Page MenuHomePhabricator

T222038-formatter.patch

File Metadata

Author
Rxy
Created
Apr 28 2019, 8:26 PM

T222038-formatter.patch

From b57a2c03904b8c321adc82ffcee2f7424b08f473 Mon Sep 17 00:00:00 2001
From: rxy <wikitech.rxy@rxy.jp>
Date: Mon, 29 Apr 2019 05:14:18 +0900
Subject: [PATCH] Add permission check for user is permitted to view the log
type
Bug: T222038
Change-Id: I1c4e57a513e3a0e616b862a5b9d684f463ad9981
---
includes/logging/LogEventsList.php | 25 +++++++++++++++++++++++--
includes/logging/LogFormatter.php | 22 ++++++++++++++++++++--
2 files changed, 43 insertions(+), 4 deletions(-)
diff --git a/includes/logging/LogEventsList.php b/includes/logging/LogEventsList.php
index 3fd52af01b..ab16db73a8 100644
--- a/includes/logging/LogEventsList.php
+++ b/includes/logging/LogEventsList.php
@@ -531,7 +531,7 @@ class LogEventsList extends ContextSource {
/**
* Determine if the current user is allowed to view a particular
- * field of this log row, if it's marked as deleted.
+ * field of this log row, if it's marked as deleted and/or restricted log type.
*
* @param stdClass $row
* @param int $field
@@ -539,7 +539,8 @@ class LogEventsList extends ContextSource {
* @return bool
*/
public static function userCan( $row, $field, User $user = null ) {
- return self::userCanBitfield( $row->log_deleted, $field, $user );
+ return self::userCanBitfield( $row->log_deleted, $field, $user ) &&
+ self::userCanViewLogType( $row->log_type, $user );
}
/**
@@ -570,6 +571,26 @@ class LogEventsList extends ContextSource {
}
/**
+ * Determine if the current user is allowed to view a particular
+ * field of this log row, if it's marked as restricted log type.
+ *
+ * @param stdClass $row
+ * @param User|null $user User to check, or null to use $wgUser
+ * @return bool
+ */
+ public static function userCanViewLogType( $type, User $user = null ) {
+ if ( $user === null ){
+ global $wgUser;
+ $user = $wgUser;
+ }
+ $logRestrictions = MediaWikiServices::getInstance()->getMainConfig()->get( 'LogRestrictions' );
+ if ( isset( $logRestrictions[$type] ) && !$user->isAllowed( $logRestrictions[$type] ) ) {
+ return false;
+ }
+ return true;
+ }
+
+ /**
* @param stdClass $row
* @param int $field One of DELETED_* bitfield constants
* @return bool
diff --git a/includes/logging/LogFormatter.php b/includes/logging/LogFormatter.php
index 3e942ae08d..0ffaee8fca 100644
--- a/includes/logging/LogFormatter.php
+++ b/includes/logging/LogFormatter.php
@@ -154,6 +154,23 @@ class LogFormatter {
}
/**
+ * Check if a log item type can be displayed
+ * @return bool
+ */
+ public function canViewLogType() {
+ // If the user doesn't have the right permission to view the specific
+ // log type, return false
+ $logRestrictions = $this->context->getConfig()->get( 'LogRestrictions' );
+ $type = $this->entry->getType();
+ if ( isset( $logRestrictions[$type] )
+ && !$this->context->getUser()->isAllowed( $logRestrictions[$type] )
+ ) {
+ return false;
+ }
+ return true;
+ }
+
+ /**
* Check if a log item can be displayed
* @param int $field LogPage::DELETED_* constant
* @return bool
@@ -161,9 +178,10 @@ class LogFormatter {
protected function canView( $field ) {
if ( $this->audience == self::FOR_THIS_USER ) {
return LogEventsList::userCanBitfield(
- $this->entry->getDeleted(), $field, $this->context->getUser() );
+ $this->entry->getDeleted(), $field, $this->context->getUser() ) &&
+ self::canViewLogType();
} else {
- return !$this->entry->isDeleted( $field );
+ return !$this->entry->isDeleted( $field ) && self::canViewLogType();
}
}
--
2.11.0

Event Timeline