jenkins-bot has submitted this change and it was merged.
Change subject: Check for & report permissions error in single-view pages
......................................................................
Check for & report permissions error in single-view pages
There was also an issue with Header.php not reporting errors for
non-POST actions - we likely never ran into them because header
is not too often affected by permissions: anyone can edit it, it
has no parents (topic) whose state it has to inherit, ... It just
has to inherit the board deleted state, which was only recently
introduced.
Bug: T104843
Change-Id: I9d6d4e4b7cc9af74e52f3aae80985fa92659da42
---
M handlebars/compiled/flow_block_header_single_view.handlebars.php
M handlebars/compiled/flow_block_topic_single_view.handlebars.php
M handlebars/compiled/flow_block_topicsummary_single_view.handlebars.php
M handlebars/flow_block_header_single_view.handlebars
M handlebars/flow_block_topic_single_view.handlebars
M handlebars/flow_block_topicsummary_single_view.handlebars
M includes/Block/Header.php
M includes/Block/Topic.php
8 files changed, 140 insertions(+), 101 deletions(-)
Approvals:
Sbisson: Looks good to me, approved
jenkins-bot: Verified
diff --git a/handlebars/compiled/flow_block_header_single_view.handlebars.php
b/handlebars/compiled/flow_block_header_single_view.handlebars.php
index f092153..2501719 100644
--- a/handlebars/compiled/flow_block_header_single_view.handlebars.php
+++ b/handlebars/compiled/flow_block_header_single_view.handlebars.php
@@ -12,13 +12,21 @@
),
'constants' => array(),
'helpers' => array( 'l10n' => 'Flow\TemplateHelper::l10n',
+ 'html' => 'Flow\TemplateHelper::htmlHelper',
'l10nParse' => 'Flow\TemplateHelper::l10nParse',
'escapeContent' => 'Flow\TemplateHelper::escapeContent',
'enablePatrollingLink' =>
'Flow\TemplateHelper::enablePatrollingLink',
),
'blockhelpers' => array(),
'hbhelpers' => array(),
- 'partials' => array('flow_patrol_action' => function ($cx, $in, $sp)
{return ''.$sp.''.((LCRun3::ifvar($cx,
((isset($in['revision']['rev_view_links']['markPatrolled']) &&
is_array($in['revision']['rev_view_links'])) ?
$in['revision']['rev_view_links']['markPatrolled'] : null))) ? '<div
class="patrollink">
+ 'partials' => array('flow_errors' => function ($cx, $in, $sp) {return
''.$sp.'<div class="flow-error-container">
+'.$sp.''.((LCRun3::ifvar($cx, ((isset($cx['sp_vars']['root']['errors']) &&
is_array($cx['sp_vars']['root'])) ? $cx['sp_vars']['root']['errors'] : null)))
? ' <div class="flow-errors errorbox">
+'.$sp.' <ul>
+'.$sp.''.LCRun3::sec($cx, ((isset($cx['sp_vars']['root']['errors']) &&
is_array($cx['sp_vars']['root'])) ? $cx['sp_vars']['root']['errors'] : null),
$in, true, function($cx, $in)use($sp){return '
<li>'.LCRun3::ch($cx, 'html', array(array(((isset($in['message']) &&
is_array($in)) ? $in['message'] : null)),array()), 'encq').'</li>
+'.$sp.'';}).' </ul>
+'.$sp.' </div>
+'.$sp.'' : '').'</div>
+';},'flow_patrol_action' => function ($cx, $in, $sp) {return
''.$sp.''.((LCRun3::ifvar($cx,
((isset($in['revision']['rev_view_links']['markPatrolled']) &&
is_array($in['revision']['rev_view_links'])) ?
$in['revision']['rev_view_links']['markPatrolled'] : null))) ? '<div
class="patrollink">
'.$sp.' [<a class="mw-ui-quiet"
'.$sp.'
href="'.htmlentities((string)((isset($in['revision']['rev_view_links']['markPatrolled']['url'])
&& is_array($in['revision']['rev_view_links']['markPatrolled'])) ?
$in['revision']['rev_view_links']['markPatrolled']['url'] : null), ENT_QUOTES,
'UTF-8').'"
