jenkins-bot has submitted this change and it was merged.
Change subject: Protect storage json pages for collections
......................................................................
Protect storage json pages for collections
Change-Id: I095d3a2dad71560584dc2382778fa14eb8a490bf
---
M Gather.php
M includes/Gather.hooks.php
A tests/phpunit/GatherHooksTest.php
3 files changed, 57 insertions(+), 1 deletion(-)
Approvals:
Jhernandez: Looks good to me, approved
jenkins-bot: Verified
diff --git a/Gather.php b/Gather.php
index 866e442..87bd2eb 100644
--- a/Gather.php
+++ b/Gather.php
@@ -71,6 +71,7 @@
$wgExtensionFunctions[] = 'Gather\Hooks::onExtensionSetup';
$wgHooks['MobilePersonalTools'][] = 'Gather\Hooks::onMobilePersonalTools';
$wgHooks['UnitTestsList'][] = 'Gather\Hooks::onUnitTestsList';
+$wgHooks['getUserPermissionsErrors'][] =
'Gather\Hooks::onGetUserPermissionsErrors';
// ResourceLoader modules
require_once __DIR__ . "/includes/Resources.php";
diff --git a/includes/Gather.hooks.php b/includes/Gather.hooks.php
index 48e7c7e..143b023 100644
--- a/includes/Gather.hooks.php
+++ b/includes/Gather.hooks.php
@@ -46,7 +46,7 @@
),
),
) +
- array_slice( $items, 1, count( $items ) - 1,
true ) ;
+ array_slice( $items, 1, count( $items ) - 1,
true );
$items = $itemArray;
}
}
@@ -63,4 +63,26 @@
return true;
}
+
+ /**
+ * Disallow moving or editing gather page json files
+ */
+ public static function onGetUserPermissionsErrors( $title, $user,
$action, &$result ) {
+ $manifest = "/GatherCollections.json";
+ $isProtectedAction = $action === 'edit' || $action === 'move';
+ $titleText = $title->getText();
+ if ( $title->getNamespace() === NS_USER && $isProtectedAction &&
+ preg_match( "/\/GatherCollections\.json$/",
$titleText ) === 1
+ ) {
+ // we have a collection definition so check the user
matches the title.
+ if ( preg_match( "/^" . $user->getName() .
"\/GatherCollections.json$/", $titleText ) === 1 ) {
+ return true;
+ } else {
+ $result = false;
+ return false;
+ }
+ } else {
+ return true;
+ }
+ }
}
diff --git a/tests/phpunit/GatherHooksTest.php
b/tests/phpunit/GatherHooksTest.php
new file mode 100644
index 0000000..1196a09
--- /dev/null
+++ b/tests/phpunit/GatherHooksTest.php
@@ -0,0 +1,33 @@
+<?php
+
+/**
+ * @group Gather
+ */
+class GatherHooksTest extends MediaWikiTestCase {
+ public function provideGetUserPermissionsErrors() {
+ return array(
+ // Edit
+ array( true, 'User:Jdlrobson/GatherCollections.json',
'Jdlrobson', 'edit' ),
+ array( false, 'User:Jdlrobson/GatherCollections.json',
'phudex', 'edit' ),
+ // View
+ array( true, 'User:Jdlrobson/GatherCollections.json',
'Jdlrobson', 'view' ),
+ array( true, 'User:Jdlrobson/GatherCollections.json',
'phudex', 'view' ),
+ // Move
+ array( true, 'User:Jdlrobson/GatherCollections.json',
'Jdlrobson', 'move' ),
+ array( false, 'User:Jdlrobson/GatherCollections.json',
'phuedx', 'move' ),
+ // Normal page editing is not disrupted
+ array( true, 'User:JDLR', 'Jdlrobson', 'edit' ),
+ array( true, 'User:JDLR/Foo', 'Jdlrobson', 'edit' ),
+ );
+ }
+
+ /**
+ * @dataProvider provideGetUserPermissionsErrors
+ *
+ */
+ public function testOnGetUserPermissionsErrors( $expected, $title,
$user, $action ) {
+ $canEdit = Gather\Hooks::onGetUserPermissionsErrors(
Title::newFromText( $title ),
+ User::newFromName( $user ), $action, '' );
+ $this->assertEquals( $expected, $canEdit );
+ }
+}
--
To view, visit https://gerrit.wikimedia.org/r/191600
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I095d3a2dad71560584dc2382778fa14eb8a490bf
Gerrit-PatchSet: 6
Gerrit-Project: mediawiki/extensions/Gather
Gerrit-Branch: master
Gerrit-Owner: Jhernandez <[email protected]>
Gerrit-Reviewer: Florianschmidtwelzow <[email protected]>
Gerrit-Reviewer: Jhernandez <[email protected]>
Gerrit-Reviewer: Robmoen <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
