jenkins-bot has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/400619 )
Change subject: Clean up permission checks in special pages
......................................................................
Clean up permission checks in special pages
This patch helps cleans up checks to reduce code duplication, by
calling parent functions in most places, including:
* checkPermissions()
* requireLogin()
For more fine-grained permissions, a new permission called
'populate-user-profiles' has been created. This is given to
the 'staff' group by default.
This also changes around checks to the proper order, which is:
* check user permissions
* check if database is in read-only
* check if user is blocked
* set headers
This also sets header in a few special pages that didn't already set them,
which included:
* Special:ToggleUserPageType
* Special:PopulateExistingUsersProfiles
Change-Id: I88c2c91fbd6844a653ab96e49fb1224e9caa30d3
---
M SystemGifts/SpecialPopulateAwards.php
M SystemGifts/SpecialRemoveMasterSystemGift.php
M SystemGifts/SpecialSystemGiftManager.php
M SystemGifts/SpecialSystemGiftManagerLogo.php
M UserBoard/SpecialSendBoardBlast.php
M UserBoard/i18n/en.json
M UserBoard/i18n/qqq.json
M UserGifts/SpecialGiftManager.php
M UserGifts/SpecialGiftManagerLogo.php
M UserGifts/SpecialRemoveMasterGift.php
M UserProfile/SpecialEditProfile.php
M UserProfile/SpecialPopulateExistingUsersProfiles.php
M UserProfile/SpecialToggleUserPageType.php
M UserProfile/SpecialUpdateProfile.php
M UserProfile/UserProfile.php
M UserProfile/i18n/en.json
M UserProfile/i18n/qqq.json
M UserRelationship/SpecialViewRelationshipRequests.php
M UserRelationship/SpecialViewRelationships.php
M UserRelationship/i18n/en.json
M UserStats/GenerateTopUsersReport.php
M UserStats/SpecialUpdateEditCounts.php
22 files changed, 124 insertions(+), 150 deletions(-)
Approvals:
Jack Phoenix: Looks good to me, approved
jenkins-bot: Verified
diff --git a/SystemGifts/SpecialPopulateAwards.php
b/SystemGifts/SpecialPopulateAwards.php
index 27a3399..17dc727 100644
--- a/SystemGifts/SpecialPopulateAwards.php
+++ b/SystemGifts/SpecialPopulateAwards.php
@@ -27,10 +27,8 @@
$out = $this->getOutput();
$user = $this->getUser();
- // If the user doesn't have the required 'awardsmanage'
permission, display an error
- if ( !$user->isAllowed( 'awardsmanage' ) ) {
- throw new PermissionsError( 'awardsmanage' );
- }
+ // make sure user has the correct permissions
+ $this->checkPermissions();
// Show a message if the database is in read-only mode
$this->checkReadOnly();
diff --git a/SystemGifts/SpecialRemoveMasterSystemGift.php
b/SystemGifts/SpecialRemoveMasterSystemGift.php
index 559537b..a68b07b 100644
--- a/SystemGifts/SpecialRemoveMasterSystemGift.php
+++ b/SystemGifts/SpecialRemoveMasterSystemGift.php
@@ -11,7 +11,7 @@
* Constructor
*/
public function __construct() {
- parent::__construct( 'RemoveMasterSystemGift' );
+ parent::__construct( 'RemoveMasterSystemGift', 'awardsmanage' );
}
/**
@@ -41,10 +41,8 @@
$request = $this->getRequest();
$user = $this->getUser();
- // If the user doesn't have the required 'awardsmanage'
permission, display an error
- if ( !$user->isAllowed( 'awardsmanage' ) ) {
- throw new PermissionsError( 'awardsmanage' );
- }
+ // make sure user has the correct permissions
+ $this->checkPermissions();
// Show a message if the database is in read-only mode
$this->checkReadOnly();
diff --git a/SystemGifts/SpecialSystemGiftManager.php
b/SystemGifts/SpecialSystemGiftManager.php
index f39c129..fce80de 100644
--- a/SystemGifts/SpecialSystemGiftManager.php
+++ b/SystemGifts/SpecialSystemGiftManager.php
@@ -30,13 +30,8 @@
$request = $this->getRequest();
$user = $this->getUser();
- // Set the page title, robot policies, etc.
- $this->setHeaders();
-
- // If the user doesn't have the required 'awardsmanage'
permission, display an error
- if ( !$user->isAllowed( 'awardsmanage' ) ) {
- throw new PermissionsError( 'awardsmanage' );
- }
+ // make sure user has the correct permissions
+ $this->checkPermissions();
// Show a message if the database is in read-only mode
$this->checkReadOnly();
@@ -46,6 +41,10 @@
throw new UserBlockedError( $user->getBlock() );
}
+ // Set the page title, robot policies, etc.
+ $out->setArticleRelated( false );
+ $out->setRobotPolicy( 'noindex,nofollow' );
+
// Add CSS
$out->addModuleStyles(
'ext.socialprofile.special.systemgiftmanager.css' );
diff --git a/SystemGifts/SpecialSystemGiftManagerLogo.php
b/SystemGifts/SpecialSystemGiftManagerLogo.php
index ebad268..38bbdd4 100644
--- a/SystemGifts/SpecialSystemGiftManagerLogo.php
+++ b/SystemGifts/SpecialSystemGiftManagerLogo.php
@@ -22,7 +22,7 @@
* Constructor -- set up the new special page
*/
public function __construct() {
- parent::__construct( 'SystemGiftManagerLogo' );
+ parent::__construct( 'SystemGiftManagerLogo', 'awardsmanage' );
}
/**
@@ -35,14 +35,8 @@
$request = $this->getRequest();
$user = $this->getUser();
- // Set the robot policies, etc.
- $out->setArticleRelated( false );
- $out->setRobotPolicy( 'noindex,nofollow' );
-
- // If the user doesn't have the required 'awardsmanage'
permission, display an error
- if ( !$user->isAllowed( 'awardsmanage' ) ) {
- throw new PermissionsError( 'awardsmanage' );
- }
+ // make sure user has the correct permissions
+ $this->checkPermissions();
// Show a message if the database is in read-only mode
$this->checkReadOnly();
@@ -52,6 +46,10 @@
throw new UserBlockedError( $user->getBlock() );
}
+ // Set the robot policies, etc.
+ $out->setArticleRelated( false );
+ $out->setRobotPolicy( 'noindex,nofollow' );
+
// Add CSS
$out->addModuleStyles(
'ext.socialprofile.special.systemgiftmanagerlogo.css' );
diff --git a/UserBoard/SpecialSendBoardBlast.php
b/UserBoard/SpecialSendBoardBlast.php
index a1e67c9..986b0e7 100644
--- a/UserBoard/SpecialSendBoardBlast.php
+++ b/UserBoard/SpecialSendBoardBlast.php
@@ -29,15 +29,8 @@
$request = $this->getRequest();
$user = $this->getUser();
- // Set the page title, robot policies, etc.
- $this->setHeaders();
-
// This feature is available only to logged-in users.
- if ( !$user->isLoggedIn() ) {
- $out->setPageTitle( $this->msg( 'boardblastlogintitle'
)->plain() );
- $out->addWikiMsg( 'boardblastlogintext' );
- return '';
- }
+ $this->requireLogin();
// Is the database locked?
$this->checkReadOnly();
@@ -47,6 +40,9 @@
throw new UserBlockedError( $user->getBlock() );
}
+ // Set the page title, robot policies, etc.
