Page MenuHomePhabricator

Users without supression right should be able to revdel aspects of an edit that are not suppressed
Closed, DuplicatePublic

Description

Take an edit, and suppress its edit summary using an account with suppression right (i.e. Oversight).

Now, using another account that has revision deletion rights (i.e. Sysop) try to change the visibility of the username for that edit. You will get a permission error.

You do not have permission to review and restore hidden revisions, for the following reason:

The action you have requested is limited to users in the group: Oversighters.

While the sysop should not be able to see or change the visibility of the edit summary, they should still be able to see and change visibility of the revision text text or the username.

Event Timeline

Huji created this task.Jul 1 2020, 3:08 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 1 2020, 3:08 PM
Proc added a subscriber: Proc.Jul 1 2020, 3:17 PM
Proc added a comment.Jul 1 2020, 9:12 PM

Having taken a quick look at this, seems to be due to the $item->canView() checks failing (eg at SpecialRevisionDelete::showForm, line 420). That function is in RevDelRevisionItem, line 81:

return RevisionRecord::userCanBitfield(
	$this->getRevisionRecord()->getVisibility(),
	RevisionRecord::DELETED_RESTRICTED,
	$this->list->getUser()
);

Would probably have to do a couple of bit checks, but seems do-able - the various different fields suppressed result in a different bit value. Perhaps in a duplicate function, since canView can't take a parameter.