK
+ if ( $samePage && $this->mNewPage && $permissionManager->quickUserCan(
+ 'edit', $user, $this->mNewPage
) ) {
if ( $this->mNewRev->isCurrent() && $permissionManager->userCan(
'rollback', $user, $this->mNewPage
protected function getMarkPatrolledLinkInfo() {
$user = $this->getUser();
$config = $this->getConfig();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
// Prepare a change patrol link, if applicable
if (
// Is patrolling enabled and the user allowed to?
$config->get( 'UseRCPatrol' ) &&
- $this->mNewPage && $this->mNewPage->quickUserCan( 'patrol', $user ) &&
+ $this->mNewPage &&
+ $permissionManager->quickUserCan( 'patrol', $user, $this->mNewPage ) &&
// Only do this if the revision isn't more than 6 hours older
// than the Max RC age (6h because the RC might not be cleaned out regularly)
RecentChange::isInRCLifespan( $this->mNewRev->getTimestamp(), 21600 )
// Build the link
if ( $rcid ) {
$this->getOutput()->preventClickjacking();
- if ( MediaWikiServices::getInstance()->getPermissionManager()
- ->userHasRight( $user, 'writeapi' ) ) {
+ if ( $permissionManager->userHasRight( $user, 'writeapi' ) ) {
$this->getOutput()->addModules( 'mediawiki.page.patrol.ajax' );
}
) {
$out->addParserOutput( $parserOutput, [
'enableSectionEditLinks' => $this->mNewRev->isCurrent()
- && $this->mNewRev->getTitle()->quickUserCan( 'edit', $this->getUser() ),
+ && MediaWikiServices::getInstance()->getPermissionManager()->quickUserCan(
+ 'edit',
+ $this->getUser(),
+ $this->mNewRev->getTitle()
+ )
] );
}
}
$editQuery['oldid'] = $rev->getId();
}
- $key = $title->quickUserCan( 'edit', $user ) ? 'editold' : 'viewsourceold';
+ $key = MediaWikiServices::getInstance()->getPermissionManager()
+ ->quickUserCan( 'edit', $user, $title ) ? 'editold' : 'viewsourceold';
$msg = $this->msg( $key )->escaped();
$editLink = $this->msg( 'parentheses' )->rawParams(
Linker::linkKnown( $title, $msg, [], $editQuery ) )->escaped();
if ( $outputPage->isPrintable() ) {
$parserOptions->setIsPrintable( true );
$poOptions['enableSectionEditLinks'] = false;
- } elseif ( $this->viewIsRenderAction
- || !$this->isCurrent() || !$this->getTitle()->quickUserCan( 'edit', $user )
+ } elseif ( $this->viewIsRenderAction || !$this->isCurrent() ||
+ !MediaWikiServices::getInstance()->getPermissionManager()
+ ->quickUserCan( 'edit', $user, $this->getTitle() )
) {
$poOptions['enableSectionEditLinks'] = false;
}
$title = $this->getTitle();
$rc = false;
- if ( !$title->quickUserCan( 'patrol', $user )
+ if ( !MediaWikiServices::getInstance()->getPermissionManager()
+ ->quickUserCan( 'patrol', $user, $title )
|| !( $wgUseRCPatrol || $wgUseNPPatrol
|| ( $wgUseFilePatrol && $title->inNamespace( NS_FILE ) ) )
) {
# Show error message
$oldid = $this->getOldID();
+ $pm = MediaWikiServices::getInstance()->getPermissionManager();
if ( !$oldid && $title->getNamespace() === NS_MEDIAWIKI && $title->hasSourceText() ) {
// use fake Content object for system message
$parserOptions = ParserOptions::newCanonical( 'canonical' );
} else {
if ( $oldid ) {
$text = wfMessage( 'missing-revision', $oldid )->plain();
- } elseif ( $title->quickUserCan( 'create', $this->getContext()->getUser() )
- && $title->quickUserCan( 'edit', $this->getContext()->getUser() )
+ } elseif ( $pm->quickUserCan( 'create', $this->getContext()->getUser(), $title ) &&
+ $pm->quickUserCan( 'edit', $this->getContext()->getUser(), $title )
) {
$message = $this->getContext()->getUser()->isLoggedIn() ? 'noarticletext' : 'noarticletextanon';
$text = wfMessage( $message )->plain();
public function imageHistoryLine( $iscur, $file ) {
$user = $this->getUser();
$lang = $this->getLanguage();
+ $pm = MediaWikiServices::getInstance()->getPermissionManager();
$timestamp = wfTimestamp( TS_MW, $file->getTimestamp() );
$img = $iscur ? $file->getName() : $file->getArchiveName();
$userId = $file->getUser( 'id' );
$row = $selected = '';
// Deletion link
