Anomie has uploaded a new change for review.
https://gerrit.wikimedia.org/r/71539
Change subject: Improve UI for page protection with $wgNamespaceProtection
......................................................................
Improve UI for page protection with $wgNamespaceProtection
Right now, if you set $wgNamespaceProtection, the protection interface
is confusing: it will allow you to apply "useless" protection levels for
any namespace except MediaWiki, where it will refuse to let you set any
protection at all.
The fix is to find which restriction levels are more restrictive than
the $wgNamespaceProtection restriction (i.e. where there is at least one
group that can pass $wgNamespaceProtection but not the level from
$wgRestrictionLevels), and use only those in the protection form. If
there are no such levels, we can skip showing the "protect" tab
entirely.
Change-Id: I9e2b29ade566abcd008ea2ad1e2f9818e315bb32
---
M RELEASE-NOTES-1.22
M includes/EditPage.php
M includes/Namespace.php
M includes/ProtectionForm.php
M includes/SkinTemplate.php
5 files changed, 75 insertions(+), 41 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core
refs/changes/39/71539/1
diff --git a/RELEASE-NOTES-1.22 b/RELEASE-NOTES-1.22
index 72d7137..cb4cc91 100644
--- a/RELEASE-NOTES-1.22
+++ b/RELEASE-NOTES-1.22
@@ -129,6 +129,10 @@
are now used just for that purpose, instead of overloading other rights. This
allows easy granting of the ability to edit sysop-protected pages without
also granting the ability to protect and unprotect.
+* For namespaces with $wgNamespaceProtection (including the MediaWiki
+ namespace), the "protect" tab will be shown iff there are restriction levels
+ available that would restrict editing beyond what $wgNamespaceProtection
+ already applies. The protection form will offer only those protection levels.
=== Bug fixes in 1.22 ===
* Disable Special:PasswordReset when $wgEnableEmail is false. Previously one
diff --git a/includes/EditPage.php b/includes/EditPage.php
index 84bb493..04593c4 100644
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -2397,7 +2397,9 @@
}
}
- if ( $this->mTitle->getNamespace() != NS_MEDIAWIKI &&
$this->mTitle->isProtected( 'edit' ) ) {
+ if ( $this->mTitle->isProtected( 'edit' ) &&
+ MWNamespace::getRestrictionLevels(
$this->mTitle->getNamespace() ) !== array( '' )
+ ) {
# Is the title semi-protected?
if ( $this->mTitle->isSemiProtected() ) {
$noticeMsg = 'semiprotectedpagewarning';
@@ -2599,7 +2601,9 @@
$attribs = array( 'style' => 'display:none;' );
} else {
$classes = array(); // Textarea CSS
- if ( $this->mTitle->getNamespace() != NS_MEDIAWIKI &&
$this->mTitle->isProtected( 'edit' ) ) {
+ if ( $this->mTitle->isProtected( 'edit' ) &&
+ MWNamespace::getRestrictionLevels(
$this->mTitle->getNamespace() ) !== array( '' )
+ ) {
# Is the title semi-protected?
if ( $this->mTitle->isSemiProtected() ) {
$classes[] = 'mw-textarea-sprotected';
diff --git a/includes/Namespace.php b/includes/Namespace.php
index 8001b41..939abcd 100644
--- a/includes/Namespace.php
+++ b/includes/Namespace.php
@@ -433,4 +433,61 @@
? $wgNamespaceContentModels[$index]
: null;
}
+
+ /**
+ * Determine which restriction levels it makes sense to use in a
namespace,
+ * optionally filtered by a user's rights.
+ *
+ * @since 1.22
+ * @param int $index Index to check
+ * @param User $user User to check
+ * @return bool
+ */
+ public static function getRestrictionLevels( $index, User $user = null
) {
+ global $wgNamespaceProtection, $wgRestrictionLevels;
+
+ if ( !isset( $wgNamespaceProtection[$index] ) ) {
+ // All levels are valid if there's no namespace
restriction.
+ return $wgRestrictionLevels;
+ }
+
+ // First, get the list of groups that can edit this namespace.
+ $namespaceGroups = array();
+ $combine = 'array_merge';
+ foreach ( (array)$wgNamespaceProtection[$index] as $right ) {
+ if ( $right == 'sysop' ) {
+ $right = 'editprotected'; // BC
+ }
+ if ( $right == 'autoconfirmed' ) {
+ $right = 'editsemiprotected'; // BC
+ }
+ if ( $right != '' ) {
+ $namespaceGroups = call_user_func( $combine,
$namespaceGroups,
+ User::getGroupsWithPermission( $right )
);
+ $combine = 'array_intersect';
+ }
+ }
+
+ // Now, keep only those restriction levels where there is at
least one
+ // group that can edit the namespace but would be blocked by the
+ // restriction.
