Page MenuHomePhabricator
Files F6828383

T108138-REL1_23.patch
Reedy (Sam Reed)
Actions

Authored By
Reedy
Mar 21 2017, 9:49 PM
Size
5 KB
Referenced Files
None
Subscribers
None

T108138-REL1_23.patch
View Options

From 590aae9e0d8eedf14ec002b21a9b76055d5faa4a Mon Sep 17 00:00:00 2001
From: Brian Wolff <bawolff+wn@gmail.com>
Date: Mon, 13 Jun 2016 03:07:48 -0400
Subject: [PATCH] SECURITY: Do not allow users to undelete a page they can't
edit or create
If the page exists, it only checks edit rights, otherwise it
checks both edit and create rights.
This would only matter on wikis that have a non-default rights
configuration where there are users with undelete rights but a
restriction level enabled that prevents them from creating/editing
pages (or they otherwise aren't allowed to edit/create)
It should be noted that the error messages aren't used in the
normal UI currently, but they could be in the future, and
extensions could potentially be using them (The backend functions
return them, but the UI functions in Special:Undelete ignore
them)
Bug: T108138
Change-Id: I164b80534cf89e0afca264e9de07431484af8508
---
includes/Title.php | 11 +++++++++++
includes/api/ApiUndelete.php | 8 ++++----
languages/i18n/en.json | 4 +++-
languages/i18n/qqq.json | 4 +++-
4 files changed, 21 insertions(+), 6 deletions(-)
diff --git a/includes/Title.php b/includes/Title.php
index a54156f..63df758 100644
--- a/includes/Title.php
+++ b/includes/Title.php
@@ -2250,6 +2250,17 @@ class Title {
) {
$errors[] = array( 'delete-toobig', $wgLang->formatNum( $wgDeleteRevisionsLimit ) );
}
+ } elseif ( $action === 'undelete' ) {
+ if ( count( $this->getUserPermissionsErrorsInternal( 'edit', $user, $rigor, true ) ) ) {
+ // Undeleting implies editing
+ $errors[] = [ 'undelete-cantedit' ];
+ }
+ if ( !$this->exists()
+ && count( $this->getUserPermissionsErrorsInternal( 'create', $user, $rigor, true ) )
+ ) {
+ // Undeleting where nothing currently exists implies creating
+ $errors[] = [ 'undelete-cantcreate' ];
+ }
}
return $errors;
}
diff --git a/includes/api/ApiUndelete.php b/includes/api/ApiUndelete.php
index 332ed51..9177470 100644
--- a/includes/api/ApiUndelete.php
+++ b/includes/api/ApiUndelete.php
@@ -32,10 +32,6 @@ class ApiUndelete extends ApiBase {
public function execute() {
$params = $this->extractRequestParams();
- if ( !$this->getUser()->isAllowed( 'undelete' ) ) {
- $this->dieUsageMsg( 'permdenied-undelete' );
- }
-
if ( $this->getUser()->isBlocked() ) {
$this->dieUsageMsg( 'blockedtext' );
}
@@ -45,6 +41,10 @@ class ApiUndelete extends ApiBase {
$this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) );
}
+ if ( !$titleObj->userCan( 'undelete', $user, 'secure' ) ) {
+ $this->dieUsageMsg( 'permdenied-undelete' );
+ }
+
// Convert timestamps
if ( !isset( $params['timestamps'] ) ) {
$params['timestamps'] = array();
diff --git a/languages/i18n/en.json b/languages/i18n/en.json
index 8b674fa..41427a2 100644
--- a/languages/i18n/en.json
+++ b/languages/i18n/en.json
@@ -3535,5 +3535,7 @@
"expand_templates_generate_rawhtml": "Show raw HTML",
"expand_templates_preview": "Preview",
"expand_templates_preview_fail_html": "<em>Because {{SITENAME}} has raw HTML enabled and there was a loss of session data, the preview is hidden as a precaution against JavaScript attacks.</em>\n\n<strong>If this is a legitimate preview attempt, please try again.</strong>\nIf it still does not work, try [[Special:UserLogout|logging out]] and logging back in.",
- "expand_templates_preview_fail_html_anon": "<em>Because {{SITENAME}} has raw HTML enabled and you are not logged in, the preview is hidden as a precaution against JavaScript attacks.</em>\n\n<strong>If this is a legitimate preview attempt, please [[Special:UserLogin|log in]] and try again.</strong>"
+ "expand_templates_preview_fail_html_anon": "<em>Because {{SITENAME}} has raw HTML enabled and you are not logged in, the preview is hidden as a precaution against JavaScript attacks.</em>\n\n<strong>If this is a legitimate preview attempt, please [[Special:UserLogin|log in]] and try again.</strong>",
+ "undelete-cantedit": "You cannot undelete this page as you are not allowed to edit this page.",
+ "undelete-cantcreate": "You cannot undelete this page as there is no existing page with this name and you are not allowed to create this page."
}
diff --git a/languages/i18n/qqq.json b/languages/i18n/qqq.json
index 4d8fb9b..b9edc3b 100644
--- a/languages/i18n/qqq.json
+++ b/languages/i18n/qqq.json
@@ -3699,5 +3699,7 @@ n* $1 - the action specified in the url.",
"expand_templates_generate_rawhtml": "Used as checkbox label.",
"expand_templates_preview": "{{Identical|Preview}}",
"expand_templates_preview_fail_html": "Used as error message in Preview section of [[Special:ExpandTemplates]] page.",
- "expand_templates_preview_fail_html_anon": "Used as error message in Preview section of [[Special:ExpandTemplates]] page."
+ "expand_templates_preview_fail_html_anon": "Used as error message in Preview section of [[Special:ExpandTemplates]] page.",
+ "undelete-cantedit": "Shown if the user tries to undelete a page that they cannot edit",
+ "undelete-cantcreate": "Shown if the user tries to undelete a page which currently does not exist, and they are not allowed to create it. This could for example happen on a wiki with custom protection levels where the page name has been create-protected and the user has the right to undelete but not the right to edit protected pages."
}
--
2.9.3

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
4492646
Default Alt Text
T108138-REL1_23.patch (5 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL