From 331406bf46fa8bb1acf0f4510b704928999ee89d Mon Sep 17 00:00:00 2001
From: Neil Kandalgaonkar <neilk@users.mediawiki.org>
Date: Fri, 25 Mar 2011 20:42:05 +0000
Subject: [PATCH] don't check title permissions if upload is destined for stash
 anyway

---
 includes/api/ApiUpload.php | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/includes/api/ApiUpload.php b/includes/api/ApiUpload.php
index 7af6818057..c9ad2838cb 100644
--- a/includes/api/ApiUpload.php
+++ b/includes/api/ApiUpload.php
@@ -82,11 +82,15 @@ class ApiUpload extends ApiBase {
 		// Check if the uploaded file is sane
 		$this->verifyUpload();
 
-		// Check permission to upload this file
-		$permErrors = $this->mUpload->verifyTitlePermissions( $wgUser );
-		if ( $permErrors !== true ) {
-			// TODO: stash the upload and allow choosing a new name
-			$this->dieUsageMsg( array( 'badaccess-groups' ) );
+		// Check if the user has the rights to modify or overwrite the requested title
+		// (This check is irrelevant if stashing is already requested, since the errors
+		//  can always be fixed by changing the title)
+		if ( ! $this->mParams['stash'] ) {
+			$permErrors = $this->mUpload->verifyTitlePermissions( $wgUser );
+			if ( $permErrors !== true ) {
+				// TODO: stash the upload and allow choosing a new name
+				$this->dieUsageMsg( array( 'badaccess-groups' ) );
+			}
 		}
 
 		// Prepare the API result
-- 
2.20.1