'.$sp.' title="'.LCRun3::ch($cx, 'l10n',
array(array('flow-mark-revision-patrolled-link-title'),array()), 'encq').'"
@@ -32,16 +40,17 @@
);
return '<div class="flow-board">
- <div class="flow-revision-permalink-warning plainlinks">
-'.((LCRun3::ifvar($cx, ((isset($in['revision']['previousRevisionId']) &&
is_array($in['revision'])) ? $in['revision']['previousRevisionId'] : null))) ?
' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-header',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
-' : ' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-header-first',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
-').' </div>
+'.LCRun3::p($cx, 'flow_errors', array(array($in),array()), ' ').'
+'.((LCRun3::ifvar($cx, ((isset($in['revision']) && is_array($in)) ?
$in['revision'] : null))) ? ' <div
class="flow-revision-permalink-warning plainlinks">
+'.((LCRun3::ifvar($cx, ((isset($in['revision']['previousRevisionId']) &&
is_array($in['revision'])) ? $in['revision']['previousRevisionId'] : null))) ?
' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-header',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
+' : ' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-header-first',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
+').' </div>
- <div class="flow-revision-content">
- '.LCRun3::ch($cx, 'escapeContent',
array(array(((isset($in['revision']['content']['format']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['format'] :
null),((isset($in['revision']['content']['content']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['content'] :
null)),array()), 'encq').'
- </div>
+ <div class="flow-revision-content">
+ '.LCRun3::ch($cx, 'escapeContent',
array(array(((isset($in['revision']['content']['format']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['format'] :
null),((isset($in['revision']['content']['content']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['content'] :
null)),array()), 'encq').'
+ </div>
-'.LCRun3::p($cx, 'flow_patrol_action', array(array($in),array())).'</div>
+'.LCRun3::p($cx, 'flow_patrol_action', array(array($in),array()), '
').'' : '').'</div>
';
}
?>
\ No newline at end of file
diff --git a/handlebars/compiled/flow_block_topic_single_view.handlebars.php
b/handlebars/compiled/flow_block_topic_single_view.handlebars.php
index 2d81aa6..1709732 100644
--- a/handlebars/compiled/flow_block_topic_single_view.handlebars.php
+++ b/handlebars/compiled/flow_block_topic_single_view.handlebars.php
@@ -12,13 +12,21 @@
),
'constants' => array(),
'helpers' => array( 'l10n' => 'Flow\TemplateHelper::l10n',
+ 'html' => 'Flow\TemplateHelper::htmlHelper',
'l10nParse' => 'Flow\TemplateHelper::l10nParse',
'escapeContent' => 'Flow\TemplateHelper::escapeContent',
'enablePatrollingLink' =>
'Flow\TemplateHelper::enablePatrollingLink',
),
'blockhelpers' => array(),
'hbhelpers' => array(),
- 'partials' => array('flow_patrol_action' => function ($cx, $in, $sp)
{return ''.$sp.''.((LCRun3::ifvar($cx,
((isset($in['revision']['rev_view_links']['markPatrolled']) &&
is_array($in['revision']['rev_view_links'])) ?
$in['revision']['rev_view_links']['markPatrolled'] : null))) ? '<div
class="patrollink">
+ 'partials' => array('flow_errors' => function ($cx, $in, $sp) {return
''.$sp.'<div class="flow-error-container">
+'.$sp.''.((LCRun3::ifvar($cx, ((isset($cx['sp_vars']['root']['errors']) &&
is_array($cx['sp_vars']['root'])) ? $cx['sp_vars']['root']['errors'] : null)))
? ' <div class="flow-errors errorbox">
+'.$sp.' <ul>
+'.$sp.''.LCRun3::sec($cx, ((isset($cx['sp_vars']['root']['errors']) &&
is_array($cx['sp_vars']['root'])) ? $cx['sp_vars']['root']['errors'] : null),
$in, true, function($cx, $in)use($sp){return '
<li>'.LCRun3::ch($cx, 'html', array(array(((isset($in['message']) &&
is_array($in)) ? $in['message'] : null)),array()), 'encq').'</li>
+'.$sp.'';}).' </ul>
+'.$sp.' </div>
+'.$sp.'' : '').'</div>
+';},'flow_patrol_action' => function ($cx, $in, $sp) {return
''.$sp.''.((LCRun3::ifvar($cx,
((isset($in['revision']['rev_view_links']['markPatrolled']) &&
is_array($in['revision']['rev_view_links'])) ?
