https://www.mediawiki.org/wiki/Special:Code/MediaWiki/114815
Revision: 114815
Author: bsitu
Date: 2012-04-09 23:45:36 +0000 (Mon, 09 Apr 2012)
Log Message:
-----------
remove redundant permission checking since UserCan() handles these and add rate
Limiting to prevent flooding
Modified Paths:
--------------
trunk/extensions/PageTriage/PageTriage.php
trunk/extensions/PageTriage/api/ApiPageTriageAction.php
Modified: trunk/extensions/PageTriage/PageTriage.php
===================================================================
--- trunk/extensions/PageTriage/PageTriage.php 2012-04-09 22:47:10 UTC (rev
114814)
+++ trunk/extensions/PageTriage/PageTriage.php 2012-04-09 23:45:36 UTC (rev
114815)
@@ -285,3 +285,8 @@
'pagetriage-mark-as-reviewed-error',
),
);
+
+/** Rate limit setting for PageTriage **/
+$wgRateLimits += array(
+ 'pagetriage-mark-action' => array( 'user' => array( 1, 3 ) )
+);
Modified: trunk/extensions/PageTriage/api/ApiPageTriageAction.php
===================================================================
--- trunk/extensions/PageTriage/api/ApiPageTriageAction.php 2012-04-09
22:47:10 UTC (rev 114814)
+++ trunk/extensions/PageTriage/api/ApiPageTriageAction.php 2012-04-09
23:45:36 UTC (rev 114815)
@@ -7,10 +7,6 @@
$params = $this->extractRequestParams();
- if ( $wgUser->isAnon() || $wgUser->isBlocked( false ) ) {
- $this->permissionError();
- }
-
$article = Article::newFromID( $params['pageid'] );
if ( $article ) {
if ( !$article->getTitle()->quickUserCan( 'patrol' ) ) {
@@ -19,7 +15,11 @@
} else {
$this->pageError();
}
-
+
+ if ( $wgUser->pingLimiter( 'pagetriage-mark-action' ) ) {
+ $this->dieUsageMsg( array( 'actionthrottledtext' ) );
+ }
+
$pageTriage = new PageTriage( $params['pageid'] );
$pageTriage->setTriageStatus( $params['reviewed'], $wgUser );
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
