Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F7580
bug28363.patch
Public
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
•
bzimport
Nov 21 2014, 11:28 PM
2014-11-21 23:28:39 (UTC+0)
Size
6 KB
Referenced Files
None
Subscribers
None
bug28363.patch
View Options
Index: CheckUser.i18n.php
===================================================================
--- CheckUser.i18n.php (revision 86461)
+++ CheckUser.i18n.php (working copy)
@@ -25,6 +25,7 @@
'group-checkuser-member' => 'Check user',
'right-checkuser' => "Check user's IP addresses and other information",
'right-checkuser-log' => 'View the checkuser log',
+ 'right-checkuser-protect' => 'can not be verified by means of CheckUser',
'grouppage-checkuser' => '{{ns:project}}:Check user',
'checkuser-reason' => 'Reason:',
'checkuser-showlog' => 'Show log',
@@ -76,7 +77,8 @@
'checkuser-ipeditcount' => '~$1 from all users',
'checkuser-log-subpage' => 'Log',
'checkuser-log-return' => 'Return to CheckUser main form',
-
+ 'checkuser-protecteduser' => 'This party is protected and can not be verified by means of CheckUser.',
+
'checkuser-limited' => '\'\'\'These results have been truncated for performance reasons.\'\'\'',
'checkuser-log-userips' => '$1 got IP addresses for $2',
@@ -85,6 +87,8 @@
'checkuser-log-ipedits-xff' => '$1 got edits for XFF $2',
'checkuser-log-ipusers-xff' => '$1 got users for XFF $2',
'checkuser-log-useredits' => '$1 got edits for $2',
+ 'checkuser-log-userips-protected' => '$1 requested IP-addresses for the protected user $2',
+ 'checkuser-log-useredits-protected' => '$1 requested edits for the protected user $2',
'checkuser-autocreate-action' => 'was automatically created',
'checkuser-email-action' => 'sent an email to user "$1"',
Index: CheckUser.php
===================================================================
--- CheckUser.php (revision 86461)
+++ CheckUser.php (working copy)
@@ -38,6 +38,7 @@
// 'checkuser-log' is required to view the private log of checkuser checks
$wgAvailableRights[] = 'checkuser';
$wgAvailableRights[] = 'checkuser-log';
+$wgAvailableRights[] = 'checkuser-protect';
$wgGroupPermissions['checkuser']['checkuser'] = true;
$wgGroupPermissions['checkuser']['checkuser-log'] = true;
Index: CheckUser_body.php
===================================================================
--- CheckUser_body.php (revision 86461)
+++ CheckUser_body.php (working copy)
@@ -403,7 +403,15 @@
}
# Get ID, works better than text as user may have been renamed
$user_id = User::idFromName( $user );
-
+
+ if ( $user_object->isAllowed( 'checkuser-protect' ) ) {
+ if ( !$this->addLogEntry( 'userips-protected', 'user', $user, $reason, $user_id ) ) {
+ $wgOut->addHTML( '<p>' . wfMsgHtml( 'checkuser-log-fail' ) . '</p>' );
+ }
+ $wgOut->addWikiMsg( 'checkuser-protecteduser' );
+ return;
+ }
+
# If user is not IP or nonexistent
if ( !$user_id ) {
// FIXME: addWikiMsg
@@ -656,7 +664,15 @@
$wgOut->addHTML( wfMsgExt( 'checkuser-limited', array( 'parse' ) ) );
break;
}
- $s .= $this->CUChangesLine( $row, $reason );
+
+ $user_object = User::newFromName($row->cuc_user_text);
+
+ if ( $user_object->isAllowed( 'checkuser-protect' ) ) {
+ # protected
+ } else {
+ $s .= $this->CUChangesLine( $row, $reason );
+ }
+
++$counter;
}
$s .= '</ul></div>';