+ $this->setHeaders();
+
// Add CSS & JS
$out->addModuleStyles( array(
'ext.socialprofile.userboard.boardblast.css'
diff --git a/UserBoard/i18n/en.json b/UserBoard/i18n/en.json
index 8cde24f..a0b7f4f 100644
--- a/UserBoard/i18n/en.json
+++ b/UserBoard/i18n/en.json
@@ -7,8 +7,6 @@
]
},
"userboard-desc": "Allows for sending board-to-board messages",
- "boardblastlogintitle": "You must be logged in to send board blasts",
- "boardblastlogintext": "In order to send board blasts, you must be
[[Special:UserLogin|logged in]].",
"messagesenttitle": "Messages sent",
"boardblasttitle": "Send board blast",
"boardblaststep1": "Step 1 - Write your message",
diff --git a/UserBoard/i18n/qqq.json b/UserBoard/i18n/qqq.json
index 200f75f..999580b 100644
--- a/UserBoard/i18n/qqq.json
+++ b/UserBoard/i18n/qqq.json
@@ -10,7 +10,6 @@
]
},
"userboard-desc":
"{{desc|name=UserBoard|url=https://www.mediawiki.org/wiki/Extension:SocialProfile}}";,
- "boardblastlogintitle": "As I understand it, it is a sort of board tool
to leave messages. Is
it?\nhttp://www.mediawiki.org/wiki/Extension:SocialProfile#Board_Blast";,
"userboard_private": "{{Identical|Private}}",
"userboard_public": "{{Identical|Public}}",
"userboard_sendbutton": "{{Identical|Send}}",
diff --git a/UserGifts/SpecialGiftManager.php b/UserGifts/SpecialGiftManager.php
index 39a6a6f..bac7bb8 100644
--- a/UserGifts/SpecialGiftManager.php
+++ b/UserGifts/SpecialGiftManager.php
@@ -36,19 +36,24 @@
$request = $this->getRequest();
$user = $this->getUser();
- // Set the page title, robot policies, etc.
- $this->setHeaders();
-
- $out->setPageTitle( $this->msg( 'giftmanager' )->plain() );
-
// Make sure that the user is logged in and that they can use
this
// special page
- if ( $user->isAnon() || !$this->canUserManage() ) {
+ $this->requireLogin();
+
+ if ( !$this->canUserManage() ) {
throw new ErrorPageError( 'error', 'badaccess' );
}
// Show a message if the database is in read-only mode
$this->checkReadOnly();
+
+ // If the user is blocked, don't allow access to them
+ if ( $user->isBlocked() ) {
+ throw new UserBlockedError( $user->getBlock() );
+ }
+
+ // Set the page title, robot policies, etc.
+ $this->setHeaders();
// Add CSS
$out->addModuleStyles( [
@@ -107,27 +112,19 @@
/**
* Function to check if the user can manage created gifts
*
- * @return Boolean: true if user has 'giftadmin' permission or is
- * a member of the giftadmin group, otherwise false
+ * @return bool true if -
+ * - the user has the 'giftadmin' permission
+ * - ..or the max amount of custom user gifts is above zero
*/
function canUserManage() {
global $wgMaxCustomUserGiftCount;
$user = $this->getUser();
- if ( $user->isBlocked() ) {
- return false;
- }
-
- if ( $wgMaxCustomUserGiftCount > 0 ) {
- return true;
- }
-
if (
$user->isAllowed( 'giftadmin' ) ||
- in_array( 'giftadmin', $user->getGroups() )
- )
- {
+ $wgMaxCustomUserGiftCount > 0
+ ) {
return true;
}
diff --git a/UserGifts/SpecialGiftManagerLogo.php
b/UserGifts/SpecialGiftManagerLogo.php
index c64ab27..e9169e8 100644
--- a/UserGifts/SpecialGiftManagerLogo.php
+++ b/UserGifts/SpecialGiftManagerLogo.php
@@ -47,14 +47,10 @@
function canUserManage() {
$user = $this->getUser();
- if ( $user->isBlocked() || $user->isAnon() ) {
- return false;
- }
-
$gift = Gifts::getGift( $this->gift_id );
if (
- $user->getID() == $gift['creator_user_id'] ||
- in_array( 'giftadmin', $user->getGroups() )
+ $user->getId() == $gift['creator_user_id'] ||
+ $user->isAllowed( 'giftadmin' )
)
{
return true;
@@ -122,22 +118,31 @@
$this->avatarUploadDirectory = $wgUploadDirectory . '/awards';
- // Set the robot policies, etc.
- $out->setArticleRelated( false );
- $out->setRobotPolicy( 'noindex,nofollow' );
-
/** Show an error message if file upload is disabled */
if ( !$wgEnableUploads ) {
$out->addWikiMsg( 'uploaddisabled' );
return;
}
+ // user needs to be logged in to access
+ $this->requireLogin();
+
/** Various rights checks */
if ( !$user->isAllowed( 'upload' ) || $user->isBlocked() ) {
throw new ErrorPageError( 'uploadnologin',
'uploadnologintext' );
}
+
$this->checkReadOnly();
+ // If user is blocked, s/he doesn't need to access this page
+ if ( $user->isBlocked() ) {
+ throw new UserBlockedError( $user->getBlock() );
+ }
+
+ // Set the robot policies, etc.
