Anomie has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/76103


Change subject: Followup Idfee1b4d per Tim
......................................................................

Followup Idfee1b4d per Tim

OAuth was going to return different values for UserIsEveryoneAllowed
depending on whether OAuth headers were provided, so the bolding on
Special:SpecialPages wouldn't be odd. That wasn't liked, so instead
we'll only mark special pages as restricted based on $wgGroupPermissions
and not what extensions might do.

Also, it was suggested that if an extension can remove 'read' then the
cache headers set by RawAction and the API should reflect that.

Change-Id: I381553e79c5320083c6d6d9ddd5bc0b146600f9e
---
M includes/SpecialPage.php
M includes/actions/RawAction.php
M includes/api/ApiMain.php
3 files changed, 4 insertions(+), 4 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/03/76103/1

diff --git a/includes/SpecialPage.php b/includes/SpecialPage.php
index ad9618f..d87f910 100644
--- a/includes/SpecialPage.php
+++ b/includes/SpecialPage.php
@@ -553,8 +553,8 @@
         *   pages?
         */
        public function isRestricted() {
-               // DWIM: If everyone can do something, then it is not restricted
-               return $this->mRestriction != '' && !User::isEveryoneAllowed( 
$this->mRestriction );
+               // DWIM: If anons can do something, then it is not restricted
+               return $this->mRestriction != '' && !User::groupHasPermission( 
'*', $this->mRestriction );
        }
 
        /**
diff --git a/includes/actions/RawAction.php b/includes/actions/RawAction.php
index dd14311..32751e4 100644
--- a/includes/actions/RawAction.php
+++ b/includes/actions/RawAction.php
@@ -93,7 +93,7 @@
                $response->header( 'Content-type: ' . $contentType . '; 
charset=UTF-8' );
                # Output may contain user-specific data;
                # vary generated content for open sessions on private wikis
-               $privateCache = !User::groupHasPermission( '*', 'read' ) && ( 
$smaxage == 0 || session_id() != '' );
+               $privateCache = !User::isEveryoneAllowed( 'read' ) && ( 
$smaxage == 0 || session_id() != '' );
                # allow the client to cache this for 24 hours
                $mode = $privateCache ? 'private' : 'public';
                $response->header( 'Cache-Control: ' . $mode . ', s-maxage=' . 
$smaxage . ', max-age=' . $maxage );
diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php
index 49a0b3c..6dd6d59 100644
--- a/includes/api/ApiMain.php
+++ b/includes/api/ApiMain.php
@@ -274,7 +274,7 @@
                        return;
                }
 
-               if ( !User::groupHasPermission( '*', 'read' ) ) {
+               if ( !User::isEveryoneAllowed( 'read' ) ) {
                        // Private wiki, only private headers
                        if ( $mode !== 'private' ) {
                                wfDebug( __METHOD__ . ": ignoring request for 
$mode cache mode, private wiki\n" );

-- 
To view, visit https://gerrit.wikimedia.org/r/76103
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I381553e79c5320083c6d6d9ddd5bc0b146600f9e
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to