since length can vary by localization.
* (bug 28242) Make redirects generated by urls containing a local interwiki
prefix be a 301 instead of a 302.
+* (bug 15641) blocked administrators are now prevented from deleting or protecting
+ their own talk page; and all blocked users are more comprehensively prevented
+ from performing other actions
=== API changes in 1.18 ===
* (bug 26339) Throw warning when truncating an overlarge API result
$errors[] = array( 'confirmedittext' );
}
- // Edit blocks should not affect reading. Account creation blocks handled at userlogin.
- if ( $action != 'read' && $action != 'createaccount' && $user->isBlockedFrom( $this ) ) {
+ if ( in_array( $action, array( 'read', 'createaccount', 'unblock' ) ) ){
+ // Edit blocks should not affect reading.
+ // Account creation blocks handled at userlogin.
+ // Unblocking handled in SpecialUnblock
+ } elseif( ( $action == 'edit' || $action == 'create' ) && !$user->isBlockedFrom( $this ) ){
+ // Don't block the user from editing their own talk page unless they've been
+ // explicitly blocked from that too.
+ } elseif( $user->isBlocked() && $user->mBlock->prevents( $action ) !== false ) {
$block = $user->mBlock;
// This is from OutputPage::blockedPage
* Execute
*/
function execute( $par ) {
- global $wgRequest;
+ global $wgRequest, $wgUser, $wgOut;
$this->setHeaders();
$this->outputHeader();
return;
}
+ if( !$wgUser->isAllowedAny( 'import', 'importupload' ) ) {
+ return $wgOut->permissionRequired( 'import' );
+ }
+
+ # TODO: allow Title::getUserPermissionsErrors() to take an array
+ # FIXME: Title::checkSpecialsAndNSPermissions() has a very wierd expectation of what
+ # getUserPermissionsErrors() might actually be used for, hence the 'ns-specialprotected'
+ $errors = wfMergeErrorArrays(
+ $this->getTitle()->getUserPermissionsErrors( 'import', $wgUser, true, array( 'ns-specialprotected' ) ),
+ $this->getTitle()->getUserPermissionsErrors( 'importupload', $wgUser, true, array( 'ns-specialprotected' ) )
+ );
+ if( $errors ){
+ $wgOut->showPermissionsErrorPage( $errors );
+ return;
+ }
+
if ( $wgRequest->wasPosted() && $wgRequest->getVal( 'action' ) == 'submit' ) {
$this->doImport();
}
private function showForm() {
global $wgUser, $wgOut, $wgImportSources, $wgExportMaxLinkDepth;
- if( !$wgUser->isAllowedAny( 'import', 'importupload' ) ) {
- return $wgOut->permissionRequired( 'import' );
- }
$action = $this->getTitle()->getLocalUrl( array( 'action' => 'submit' ) );