+ $out->setArticleRelated( false );
+ $out->setRobotPolicy( 'noindex,nofollow' );
+
/** Check if the image directory is writeable, this is a common
mistake */
if ( !is_writeable( $wgUploadDirectory ) ) {
$out->addWikiMsg( 'upload_directory_read_only',
$wgUploadDirectory );
diff --git a/UserGifts/SpecialRemoveMasterGift.php
b/UserGifts/SpecialRemoveMasterGift.php
index efe28ae..191b669 100644
--- a/UserGifts/SpecialRemoveMasterGift.php
+++ b/UserGifts/SpecialRemoveMasterGift.php
@@ -6,7 +6,7 @@
* Constructor
*/
public function __construct() {
- parent::__construct( 'RemoveMasterGift' );
+ parent::__construct( 'RemoveMasterGift', 'giftadmin' );
}
/**
@@ -37,18 +37,17 @@
/**
* Checks if a user is allowed to remove gifts.
*
- * @return Boolean: false by default or if the user is blocked, true if
- * user has 'delete' permission or is a member of the
- * giftadmin group
+ * @return Boolean: false by default or true if
+ * - has'delete' permission or..
+ * - has the 'giftadmin' permission
*/
function canUserManage() {
$user = $this->getUser();
- if ( $user->isBlocked() ) {
- return false;
- }
-
- if ( $user->isAllowed( 'delete' ) || in_array( 'giftadmin',
$user->getGroups() ) ) {
+ if (
+ $user->isAllowed( 'delete' ) ||
+ $user->isAllowed( 'giftadmin' )
+ ) {
return true;
}
@@ -64,16 +63,24 @@
$out = $this->getOutput();
$request = $this->getRequest();
+ // user needs to be logged in to access
+ $this->requireLogin();
+
+ // Check for permissions
+ if ( !$this->canUserManage() ) {
+ throw new ErrorPageError( 'error', 'badaccess' );
+ }
+
+ // If user is blocked, s/he doesn't need to access this page
+ if ( $user->isBlocked() ) {
+ throw new UserBlockedError( $user->getBlock() );
+ }
+
// Set the page title, robot policies, etc.
$this->setHeaders();
// Add CSS
$out->addModuleStyles( 'ext.socialprofile.usergifts.css' );
-
- // Check for permissions
- if ( $this->getUser()->isAnon() || !$this->canUserManage() ) {
- throw new ErrorPageError( 'error', 'badaccess' );
- }
$this->gift_id = $request->getInt( 'gift_id' );
diff --git a/UserProfile/SpecialEditProfile.php
b/UserProfile/SpecialEditProfile.php
index b4d68a2..2f9f206 100644
--- a/UserProfile/SpecialEditProfile.php
+++ b/UserProfile/SpecialEditProfile.php
@@ -29,30 +29,24 @@
$request = $this->getRequest();
$user = $this->getUser();
- // Set the page title, robot policies, etc.
- $this->setHeaders();
- $out->setHTMLTitle( $this->msg( 'pagetitle',
- $this->msg( 'edit-profiles-title' )->plain() )->parse()
);
-
// This feature is only available for logged-in users.
- if ( !$user->isLoggedIn() ) {
- $out->setPageTitle( $this->msg(
'user-profile-update-notloggedin-title' )->plain() );
- $out->addWikiMsg(
'user-profile-update-notloggedin-text' );
- return;
- }
+ $this->requireLogin();
+
+ // make sure user has the correct permissions
+ $this->checkPermissions();
+
+ // Database operations require write mode
+ $this->checkReadOnly();
// No need to allow blocked users to access this page, they
could abuse it, y'know.
if ( $user->isBlocked() ) {
throw new UserBlockedError( $user->getBlock() );
}
- // Database operations require write mode
- $this->checkReadOnly();
-
- // Are we even allowed to do this?
- if ( !$user->isAllowed( 'editothersprofiles' ) ) {
- throw new PermissionsError( 'editothersprofiles' );
- }
+ // Set the page title, robot policies, etc.
