jenkins-bot has submitted this change and it was merged.

Change subject: Include implicit rights in UserIsEveryoneAllowed
......................................................................


Include implicit rights in UserIsEveryoneAllowed

Return true for UserIsEveryoneAllowed, if the right is included in
the implicit (hidden) grants, since all consumers will include these.

Not allowing read in UserIsEveryoneAllowed hook will have serious
performance impact on the wiki.

Bug: 56975
Change-Id: If4ff036f88fe822ee79672a04ca9dd90788deea4
---
M api/MWOAuthAPI.setup.php
1 file changed, 12 insertions(+), 3 deletions(-)

Approvals:
  Aaron Schulz: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/api/MWOAuthAPI.setup.php b/api/MWOAuthAPI.setup.php
index f4fda05..e82da82 100644
--- a/api/MWOAuthAPI.setup.php
+++ b/api/MWOAuthAPI.setup.php
@@ -201,13 +201,22 @@
        }
 
        /**
-        * Called to check if everyone has a particular user right
-        *
+        * Called to check if everyone has a particular user right. This hook 
is only reached
+        * if the right is assigned to '*' on the wiki, so we can safely return 
true for
+        * everything in $wgMWOAuthGrantPermissions['useoauth'], since most 
Consumers should
+        * include that grant.
         * @param string $right
         * @return boolean
         */
        public static function onUserIsEveryoneAllowed( $right ) {
-               /** @todo: If we implement a "default" grant, return true for 
rights granted there. */
+               $implicitGrants = MWOAuthUtils::getHiddenGrants();
+               foreach ( $implicitGrants as $grant ) {
+                       $grantRights = MWOAuthUtils::getGrantRights( $grant );
+                       if ( in_array( $right, $grantRights ) ) {
+                               return true;
+                       }
+               }
+
                return false;
        }
 

-- 
To view, visit https://gerrit.wikimedia.org/r/95701
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: If4ff036f88fe822ee79672a04ca9dd90788deea4
Gerrit-PatchSet: 5
Gerrit-Project: mediawiki/extensions/OAuth
Gerrit-Branch: master
Gerrit-Owner: CSteipp <[email protected]>
Gerrit-Reviewer: Aaron Schulz <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: jenkins-bot

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to