$in['revision']['rev_view_links']['markPatrolled'] : null))) ? '<div
class="patrollink">
'.$sp.' [<a class="mw-ui-quiet"
'.$sp.'
href="'.htmlentities((string)((isset($in['revision']['rev_view_links']['markPatrolled']['url'])
&& is_array($in['revision']['rev_view_links']['markPatrolled'])) ?
$in['revision']['rev_view_links']['markPatrolled']['url'] : null), ENT_QUOTES,
'UTF-8').'"
'.$sp.' title="'.LCRun3::ch($cx, 'l10n',
array(array('flow-mark-revision-patrolled-link-title'),array()), 'encq').'"
@@ -32,17 +40,16 @@
);
return '<div class="flow-board">
- <div class="flow-revision-permalink-warning plainlinks">
-'.((LCRun3::ifvar($cx, ((isset($in['revision']['previousRevisionId']) &&
is_array($in['revision'])) ? $in['revision']['previousRevisionId'] : null))) ?
' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-post',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['board']['title']) &&
is_array($in['revision']['rev_view_links']['board'])) ?
$in['revision']['rev_view_links']['board']['title'] :
null),((isset($in['revision']['root']['content']) &&
is_array($in['revision']['root'])) ? $in['revision']['root']['content'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
-' : ' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-post-first',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['board']['title']) &&
is_array($in['revision']['rev_view_links']['board'])) ?
$in['revision']['rev_view_links']['board']['title'] :
null),((isset($in['revision']['root']['content']) &&
is_array($in['revision']['root'])) ? $in['revision']['root']['content'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
-').' </div>
- <div class="flow-revision-content">
- '.LCRun3::ch($cx, 'escapeContent',
array(array(((isset($in['revision']['content']['format']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['format'] :
null),((isset($in['revision']['content']['content']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['content'] :
null)),array()), 'encq').'
- </div>
+'.LCRun3::p($cx, 'flow_errors', array(array($in),array()), ' ').'
+'.((LCRun3::ifvar($cx, ((isset($in['revision']) && is_array($in)) ?
$in['revision'] : null))) ? ' <div
class="flow-revision-permalink-warning plainlinks">
+'.((LCRun3::ifvar($cx, ((isset($in['revision']['previousRevisionId']) &&
is_array($in['revision'])) ? $in['revision']['previousRevisionId'] : null))) ?
' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-post',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['board']['title']) &&
is_array($in['revision']['rev_view_links']['board'])) ?
$in['revision']['rev_view_links']['board']['title'] :
null),((isset($in['revision']['root']['content']) &&
is_array($in['revision']['root'])) ? $in['revision']['root']['content'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
+' : ' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-post-first',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['board']['title']) &&
is_array($in['revision']['rev_view_links']['board'])) ?
$in['revision']['rev_view_links']['board']['title'] :
null),((isset($in['revision']['root']['content']) &&
is_array($in['revision']['root'])) ? $in['revision']['root']['content'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
+').' </div>
+ <div class="flow-revision-content">
+ '.LCRun3::ch($cx, 'escapeContent',
array(array(((isset($in['revision']['content']['format']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['format'] :
null),((isset($in['revision']['content']['content']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['content'] :
null)),array()), 'encq').'
+ </div>
-'.LCRun3::p($cx, 'flow_patrol_action', array(array($in),array()), '
').'</div>
-
-
+'.LCRun3::p($cx, 'flow_patrol_action', array(array($in),array()), '
').'' : '').'</div>
';
}
?>
\ No newline at end of file
diff --git
a/handlebars/compiled/flow_block_topicsummary_single_view.handlebars.php
b/handlebars/compiled/flow_block_topicsummary_single_view.handlebars.php
index 87ac212..a075804 100644
--- a/handlebars/compiled/flow_block_topicsummary_single_view.handlebars.php
+++ b/handlebars/compiled/flow_block_topicsummary_single_view.handlebars.php
@@ -32,14 +32,15 @@
);
return '<div class="flow-board">
-'.LCRun3::p($cx, 'flow_errors', array(array($in),array()), ' ').' <div
class="flow-revision-permalink-warning plainlinks">
-'.((LCRun3::ifvar($cx, ((isset($in['revision']['previousRevisionId']) &&
is_array($in['revision'])) ? $in['revision']['previousRevisionId'] : null))) ?
' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-postsummary',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['board']['title']) &&
is_array($in['revision']['rev_view_links']['board'])) ?
$in['revision']['rev_view_links']['board']['title'] :
null),((isset($in['revision']['root']['content']) &&
is_array($in['revision']['root'])) ? $in['revision']['root']['content'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
-' : ' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-postsummary-first',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['board']['title']) &&
is_array($in['revision']['rev_view_links']['board'])) ?
$in['revision']['rev_view_links']['board']['title'] :
null),((isset($in['revision']['root']['content']) &&
is_array($in['revision']['root'])) ? $in['revision']['root']['content'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
-').' </div>
- <div class="flow-revision-content">
- '.LCRun3::ch($cx, 'escapeContent',
array(array(((isset($in['revision']['content']['format']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['format'] :
null),((isset($in['revision']['content']['content']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['content'] :
null)),array()), 'encq').'
- </div>
-</div>
+'.LCRun3::p($cx, 'flow_errors', array(array($in),array()), ' ').'
+'.((LCRun3::ifvar($cx, ((isset($in['revision']) && is_array($in)) ?
$in['revision'] : null))) ? ' <div
class="flow-revision-permalink-warning plainlinks">
+'.((LCRun3::ifvar($cx, ((isset($in['revision']['previousRevisionId']) &&
is_array($in['revision'])) ? $in['revision']['previousRevisionId'] : null))) ?
' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-postsummary',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['board']['title']) &&
is_array($in['revision']['rev_view_links']['board'])) ?
$in['revision']['rev_view_links']['board']['title'] :
null),((isset($in['revision']['root']['content']) &&
is_array($in['revision']['root'])) ? $in['revision']['root']['content'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
+' : ' '.LCRun3::ch($cx, 'l10nParse',
array(array('flow-revision-permalink-warning-postsummary-first',((isset($in['revision']['human_timestamp'])
&& is_array($in['revision'])) ? $in['revision']['human_timestamp'] :
null),((isset($in['revision']['rev_view_links']['board']['title']) &&
is_array($in['revision']['rev_view_links']['board'])) ?
$in['revision']['rev_view_links']['board']['title'] :
null),((isset($in['revision']['root']['content']) &&
is_array($in['revision']['root'])) ? $in['revision']['root']['content'] :
null),((isset($in['revision']['rev_view_links']['hist']['url']) &&
is_array($in['revision']['rev_view_links']['hist'])) ?
$in['revision']['rev_view_links']['hist']['url'] :
null),((isset($in['revision']['rev_view_links']['diff']['url']) &&
is_array($in['revision']['rev_view_links']['diff'])) ?
$in['revision']['rev_view_links']['diff']['url'] : null)),array()), 'encq').'
+').' </div>
+ <div class="flow-revision-content">
+ '.LCRun3::ch($cx, 'escapeContent',
array(array(((isset($in['revision']['content']['format']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['format'] :
null),((isset($in['revision']['content']['content']) &&
is_array($in['revision']['content'])) ? $in['revision']['content']['content'] :
null)),array()), 'encq').'