+ $this->setHeaders();
+ $out->setHTMLTitle( $this->msg( 'pagetitle',
+ $this->msg( 'edit-profiles-title' )->plain() )->parse()
);
// Add CSS & JS
$out->addModuleStyles( array(
diff --git a/UserProfile/SpecialPopulateExistingUsersProfiles.php
b/UserProfile/SpecialPopulateExistingUsersProfiles.php
index c7799ae..a41bad6 100644
--- a/UserProfile/SpecialPopulateExistingUsersProfiles.php
+++ b/UserProfile/SpecialPopulateExistingUsersProfiles.php
@@ -17,7 +17,7 @@
* Constructor -- set up the new special page
*/
public function __construct() {
- parent::__construct( 'PopulateUserProfiles' );
+ parent::__construct( 'PopulateUserProfiles',
'populate-user-profiles' );
}
public function doesWrites() {
@@ -33,10 +33,8 @@
$out = $this->getOutput();
$user = $this->getUser();
- // Check permissions
- if ( !in_array( 'staff', $user->getEffectiveGroups() ) ) {
- throw new ErrorPageError( 'error', 'badaccess' );
- }
+ // Make sure user has the correct permissions
+ $this->checkPermissions();
// Show a message if the database is in read-only mode
$this->checkReadOnly();
@@ -46,6 +44,9 @@
throw new UserBlockedError( $user->getBlock() );
}
+ // set headers
+ $this->setHeaders();
+
$dbw = wfGetDB( DB_MASTER );
$res = $dbw->select(
'page',
diff --git a/UserProfile/SpecialToggleUserPageType.php
b/UserProfile/SpecialToggleUserPageType.php
index d6f9aa5..2075b7a 100644
--- a/UserProfile/SpecialToggleUserPageType.php
+++ b/UserProfile/SpecialToggleUserPageType.php
@@ -32,13 +32,14 @@
$user = $this->getUser();
// This feature is only available to logged-in users.
- if ( !$user->isLoggedIn() ) {
- throw new ErrorPageError( 'error', 'badaccess' );
- }
+ $this->requireLogin();
// Show a message if the database is in read-only mode
$this->checkReadOnly();
+ // set header (robot policy, page title, etc)
+ $this->setHeaders();
+
$dbw = wfGetDB( DB_MASTER );
$s = $dbw->selectRow(
'user_profile',
diff --git a/UserProfile/SpecialUpdateProfile.php
b/UserProfile/SpecialUpdateProfile.php
index 9cdb2af..82ec7d8 100644
--- a/UserProfile/SpecialUpdateProfile.php
+++ b/UserProfile/SpecialUpdateProfile.php
@@ -57,24 +57,20 @@
$request = $this->getRequest();
$user = $this->getUser();
- // Set the page title, robot policies, etc.
- $this->setHeaders();
- $out->setHTMLTitle( $this->msg( 'pagetitle', $this->msg(
'edit-profile-title' )->plain() )->parse() );
-
// This feature is only available for logged-in users.
- if ( !$user->isLoggedIn() ) {
- $out->setPageTitle( $this->msg(
'user-profile-update-notloggedin-title' )->plain() );
- $out->addWikiMsg(
'user-profile-update-notloggedin-text' );
- return;
- }
+ $this->requireLogin();
+
+ // Database operations require write mode
+ $this->checkReadOnly();
// No need to allow blocked users to access this page, they
could abuse it, y'know.
if ( $user->isBlocked() ) {
throw new UserBlockedError( $user->getBlock() );
}
- // Database operations require write mode
- $this->checkReadOnly();
+ // Set the page title, robot policies, etc.