- if ( $local && ( MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAnyRight( $user, 'delete', 'deletedhistory' ) )
+ if ( $local && ( $pm->userHasAnyRight( $user, 'delete', 'deletedhistory' ) )
) {
$row .= '<td>';
# Link to remove from history
$row .= '<td>';
if ( $iscur ) {
$row .= $this->msg( 'filehist-current' )->escaped();
- } elseif ( $local && $this->title->quickUserCan( 'edit', $user )
- && $this->title->quickUserCan( 'upload', $user )
+ } elseif ( $local && $pm->quickUserCan( 'edit', $user, $this->title )
+ && $pm->quickUserCan( 'upload', $user, $this->title )
) {
if ( $file->isDeleted( File::DELETED_FILE ) ) {
$row .= $this->msg( 'filehist-revert' )->escaped();
return;
}
- $canUpload = $this->getTitle()->quickUserCan( 'upload', $this->getContext()->getUser() );
+ $canUpload = MediaWikiServices::getInstance()->getPermissionManager()
+ ->quickUserCan( 'upload', $this->getContext()->getUser(), $this->getTitle() );
if ( $canUpload && UploadBase::userCanReUpload(
$this->getContext()->getUser(),
$this->mPage->getFile() )
$type = 'ns-subject';
}
// T208315: add HTML class when the user can edit the page
- if ( $title->quickUserCan( 'edit', $user ) ) {
+ if ( MediaWikiServices::getInstance()->getPermissionManager()
+ ->quickUserCan( 'edit', $user, $title )
+ ) {
$type .= ' mw-editable';
}
}
$action = $this->getRequest()->getVal( 'action', 'view' );
$title = $this->getTitle();
$linkRenderer = MediaWikiServices::getInstance()->getLinkRenderer();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
if ( ( !$title->exists() || $action == 'history' ) &&
- $title->quickUserCan( 'deletedhistory', $this->getUser() )
+ $permissionManager->quickUserCan( 'deletedhistory', $this->getUser(), $title )
) {
$n = $title->isDeleted();
if ( $n ) {
- if ( $this->getTitle()->quickUserCan( 'undelete', $this->getUser() ) ) {
+ if ( $permissionManager->quickUserCan( 'undelete',
+ $this->getUser(), $this->getTitle() )
+ ) {
$msg = 'thisisdeleted';
} else {
$msg = 'viewdeleted';
$out = $this->getOutput();
$request = $this->getRequest();
$user = $this->getUser();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
$content_navigation = [
'namespaces' => [],
// parameters
$action = $request->getVal( 'action', 'view' );
- $userCanRead = $title->quickUserCan( 'read', $user );
+ $userCanRead = $permissionManager->quickUserCan( 'read', $user, $title );
// Avoid PHP 7.1 warning of passing $this by reference
$skinTemplate = $this;
}
// Checks if user can edit the current page if it exists or create it otherwise
- if ( $title->quickUserCan( 'edit', $user )
- && ( $title->exists() || $title->quickUserCan( 'create', $user ) )
+ if ( $permissionManager->quickUserCan( 'edit', $user, $title ) &&
+ ( $title->exists() ||
+ $permissionManager->quickUserCan( 'create', $user, $title ) )
) {
// Builds CSS class for talk page links
$isTalkClass = $isTalk ? ' istalk' : '';
'href' => $title->getLocalURL( 'action=history' ),
];
- if ( $title->quickUserCan( 'delete', $user ) ) {
+ if ( $permissionManager->quickUserCan( 'delete', $user, $title ) ) {
$content_navigation['actions']['delete'] = [
'class' => ( $onPage && $action == 'delete' ) ? 'selected' : false,
'text' => wfMessageFallback( "$skname-action-delete", 'delete' )
];
}
- if ( $title->quickUserCan( 'move', $user ) ) {
+ if ( $permissionManager->quickUserCan( 'move', $user, $title ) ) {
$moveTitle = SpecialPage::getTitleFor( 'Movepage', $title->getPrefixedDBkey() );
$content_navigation['actions']['move'] = [
'class' => $this->getTitle()->isSpecial( 'Movepage' ) ? 'selected' : false,
}
} else {
// article doesn't exist or is deleted
- if ( $title->quickUserCan( 'deletedhistory', $user ) ) {
+ if ( $permissionManager->quickUserCan( 'deletedhistory', $user, $title ) ) {
$n = $title->isDeleted();
if ( $n ) {
$undelTitle = SpecialPage::getTitleFor( 'Undelete', $title->getPrefixedDBkey() );
// If the user can't undelete but can view deleted
// history show them a "View .. deleted" tab instead.
