Pass user to LogEventsList::getExcludeClause

This avoids $wgUser in that method

Also removed the double strencode for logtypes,
that is already done by Database::addQuotes/Database::makeList

Change-Id: I5f7f6da06594d92375f74ca48c04d180505642a9

diff --git a/includes/logging/LogEventsList.php b/includes/logging/LogEventsList.php
index c478b43..1110249 100644 (file)
--- a/includes/logging/LogEventsList.php
+++ b/includes/logging/LogEventsList.php
@@ -575,23 +575,30 @@ class LogEventsList extends ContextSource {
         *
         * @param $db DatabaseBase
         * @param $audience string, public/user
+        * @param $user User object to check, or null to use $wgUser
         * @return Mixed: string or false
         */
-       public static function getExcludeClause( $db, $audience = 'public' ) {
-               global $wgLogRestrictions, $wgUser;
+       public static function getExcludeClause( $db, $audience = 'public', User $user = null ) {
+               global $wgLogRestrictions;
+
+               if ( $audience != 'public' && $user === null ) {
+                       global $wgUser;
+                       $user = $wgUser;
+               }
+
                // Reset the array, clears extra "where" clauses when $par is used
                $hiddenLogs = array();
+
                // Don't show private logs to unprivileged users
                foreach( $wgLogRestrictions as $logType => $right ) {
-                       if( $audience == 'public' || !$wgUser->isAllowed($right) ) {
-                               $safeType = $db->strencode( $logType );
-                               $hiddenLogs[] = $safeType;
+                       if( $audience == 'public' || !$user->isAllowed( $right ) ) {
+                               $hiddenLogs[] = $logType;
                        }
                }
-               if( count($hiddenLogs) == 1 ) {
+               if( count( $hiddenLogs ) == 1 ) {
                        return 'log_type != ' . $db->addQuotes( $hiddenLogs[0] );
                } elseif( $hiddenLogs ) {
-                       return 'log_type NOT IN (' . $db->makeList($hiddenLogs) . ')';
+                       return 'log_type NOT IN (' . $db->makeList( $hiddenLogs ) . ')';
                }
                return false;
        }

diff --git a/includes/logging/LogPager.php b/includes/logging/LogPager.php
index ea1be8e..af62ce3 100644 (file)
--- a/includes/logging/LogPager.php
+++ b/includes/logging/LogPager.php
@@ -95,13 +95,15 @@ class LogPager extends ReverseChronologicalPager {
         */
        private function limitType( $types ) {
                global $wgLogRestrictions;
+
+               $user = $this->getUser();
                // If $types is not an array, make it an array
                $types = ($types === '') ? array() : (array)$types;
                // Don't even show header for private logs; don't recognize it...
                $needReindex = false;
                foreach ( $types as $type ) {
                        if( isset( $wgLogRestrictions[$type] )
-                               && !$this->getUser()->isAllowed($wgLogRestrictions[$type])
+                               && !$user->isAllowed( $wgLogRestrictions[$type] )
                        ) {
                                $needReindex = true;
                                $types = array_diff( $types, array( $type ) );
@@ -116,7 +118,7 @@ class LogPager extends ReverseChronologicalPager {
                // Don't show private logs to unprivileged users.
                // Also, only show them upon specific request to avoid suprises.
                $audience = $types ? 'user' : 'public';
-               $hideLogs = LogEventsList::getExcludeClause( $this->mDb, $audience );
+               $hideLogs = LogEventsList::getExcludeClause( $this->mDb, $audience, $user );
                if( $hideLogs !== false ) {
                        $this->mConds[] = $hideLogs;
                }