Page MenuHomePhabricator
Create Task
Maniphest T44142

VisualEditor: Don't offer Edit button when user cannot edit page
Closed, ResolvedPublic
Actions

Description

The VisualEditor interface does not currently recognize page protection. If a user visits a protected page (a page to which he or she does not have access to edit), VisualEditor will still display a working edit form and the first click of the "Save page" button will work. It will produce a dialog box that will present a second "Save page" button that does not work. Ideally, VisualEditor would not let a user get this far without indicating that the page is uneditable.

Related to this, there's no warning for administrators that a page is protected when they're editing the page. This may be a separate bug, however.

Version: unspecified
Severity: normal

Details

Reference
bz42142

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 1:07 AM
bzimport added projects: VE-deploy-2012-12-10, VisualEditor-MediaWiki.
bzimport set Reference to bz42142.
MZMcBride created this task.Nov 15 2012, 5:56 AM
Catrope added a comment.Nov 17 2012, 1:25 AM

We should be able to detect in JS whether the user has the edit permission for this page. One way we can detect this is by checking whether the user gets an edit tab or a view source tab.

Krinkle added a comment.Nov 17 2012, 3:49 AM

We have mw.user.getRights()[async] now in core as well.

Krinkle added a comment.Nov 17 2012, 3:51 AM

And for the current page, I suppose wgRestrictionEdit and wgUserGroups could be used.

Krinkle added a comment.Nov 27 2012, 10:12 PM

I suppose the lazy solution (use the presence of a button outputted by server side) is sufficient, especially given that if someone games it, saving will still fail. Its only for the UI.

Krinkle added a comment.Nov 28 2012, 1:49 AM

If we do that it means we can no longer pseudo-restrict "Edit source" on a different level than "VisualEditor Edit".

e.g. on MediaWiki.org we protected the namespace with sysop, but allowed users to edit it with VE.

Krinkle added a comment.Nov 28 2012, 6:12 PM

That's not a problem I guess, but I noticed while implementing it that it was a matter of removing the code that explicitly ignored the presence of the edit button for sysops.

Change-Id: I3fe29c52b743837c2e1d66f25ccdca6115b8bd25

Jdforrester-WMF added a comment.Nov 28 2012, 6:24 PM

Yeah, well, different "protection" levels for VE and non-VE editors feels like the wrong kind of solution.

Jdforrester-WMF added a project: VisualEditor.Dec 3 2014, 2:23 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL