Page MenuHomePhabricator

T222036.patch

File Metadata

Author
Rxy
Created
Apr 28 2019, 8:11 PM

T222036.patch

From de1aa0099374c59f2a228d0d469f96e31738741c Mon Sep 17 00:00:00 2001
From: rxy <wikitech.rxy@rxy.jp>
Date: Mon, 29 Apr 2019 05:04:01 +0900
Subject: [PATCH] Add permission check for user is permitted to view the log
type
Bug: T222036
Change-Id: I7584ee8db23a8834bbab21e355cab9857a293f72
---
includes/changetags/ChangeTagsLogItem.php | 2 +-
includes/specials/SpecialEditTags.php | 3 +++
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/includes/changetags/ChangeTagsLogItem.php b/includes/changetags/ChangeTagsLogItem.php
index 75b713ef0d..2bac909716 100644
--- a/includes/changetags/ChangeTagsLogItem.php
+++ b/includes/changetags/ChangeTagsLogItem.php
@@ -49,7 +49,7 @@ class ChangeTagsLogItem extends RevisionItemBase {
}
public function canView() {
- return LogEventsList::userCan( $this->row, Revision::DELETED_RESTRICTED, $this->list->getUser() );
+ return LogEventsList::userCan( $this->row, Revision::SUPPRESSED_ALL, $this->list->getUser() );
}
public function canViewContent() {
diff --git a/includes/specials/SpecialEditTags.php b/includes/specials/SpecialEditTags.php
index 520380763f..109da546c2 100644
--- a/includes/specials/SpecialEditTags.php
+++ b/includes/specials/SpecialEditTags.php
@@ -225,6 +225,9 @@ class SpecialEditTags extends UnlistedSpecialPage {
$list = $this->getList();
for ( $list->reset(); $list->current(); $list->next() ) {
$item = $list->current();
+ if ( !$item->canView() ){
+ throw new ErrorPageError( 'permissionserrors', 'tags-update-no-permission' );
+ }
$numRevisions++;
$out->addHTML( $item->getHTML() );
}
--
2.11.0

Event Timeline