http://www.mediawiki.org/wiki/Special:Code/MediaWiki/88418

Revision: 88418
Author:   jeroendedauw
Date:     2011-05-19 18:50:45 +0000 (Thu, 19 May 2011)
Log Message:
-----------
fix restrictions in api modules

Modified Paths:
--------------
    trunk/extensions/Push/RELEASE-NOTES
    trunk/extensions/Push/api/ApiPush.php
    trunk/extensions/Push/api/ApiPushImages.php

Modified: trunk/extensions/Push/RELEASE-NOTES
===================================================================
--- trunk/extensions/Push/RELEASE-NOTES 2011-05-19 18:18:45 UTC (rev 88417)
+++ trunk/extensions/Push/RELEASE-NOTES 2011-05-19 18:50:45 UTC (rev 88418)
@@ -8,7 +8,7 @@
 2011-xx-xx
 
 * Fixed compatibility with MediaWiki 1.18.
-* Use of FormatJson::encode instead of josn_encode for compatibility with PHP5 
< 5.2.
+* Use of FormatJson::encode instead of json_encode for compatibility with PHP5 
< 5.2.
 
 === Version 0.8 ===
 2011-02-27

Modified: trunk/extensions/Push/api/ApiPush.php
===================================================================
--- trunk/extensions/Push/api/ApiPush.php       2011-05-19 18:18:45 UTC (rev 
88417)
+++ trunk/extensions/Push/api/ApiPush.php       2011-05-19 18:50:45 UTC (rev 
88418)
@@ -29,6 +29,12 @@
        }
        
        public function execute() {
+               global $wgUser;
+               
+               if ( !$wgUser->isAllowed( 'push' ) || $wgUser->isBlocked() ) {
+                       $this->dieUsageMsg( array( 'badaccess-groups' ) );
+               }
+               
                global $egPushLoginUser, $egPushLoginPass, $egPushLoginUsers, 
$egPushLoginPasswords;
                
                $params = $this->extractRequestParams();

Modified: trunk/extensions/Push/api/ApiPushImages.php
===================================================================
--- trunk/extensions/Push/api/ApiPushImages.php 2011-05-19 18:18:45 UTC (rev 
88417)
+++ trunk/extensions/Push/api/ApiPushImages.php 2011-05-19 18:50:45 UTC (rev 
88418)
@@ -27,6 +27,12 @@
        }
        
        public function execute() {
+               global $wgUser;
+               
+               if ( !$wgUser->isAllowed( 'push' ) || $wgUser->isBlocked() ) {
+                       $this->dieUsageMsg( array( 'badaccess-groups' ) );
+               }
+               
                global $egPushLoginUser, $egPushLoginPass, $egPushLoginUsers, 
$egPushLoginPasswords;
                
                $params = $this->extractRequestParams();


_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs

Reply via email to