- $msgKey = $title->quickUserCan( 'undelete', $user ) ? 'undelete' : 'viewdeleted';
+ $msgKey = $permissionManager->quickUserCan( 'undelete',
+ $user, $title ) ? 'undelete' : 'viewdeleted';
$content_navigation['actions']['undelete'] = [
'class' => $this->getTitle()->isSpecial( 'Undelete' ) ? 'selected' : false,
'text' => wfMessageFallback( "$skname-action-$msgKey", "{$msgKey}_short" )
}
}
- if ( $title->quickUserCan( 'protect', $user ) && $title->getRestrictionTypes() &&
- MediaWikiServices::getInstance()->getPermissionManager()
- ->getNamespaceRestrictionLevels( $title->getNamespace(), $user ) !== [ '' ]
+ if ( $permissionManager->quickUserCan( 'protect', $user, $title ) &&
+ $title->getRestrictionTypes() &&
+ $permissionManager->getNamespaceRestrictionLevels( $title->getNamespace(),
+ $user ) !== [ '' ]
) {
$mode = $title->isProtected() ? 'unprotect' : 'protect';
$content_navigation['actions'][$mode] = [
}
// Checks if the user is logged in
- if ( $this->loggedin && MediaWikiServices::getInstance()
- ->getPermissionManager()
- ->userHasAllRights( $user, 'viewmywatchlist', 'editmywatchlist' )
+ if ( $this->loggedin && $permissionManager->userHasAllRights( $user,
+ 'viewmywatchlist', 'editmywatchlist' )
) {
/**
* The following actions use messages which, if made particular to
}
if ( count( $err ) == 1 && isset( $err[0][0] ) && $err[0][0] == 'articleexists'
- && $newTitle->quickUserCan( 'delete', $user )
+ && MediaWikiServices::getInstance()->getPermissionManager()
+ ->quickUserCan( 'delete', $user, $newTitle )
) {
$out->wrapWikiMsg(
"<div class='warningbox'>\n$1\n</div>\n",
$messageName = 'searchmenu-exists';
$linkClass = 'mw-search-exists';
} elseif ( ContentHandler::getForTitle( $title )->supportsDirectEditing()
- && $title->quickUserCan( 'create', $this->getUser() )
+ && MediaWikiServices::getInstance()->getPermissionManager()->quickUserCan( 'create',
+ $this->getUser(), $title )
) {
$messageName = 'searchmenu-new';
}
$attribs = [];
$linkRenderer = $this->getLinkRenderer();
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
$page = null;
// Create a title for the revision if possible
$topmarktext .= '<span class="mw-uctop">' . $this->messages['uctop'] . '</span>';
$classes[] = 'mw-contributions-current';
# Add rollback link
- if ( !$row->page_is_new && $page->quickUserCan( 'rollback', $user )
- && $page->quickUserCan( 'edit', $user )
+ if ( !$row->page_is_new &&
+ $permissionManager->quickUserCan( 'rollback', $user, $page ) &&
+ $permissionManager->quickUserCan( 'edit', $user, $page )
) {
$this->preventClickjacking();
$topmarktext .= ' ' . Linker::generateRollback( $rev, $this->getContext(),
->userCan( $action, $this->user, $this->title, true ) );
$this->assertEquals( $check[$action][3],
MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( $action, $this->user, $this->title,
- PermissionManager::RIGOR_QUICK ) );
+ ->quickUserCan( $action, $this->user, $this->title ) );
# count( User::getGroupsWithPermissions( $action ) ) < 1
}
}
$this->assertEquals( true,
MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( 'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ ->quickUserCan( 'edit', $this->user, $this->title ) );
$this->title->mRestrictions = [ "edit" => [ 'bogus', "sysop", "protect", "" ],
"bogus" => [ 'bogus', "sysop", "protect", "" ] ];
$this->assertEquals( false,
MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( 'bogus', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ ->quickUserCan( 'bogus', $this->user, $this->title ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ MediaWikiServices::getInstance()->getPermissionManager()->quickUserCan(
+ 'edit', $this->user, $this->title ) );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'protectedpagetext', 'bogus', 'bogus' ],
$this->overrideUserPermissions( $this->user, [ "edit", "editprotected" ] );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'bogus', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ MediaWikiServices::getInstance()->getPermissionManager()->quickUserCan(
+ 'bogus', $this->user, $this->title ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ MediaWikiServices::getInstance()->getPermissionManager()->quickUserCan(
+ 'edit', $this->user, $this->title ) );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'protectedpagetext', 'bogus', 'bogus' ],
->userCan( 'move-target', $this->user, $this->title ) );
// quickUserCan should ignore user blocks
$this->assertEquals( true, MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( 'move-target', $this->user, $this->title,
- PermissionManager::RIGOR_QUICK ) );
+ ->quickUserCan( 'move-target', $this->user, $this->title ) );
global $wgLocalTZoffset;
$wgLocalTZoffset = -60;