+ $this->setHeaders();
+ $out->setHTMLTitle( $this->msg( 'pagetitle', $this->msg(
'edit-profile-title' )->plain() )->parse() );
/**
* Create thresholds based on user stats
diff --git a/UserProfile/UserProfile.php b/UserProfile/UserProfile.php
index 1420d1e..07fb04c 100644
--- a/UserProfile/UserProfile.php
+++ b/UserProfile/UserProfile.php
@@ -67,8 +67,10 @@
$wgAvailableRights[] = 'avatarremove';
$wgAvailableRights[] = 'editothersprofiles';
+$wgAvailableRights[] = 'populate-user-profiles';
$wgGroupPermissions['sysop']['avatarremove'] = true;
$wgGroupPermissions['staff']['editothersprofiles'] = true;
+$wgGroupPermissions['staff']['populate-user-profiles'] = true;
// ResourceLoader support for MediaWiki 1.17+
$wgResourceModules['ext.socialprofile.userprofile.css'] = array(
diff --git a/UserProfile/i18n/en.json b/UserProfile/i18n/en.json
index 7c635fd..91e06fd 100644
--- a/UserProfile/i18n/en.json
+++ b/UserProfile/i18n/en.json
@@ -83,8 +83,6 @@
"user-recent-activity-user-message": "Sent a message to",
"user-recent-activity-network-update": "Has posted a thought",
"user-recent-system-gift": "Received an award",
- "user-profile-update-notloggedin-title": "Cannot edit your profile
without being logged in",
- "user-profile-update-notloggedin-text": "You cannot edit your profile
without being logged in.\nClick [[Special:UserLogin|here]] to login or click
[[Special:UserLogin/signup|here]] to register.",
"user-profile-update-saved": "Your profile has been saved",
"user-profile-edit-profile-update-saved": "The user's profile was
successfully saved",
"user-profile-update-log-section": "changed section",
@@ -219,6 +217,8 @@
"right-editothersprofiles": "Update other users' social profiles",
"action-avatarremove": "remove user's avatars",
"action-editothersprofiles": "update other users' social profiles",
+ "right-populate-user-profiles": "Allows populating other users'
profiles for existing wikis",
+ "action-populate-user-profiles": "Allows populating other users'
profiles for existing wikis",
"apihelp-socialprofile-userprofileprivacy-description": "API module for
setting the visibility (\"privacy\") of a profile field",
"apihelp-socialprofile-userprofileprivacy-summary": "API module for
setting the visibility (\"privacy\") of a profile field",
"apihelp-socialprofile-userprofileprivacy-param-method": "Action
(either \"get\" or \"set\")",
diff --git a/UserProfile/i18n/qqq.json b/UserProfile/i18n/qqq.json
index 2e0753b..dc80be4 100644
--- a/UserProfile/i18n/qqq.json
+++ b/UserProfile/i18n/qqq.json
@@ -65,6 +65,8 @@
"user-page-link": "{{Identical|User page}}",
"right-avatarremove": "{{doc-right|avatarremove}}",
"right-editothersprofiles": "{{doc-right|editothersprofiles}}",
+ "right-populate-user-profiles": "{{doc-right|populate-user-profiles}}",
+ "action-populate-user-profiles":
"{{doc-action|populate-user-profiles}}",
"apihelp-socialprofile-userprofileprivacy-description":
"{{doc-apihelp-description|socialprofile-userprofileprivacy}}",
"apihelp-socialprofile-userprofileprivacy-summary":
"{{doc-apihelp-summary|socialprofile-userprofileprivacy}}",
"apihelp-socialprofile-userprofileprivacy-param-method":
"{{doc-apihelp-param|socialprofile-userprofileprivacy|method}}",
diff --git a/UserRelationship/SpecialViewRelationshipRequests.php
b/UserRelationship/SpecialViewRelationshipRequests.php
index 8b9cdff..f2178c1 100644
--- a/UserRelationship/SpecialViewRelationshipRequests.php
+++ b/UserRelationship/SpecialViewRelationshipRequests.php
@@ -50,21 +50,14 @@
$out = $this->getOutput();
$user = $this->getUser();
- // Set the page title, robot policies, etc.
- $this->setHeaders();
-
/**
* Redirect anonymous users to the login page
* It will automatically return them to the
ViewRelationshipRequests page
*/
- if ( !$user->isLoggedIn() ) {
- $out->setPageTitle( $this->msg( 'ur-error-page-title'
)->plain() );
- $login = SpecialPage::getTitleFor( 'Userlogin' );
- $out->redirect(
- $login->getFullURL(
'returnto=Special:ViewRelationshipRequests' )
- );
- return false;
- }
+ $this->requireLogin();
+
+ // Set the page title, robot policies, etc.
