X-Git-Url: https://git.cyclocoop.org/%27.WWW_URL.%27admin/?a=blobdiff_plain;f=includes%2Fwatcheditem%2FWatchedItemQueryService.php;h=d8e49852aaf4bedca2f9c329bfd49b1faead8521;hb=4e9eb2f8d75784c78715e7dc3a9c8084d5c54943;hp=f6ad623df3e77f1dfa189a8c2e68ed3fb371f734;hpb=683621c048d9098a4aa61eb3eb9ff7bad0fca2e0;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/watcheditem/WatchedItemQueryService.php b/includes/watcheditem/WatchedItemQueryService.php
index f6ad623df3..d8e49852aa 100644
--- a/includes/watcheditem/WatchedItemQueryService.php
+++ b/includes/watcheditem/WatchedItemQueryService.php
@@ -1,6 +1,8 @@
 <?php
 
 use MediaWiki\Linker\LinkTarget;
+use MediaWiki\Permissions\PermissionManager;
+use MediaWiki\Revision\RevisionRecord;
 use MediaWiki\User\UserIdentity;
 use Wikimedia\Assert\Assert;
 use Wikimedia\Rdbms\IDatabase;
@@ -69,16 +71,21 @@ class WatchedItemQueryService {
 	/** @var WatchedItemStoreInterface */
 	private $watchedItemStore;
 
+	/** @var PermissionManager */
+	private $permissionManager;
+
 	public function __construct(
 		ILoadBalancer $loadBalancer,
 		CommentStore $commentStore,
 		ActorMigration $actorMigration,
-		WatchedItemStoreInterface $watchedItemStore
+		WatchedItemStoreInterface $watchedItemStore,
+		PermissionManager $permissionManager
 	) {
 		$this->loadBalancer = $loadBalancer;
 		$this->commentStore = $commentStore;
 		$this->actorMigration = $actorMigration;
 		$this->watchedItemStore = $watchedItemStore;
+		$this->permissionManager = $permissionManager;
 	}
 
 	/**
@@ -548,7 +555,7 @@ class WatchedItemQueryService {
 		return $conds;
 	}
 
-	private function getUserRelatedConds( IDatabase $db, User $user, array $options ) {
+	private function getUserRelatedConds( IDatabase $db, UserIdentity $user, array $options ) {
 		if ( !array_key_exists( 'onlyByUser', $options ) && !array_key_exists( 'notByUser', $options ) ) {
 			return [];
 		}
@@ -565,10 +572,12 @@ class WatchedItemQueryService {
 
 		// Avoid brute force searches (T19342)
 		$bitmask = 0;
-		if ( !$user->isAllowed( 'deletedhistory' ) ) {
-			$bitmask = Revision::DELETED_USER;
-		} elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
-			$bitmask = Revision::DELETED_USER | Revision::DELETED_RESTRICTED;
+		if ( !$this->permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
+			$bitmask = RevisionRecord::DELETED_USER;
+		} elseif ( !$this->permissionManager
+			->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
+		) {
+			$bitmask = RevisionRecord::DELETED_USER | RevisionRecord::DELETED_RESTRICTED;
 		}
 		if ( $bitmask ) {
 			$conds[] = $db->bitAnd( 'rc_deleted', $bitmask ) . " != $bitmask";
@@ -577,13 +586,15 @@ class WatchedItemQueryService {
 		return $conds;
 	}
 
-	private function getExtraDeletedPageLogEntryRelatedCond( IDatabase $db, User $user ) {
+	private function getExtraDeletedPageLogEntryRelatedCond( IDatabase $db, UserIdentity $user ) {
 		// LogPage::DELETED_ACTION hides the affected page, too. So hide those
 		// entirely from the watchlist, or someone could guess the title.
 		$bitmask = 0;
-		if ( !$user->isAllowed( 'deletedhistory' ) ) {
+		if ( !$this->permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
 			$bitmask = LogPage::DELETED_ACTION;
-		} elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
+		} elseif ( !$this->permissionManager
+			->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
+		) {
 			$bitmask = LogPage::DELETED_ACTION | LogPage::DELETED_RESTRICTED;
 		}
 		if ( $bitmask ) {