+ </div>
+' : '').'</div>
';
}
?>
\ No newline at end of file
diff --git a/handlebars/flow_block_header_single_view.handlebars
b/handlebars/flow_block_header_single_view.handlebars
index a4c4a1b..eb66cab 100644
--- a/handlebars/flow_block_header_single_view.handlebars
+++ b/handlebars/flow_block_header_single_view.handlebars
@@ -1,21 +1,25 @@
<div class="flow-board">
- <div class="flow-revision-permalink-warning plainlinks">
- {{#if revision.previousRevisionId}}
- {{l10nParse "flow-revision-permalink-warning-header"
- revision.human_timestamp
- revision.rev_view_links.hist.url
- revision.rev_view_links.diff.url}}
- {{else}}
- {{l10nParse
"flow-revision-permalink-warning-header-first"
- revision.human_timestamp
- revision.rev_view_links.hist.url
- revision.rev_view_links.diff.url}}
- {{/if}}
- </div>
+ {{> flow_errors}}
- <div class="flow-revision-content">
- {{escapeContent revision.content.format
revision.content.content}}
- </div>
+ {{#if revision}}
+ <div class="flow-revision-permalink-warning plainlinks">
+ {{#if revision.previousRevisionId}}
+ {{l10nParse
"flow-revision-permalink-warning-header"
+ revision.human_timestamp
+ revision.rev_view_links.hist.url
+ revision.rev_view_links.diff.url}}
+ {{else}}
+ {{l10nParse
"flow-revision-permalink-warning-header-first"
+ revision.human_timestamp
+ revision.rev_view_links.hist.url
+ revision.rev_view_links.diff.url}}
+ {{/if}}
+ </div>
-{{> flow_patrol_action}}
+ <div class="flow-revision-content">
+ {{escapeContent revision.content.format
revision.content.content}}
+ </div>
+
+ {{> flow_patrol_action}}
+ {{/if}}
</div>
diff --git a/handlebars/flow_block_topic_single_view.handlebars
b/handlebars/flow_block_topic_single_view.handlebars
index a55b8c9..d4afdaf 100644
--- a/handlebars/flow_block_topic_single_view.handlebars
+++ b/handlebars/flow_block_topic_single_view.handlebars
@@ -1,26 +1,28 @@
<div class="flow-board">
- <div class="flow-revision-permalink-warning plainlinks">
- {{#if revision.previousRevisionId}}
- {{l10nParse "flow-revision-permalink-warning-post"
- revision.human_timestamp
- revision.rev_view_links.board.title
- revision.root.content
revision.rev_view_links.hist.url
- revision.rev_view_links.diff.url}}
- {{else}}
- {{l10nParse
- "flow-revision-permalink-warning-post-first"
- revision.human_timestamp
- revision.rev_view_links.board.title
- revision.root.content
- revision.rev_view_links.hist.url
- revision.rev_view_links.diff.url}}
- {{/if}}
- </div>
- <div class="flow-revision-content">
- {{escapeContent revision.content.format
revision.content.content}}
- </div>
+ {{> flow_errors}}
- {{> flow_patrol_action}}
+ {{#if revision}}
+ <div class="flow-revision-permalink-warning plainlinks">
+ {{#if revision.previousRevisionId}}
+ {{l10nParse
"flow-revision-permalink-warning-post"
+ revision.human_timestamp
+ revision.rev_view_links.board.title
+ revision.root.content
revision.rev_view_links.hist.url
+ revision.rev_view_links.diff.url}}
+ {{else}}
+ {{l10nParse
+
"flow-revision-permalink-warning-post-first"
+ revision.human_timestamp
+ revision.rev_view_links.board.title
+ revision.root.content
+ revision.rev_view_links.hist.url
+ revision.rev_view_links.diff.url}}
+ {{/if}}
+ </div>
+ <div class="flow-revision-content">
+ {{escapeContent revision.content.format
revision.content.content}}
+ </div>
+
+ {{> flow_patrol_action}}
+ {{/if}}
</div>
-
-
diff --git a/handlebars/flow_block_topicsummary_single_view.handlebars
b/handlebars/flow_block_topicsummary_single_view.handlebars
index c6b8f05..e8afa85 100644
--- a/handlebars/flow_block_topicsummary_single_view.handlebars
+++ b/handlebars/flow_block_topicsummary_single_view.handlebars
@@ -1,23 +1,26 @@
<div class="flow-board">
{{> flow_errors }}
- <div class="flow-revision-permalink-warning plainlinks">
- {{#if revision.previousRevisionId}}
- {{l10nParse
"flow-revision-permalink-warning-postsummary"
- revision.human_timestamp
- revision.rev_view_links.board.title
- revision.root.content
- revision.rev_view_links.hist.url
- revision.rev_view_links.diff.url}}
