[MediaWiki-commits] [Gerrit] SECURITY: RevDel: Check all revisions for suppression, not j... - change (mediawiki/core)

Chad (Code Review) Fri, 16 Oct 2015 11:25:15 -0700

Chad has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/246886


Change subject: SECURITY: RevDel: Check all revisions for suppression, not just 
the first
......................................................................

SECURITY: RevDel: Check all revisions for suppression, not just the first

If any of the revisions in the list are deleted, do not allow changing
the permissions without suppressrevision.

Bug: T95589
Change-Id: Ia8a3ef13b73925d14a79775a50d46b939c01664f
---
M includes/revisiondelete/RevDelList.php
M includes/specials/SpecialRevisiondelete.php
2 files changed, 20 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/86/246886/1

diff --git a/includes/revisiondelete/RevDelList.php 
b/includes/revisiondelete/RevDelList.php
index 7aac3b8..7ffb427 100644
--- a/includes/revisiondelete/RevDelList.php
+++ b/includes/revisiondelete/RevDelList.php
@@ -74,6 +74,25 @@
        }
 
        /**
+        * Indicate whether any item in this list is suppressed
+        * @since 1.25
+        * @return bool
+        */
+       public function areAnySuppressed() {
+               $bit = $this->getSuppressBit();
+
+               // @codingStandardsIgnoreStart 
Generic.CodeAnalysis.ForLoopWithTestFunctionCall.NotAllowed
+               for ( $this->reset(); $this->current(); $this->next() ) {
+                       // @codingStandardsIgnoreEnd
+                       $item = $this->current();
+                       if ( $item->getBits() & $bit ) {
+                               return true;
+                       }
+               }
+               return false;
+       }
+
+       /**
         * Set the visibility for the revisions in this list. Logging and
         * transactions are done here.
         *
diff --git a/includes/specials/SpecialRevisiondelete.php 
b/includes/specials/SpecialRevisiondelete.php
index c98aa46..65cb8e5 100644
--- a/includes/specials/SpecialRevisiondelete.php
+++ b/includes/specials/SpecialRevisiondelete.php
@@ -170,11 +170,10 @@
                $this->typeLabels = self::$UILabels[$this->typeName];
                $list = $this->getList();
                $list->reset();
-               $bitfield = $list->current()->getBits();
                $this->mIsAllowed = $user->isAllowed( 
RevisionDeleter::getRestriction( $this->typeName ) );
                $canViewSuppressedOnly = $this->getUser()->isAllowed( 
'viewsuppressed' ) &&
                        !$this->getUser()->isAllowed( 'suppressrevision' );
-               $pageIsSuppressed = $bitfield & Revision::DELETED_RESTRICTED;
+               $pageIsSuppressed = $list->areAnySuppressed();
                $this->mIsAllowed = $this->mIsAllowed && !( 
$canViewSuppressedOnly && $pageIsSuppressed );
 
                $this->otherReason = $request->getVal( 'wpReason' );

-- 
To view, visit https://gerrit.wikimedia.org/r/246886
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia8a3ef13b73925d14a79775a50d46b939c01664f
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Chad <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] SECURITY: RevDel: Check all revisions for suppression, not j... - change (mediawiki/core)

Reply via email to