+ $usableLevels = array( '' );
+ $combine = 'array_merge';
+ foreach ( $wgRestrictionLevels as $level ) {
+ $right = $level;
+ if ( $right == 'sysop' ) {
+ $right = 'editprotected'; // BC
+ }
+ if ( $right == 'autoconfirmed' ) {
+ $right = 'editsemiprotected'; // BC
+ }
+ if ( $right !='' && ( !$user || $user->isAllowed(
$right ) ) &&
+ array_diff( $namespaceGroups,
User::getGroupsWithPermission( $right ) )
+ ) {
+ $usableLevels[] = $level;
+ }
+ }
+
+ return $usableLevels;
+ }
}
diff --git a/includes/ProtectionForm.php b/includes/ProtectionForm.php
index a14f1a0..7f998c4 100644
--- a/includes/ProtectionForm.php
+++ b/includes/ProtectionForm.php
@@ -83,8 +83,8 @@
*/
function loadData() {
global $wgRequest, $wgUser;
- global $wgRestrictionLevels;
+ $levels = MWNamespace::getRestrictionLevels(
$this->mTitle->getNamespace(), $wgUser );
$this->mCascade = $this->mTitle->areRestrictionsCascading();
$this->mReason = $wgRequest->getText( 'mwProtect-reason' );
@@ -132,21 +132,7 @@
}
$val = $wgRequest->getVal( "mwProtect-level-$action" );
- if ( isset( $val ) && in_array( $val,
$wgRestrictionLevels ) ) {
- // Prevent users from setting levels that they
cannot later unset
- if ( $val == 'sysop' ) {
- // Special case, rewrite sysop to
editprotected
- if ( !$wgUser->isAllowed(
'editprotected' ) ) {
- continue;
- }
- } elseif ( $val == 'autoconfirmed' ) {
- // Special case, rewrite autoconfirmed
to editsemiprotected
- if ( !$wgUser->isAllowed(
'editsemiprotected' ) ) {
- continue;
- }
- } elseif ( !$wgUser->isAllowed( $val ) ) {
- continue;
- }
+ if ( isset( $val ) && in_array( $val, $levels ) ) {
$this->mRestrictions[$action] = $val;
}
}
@@ -189,7 +175,7 @@
function execute() {
global $wgRequest, $wgOut;
- if ( $this->mTitle->getNamespace() == NS_MEDIAWIKI ) {
+ if ( MWNamespace::getRestrictionLevels(
$this->mTitle->getNamespace() ) === array( '' ) ) {
throw new ErrorPageError( 'protect-badnamespace-title',
'protect-badnamespace-text' );
}
@@ -561,28 +547,9 @@
* @return String: HTML fragment
*/
function buildSelector( $action, $selected ) {
- global $wgRestrictionLevels, $wgUser;
+ global $wgUser;
- $levels = array();
- foreach ( $wgRestrictionLevels as $key ) {
- //don't let them choose levels above their own (aka so
they can still unprotect and edit the page). but only when the form isn't
disabled
- if ( $key == 'sysop' ) {
- //special case, rewrite sysop to editprotected
- if ( !$wgUser->isAllowed( 'editprotected' ) &&
!$this->disabled ) {
- continue;
- }
- } elseif ( $key == 'autoconfirmed' ) {
- //special case, rewrite autoconfirmed to
editsemiprotected
- if ( !$wgUser->isAllowed( 'editsemiprotected' )
&& !$this->disabled ) {
- continue;
- }
- } else {
- if ( !$wgUser->isAllowed( $key ) &&
!$this->disabled ) {
- continue;
- }
- }
- $levels[] = $key;
- }
+ $levels = MWNamespace::getRestrictionLevels(
$this->mTitle->getNamespace(), $wgUser );
$id = 'mwProtect-level-' . $action;
$attribs = array(
diff --git a/includes/SkinTemplate.php b/includes/SkinTemplate.php
index 8e41b5a..cf0409e 100644
--- a/includes/SkinTemplate.php
+++ b/includes/SkinTemplate.php
@@ -983,7 +983,9 @@
}
}
- if ( $title->getNamespace() !== NS_MEDIAWIKI &&
$title->quickUserCan( 'protect', $user ) && $title->getRestrictionTypes() ) {
+ if ( $title->quickUserCan( 'protect', $user )
&& $title->getRestrictionTypes() &&
+ MWNamespace::getRestrictionLevels(
$title->getNamespace(), $user ) !== array( '' )
+ ) {
$mode = $title->isProtected() ?
'unprotect' : 'protect';
$content_navigation['actions'][$mode] =
array(
'class' => ( $onPage && $action
== $mode ) ? 'selected' : false,
--
To view, visit https://gerrit.wikimedia.org/r/71539
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I9e2b29ade566abcd008ea2ad1e2f9818e315bb32
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
