global $wgUser;\r
// Before doing anything at all, let's check permissions\r
if(!$wgUser->isAllowed('deletedhistory'))\r
- $this->dieUsage('You don\'t have permission to view deleted revisions', 'permissiondenied');\r
+ $this->dieUsage('You don\'t have permission to view deleted revisions information', 'permissiondenied');\r
\r
$db = $this->getDB();\r
$params = $this->extractRequestParams();\r
$userMax = 50;\r
$botMax = 200;\r
$this->validateLimit('limit', $params['limit'], 1, $userMax, $botMax);\r
+\r
+ // And also stricter restrictions\r
+ if(!$wgUser->isAllowed('delete')) {\r
+ $this->dieUsage('You don\'t have permission to view deleted revisions content', 'permissiondeniedcontent');\r
+ }\r
}\r
if($fld_token)\r
// Undelete tokens are identical for all pages, so we cache one here\r