@@ -687,6 +703,14 @@
# Get ID, works better than text as user may have been renamed
$user_id = User::idFromName( $user );
+ if ( $user_object->isAllowed( 'checkuser-protect' ) ) {
+ if ( !$this->addLogEntry( 'userips-protected', 'user', $user, $reason, $user_id ) ) {
+ $wgOut->addHTML( '<p>' . wfMsgHtml( 'checkuser-log-fail' ) . '</p>' );
+ }
+ $wgOut->addWikiMsg( 'checkuser-protecteduser' );
+ return;
+ }
+
# If user is not IP or nonexistent
if ( !$user_id ) {
$s = wfMsgExt( 'nosuchusershort', array( 'parse' ), $user );
@@ -901,28 +925,35 @@
$s = $this->noMatchesMessage( $ip, !$xfor ) . "\n";
} else {
global $wgAuth;
- while ( ( $row = $dbr->fetchObject( $ret ) ) != false ) {
- if ( !array_key_exists( $row->cuc_user_text, $users_edits ) ) {
- $users_last[$row->cuc_user_text] = $row->cuc_timestamp;
- $users_edits[$row->cuc_user_text] = 0;
- $users_ids[$row->cuc_user_text] = $row->cuc_user;
- $users_infosets[$row->cuc_user_text] = array();
- $users_agentsets[$row->cuc_user_text] = array();
- }
- $users_edits[$row->cuc_user_text] += 1;
- $users_first[$row->cuc_user_text] = $row->cuc_timestamp;
- # Treat blank or NULL xffs as empty strings
- $xff = empty( $row->cuc_xff ) ? null : $row->cuc_xff;
- $xff_ip_combo = array( $row->cuc_ip, $xff );
- # Add this IP/XFF combo for this username if it's not already there
- if ( !in_array( $xff_ip_combo, $users_infosets[$row->cuc_user_text] ) ) {
- $users_infosets[$row->cuc_user_text][] = $xff_ip_combo;
- }
- # Add this agent string if it's not already there; 10 max.
- if ( count( $users_agentsets[$row->cuc_user_text] ) < 10 ) {
- if ( !in_array( $row->cuc_agent, $users_agentsets[$row->cuc_user_text] ) ) {
- $users_agentsets[$row->cuc_user_text][] = $row->cuc_agent;
+ while( ( $row = $dbr->fetchObject( $ret ) ) != false ) {
+ $user_object = User::newFromName($row->cuc_user_text);
+
+ if ( $user_object->isAllowed( 'checkuser-protect' ) ) {
+ # protected
+ } else {
+ if( !array_key_exists( $row->cuc_user_text, $users_edits ) ) {
+ $users_last[$row->cuc_user_text] = $row->cuc_timestamp;
+ $users_edits[$row->cuc_user_text] = 0;
+ $users_ids[$row->cuc_user_text] = $row->cuc_user;
+ $users_infosets[$row->cuc_user_text] = array();
+ $users_agentsets[$row->cuc_user_text] = array();
}
+
+ $users_edits[$row->cuc_user_text] += 1;
+ $users_first[$row->cuc_user_text] = $row->cuc_timestamp;
+ # Treat blank or NULL xffs as empty strings
+ $xff = empty( $row->cuc_xff ) ? null : $row->cuc_xff;
+ $xff_ip_combo = array( $row->cuc_ip, $xff );
+ # Add this IP/XFF combo for this username if it's not already there
+ if( !in_array( $xff_ip_combo, $users_infosets[$row->cuc_user_text] ) ) {
+ $users_infosets[$row->cuc_user_text][] = $xff_ip_combo;
+ }
+ # Add this agent string if it's not already there; 10 max.
+ if( count( $users_agentsets[$row->cuc_user_text] ) < 10 ) {
+ if( !in_array( $row->cuc_agent, $users_agentsets[$row->cuc_user_text] ) ) {
+ $users_agentsets[$row->cuc_user_text][] = $row->cuc_agent;
+ }
+ }
}
}
$dbr->freeResult( $ret );
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
7109
Default Alt Text
bug28363.patch (6 KB)
Attached To
Mode
T30363: Allow per-user or per-group exemptions from the use of CheckUser
Attached
Detach File
Event Timeline
Log In to Comment