- {{else}}
- {{l10nParse
"flow-revision-permalink-warning-postsummary-first"
- revision.human_timestamp
- revision.rev_view_links.board.title
- revision.root.content
- revision.rev_view_links.hist.url
- revision.rev_view_links.diff.url}}
- {{/if}}
- </div>
- <div class="flow-revision-content">
- {{escapeContent revision.content.format
revision.content.content}}
- </div>
+
+ {{#if revision}}
+ <div class="flow-revision-permalink-warning plainlinks">
+ {{#if revision.previousRevisionId}}
+ {{l10nParse
"flow-revision-permalink-warning-postsummary"
+ revision.human_timestamp
+ revision.rev_view_links.board.title
+ revision.root.content
+ revision.rev_view_links.hist.url
+ revision.rev_view_links.diff.url}}
+ {{else}}
+ {{l10nParse
"flow-revision-permalink-warning-postsummary-first"
+ revision.human_timestamp
+ revision.rev_view_links.board.title
+ revision.root.content
+ revision.rev_view_links.hist.url
+ revision.rev_view_links.diff.url}}
+ {{/if}}
+ </div>
+ <div class="flow-revision-content">
+ {{escapeContent revision.content.format
revision.content.content}}
+ </div>
+ {{/if}}
</div>
diff --git a/includes/Block/Header.php b/includes/Block/Header.php
index 3087387..ab16a0a 100644
--- a/includes/Block/Header.php
+++ b/includes/Block/Header.php
@@ -218,21 +218,10 @@
case 'compare-header-revisions':
$output += $this->renderDiffviewApi( $options );
break;
-
}
- if ( $this->wasSubmitted() ) {
- $output += array(
- 'submitted' => $this->submitted,
- 'errors' => $this->errors,
- );
- } else {
- $output += array(
- 'submitted' => array(),
- 'errors' => array()
- );
- }
-
+ $output['submitted'] = $this->wasSubmitted() ? $this->submitted
: array();
+ $output['errors'] = $this->errors;
return $output;
}
@@ -264,6 +253,11 @@
/** @var RevisionViewFormatter $formatter */
$formatter = Container::get( 'formatter.revisionview' );
+ if ( !$this->permissions->isAllowed( $row->revision, 'view' ) )
{
+ $this->addError( 'permissions', $this->context->msg(
'flow-error-not-allowed' ) );
+ return array();
+ }
+
return array(
'revision' => $formatter->formatApi( $row,
$this->context )
);
@@ -276,6 +270,14 @@
protected function renderRevisionApi( $format ) {
$output = array();
if ( $this->header === null ) {
+ if (
+ !$this->permissions->isRevisionAllowed( null,
'view' ) ||
+ !$this->permissions->isBoardAllowed(
$this->workflow, 'view' )
+ ) {
+ $this->addError( 'permissions',
$this->context->msg( 'flow-error-not-allowed' ) );
+ return array();
+ }
+
/** @var UrlGenerator $urlGenerator */
$urlGenerator = Container::get( 'url_generator' );
$output['revision'] = array(
@@ -293,11 +295,17 @@
$row->revision = $this->header;
$row->currentRevision = $this->header;
+ if ( !$this->permissions->isAllowed( $row->revision,
'view' ) ) {
+ $this->addError( 'permissions',
$this->context->msg( 'flow-error-not-allowed' ) );
+ return array();
+ }
+
$serializer = Container::get( 'formatter.revision' );
$serializer->setContentFormat( $format );
$output['revision'] = $serializer->formatApi( $row,
$this->context );
}
+
return $output;
}
diff --git a/includes/Block/Topic.php b/includes/Block/Topic.php
index 1b02d8c..944dc02 100644
--- a/includes/Block/Topic.php
+++ b/includes/Block/Topic.php
@@ -576,6 +576,11 @@
protected function renderSingleViewApi( $revId ) {
$row = Container::get( 'query.post.view'
)->getSingleViewResult( $revId );
+ if ( !$this->permissions->isAllowed( $row->revision, 'view' ) )
{
+ $this->addError( 'permissions',
$this->getDisallowedErrorMessage( $row->revision ) );
+ return array();
+ }
+
return array(
'revision' => Container::get( 'formatter.revisionview'
)->formatApi( $row, $this->context )
);
--
To view, visit https://gerrit.wikimedia.org/r/224057
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I9d6d4e4b7cc9af74e52f3aae80985fa92659da42
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/Flow
Gerrit-Branch: master
Gerrit-Owner: Matthias Mullie <mmul...@wikimedia.org>
Gerrit-Reviewer: Sbisson <sbis...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