+ $this->setHeaders();
// Add CSS & JS
$out->addModuleStyles( array(
diff --git a/UserRelationship/SpecialViewRelationships.php
b/UserRelationship/SpecialViewRelationships.php
index b7a5366..dd33fd6 100644
--- a/UserRelationship/SpecialViewRelationships.php
+++ b/UserRelationship/SpecialViewRelationships.php
@@ -50,6 +50,12 @@
$user = $this->getUser();
$linkRenderer = $this->getLinkRenderer();
+ /**
+ * Redirect Non-logged in users to Login Page
+ * It will automatically return them to the ViewRelationships
page
+ */
+ $this->requireLogin();
+
// Set the page title, robot policies, etc.
$this->setHeaders();
@@ -66,17 +72,6 @@
$user_name = $request->getVal( 'user' );
$rel_type = $request->getInt( 'rel_type' );
$page = $request->getInt( 'page' );
-
- /**
- * Redirect Non-logged in users to Login Page
- * It will automatically return them to the ViewRelationships
page
- */
- if ( !$user->isLoggedIn() && $user_name == '' ) {
- $out->setPageTitle( $this->msg( 'ur-error-page-title'
)->plain() );
- $login = SpecialPage::getTitleFor( 'Userlogin' );
- $out->redirect( htmlspecialchars( $login->getFullURL(
'returnto=Special:ViewRelationships' ) ) );
- return false;
- }
/**
* Set up config for page / default values
diff --git a/UserRelationship/i18n/en.json b/UserRelationship/i18n/en.json
index 4ddceff..ebb3f62 100644
--- a/UserRelationship/i18n/en.json
+++ b/UserRelationship/i18n/en.json
@@ -8,7 +8,6 @@
"viewrelationships": "View relationship",
"viewrelationshiprequests": "View relationship requests",
"ur-already-submitted": "Your request has been sent",
- "ur-error-page-title": "Woops!",
"ur-error-title": "Whoops, you took a wrong turn!",
"ur-error-message-no-user": "We cannot complete your request, because
no user with this name exists.",
"ur-your-profile": "Your profile",
diff --git a/UserStats/GenerateTopUsersReport.php
b/UserStats/GenerateTopUsersReport.php
index 598ef31..de3b6d2 100644
--- a/UserStats/GenerateTopUsersReport.php
+++ b/UserStats/GenerateTopUsersReport.php
@@ -40,17 +40,15 @@
$request = $this->getRequest();
$user = $this->getUser();
- // Blocked through Special:Block? Tough luck.
- if ( $user->isBlocked() ) {
- throw new UserBlockedError( $user->getBlock() );
- }
+ // Check for the correct permission
+ $this->checkPermissions();
// Is the database locked or not?
$this->checkReadOnly();
- // Check for the correct permission
- if ( !$user->isAllowed( 'generatetopusersreport' ) ) {
- throw new PermissionsError( 'generatetopusersreport' );
+ // Blocked through Special:Block? Tough luck.
+ if ( $user->isBlocked() ) {
+ throw new UserBlockedError( $user->getBlock() );
}
// Set the page title, robot policy, etc.
diff --git a/UserStats/SpecialUpdateEditCounts.php
b/UserStats/SpecialUpdateEditCounts.php
index 39f549b..a9fbbc3 100644
--- a/UserStats/SpecialUpdateEditCounts.php
+++ b/UserStats/SpecialUpdateEditCounts.php
@@ -106,9 +106,7 @@
// Check permissions -- we must be allowed to access this
special page
// before we can run any database queries
- if ( !$this->getUser()->isAllowed( 'updatepoints' ) ) {
- throw new ErrorPageError( 'error', 'badaccess' );
- }
+ $this->checkPermissions();
// And obviously the database needs to be writable before we
start
// running INSERT/UPDATE queries against it...
--
To view, visit https://gerrit.wikimedia.org/r/400619
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I88c2c91fbd6844a653ab96e49fb1224e9caa30d3
Gerrit-PatchSet: 4
Gerrit-Project: mediawiki/extensions/SocialProfile
Gerrit-Branch: master
Gerrit-Owner: SamanthaNguyen <samanthanguyen1...@gmail.com>
Gerrit-Reviewer: Jack Phoenix <ash...@uncyclomedia.co>
Gerrit-Reviewer: Lewis Cawte <le...@lewiscawte.me>
Gerrit-Reviewer: SamanthaNguyen <samanthanguyen1...@gmail.com>
Gerrit-Reviewer: Siebrand <siebr...@kitano.nl>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
