Page MenuHomePhabricator
Create Task
Maniphest T8927

User login requested if not allowed to read
Closed, ResolvedPublic
Actions

Description

Author: carl.duisberg

Description:
Using $wgGroupPermissions normal user can be disallowed to read pages that are
not in $wgProxyWhitelist. The following coding is found in article.php:

			if ( !$this->mTitle->userCanRead() ) {
				$wgOut->loginToUse();
				$wgOut->output();
				exit;
			}

This asks a user who is already logged in but does not have read privelege to logon.

Solution:
If a user is logged in and has not read privilege send an approriate message:

$wgOut->permissionRequired( $permission );

Version: unspecified
Severity: normal

Details

Reference
bz6927

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:16 PM
bzimport added a project: MediaWiki-Parser.
bzimport set Reference to bz6927.
bzimport created this task.Aug 4 2006, 10:37 PM
bzimport added a comment.Aug 4 2006, 11:46 PM

carl.duisberg wrote:

Show necessary privileges to read for logged in users.

This patch solves the problem in mediawiki 1.8 alpha.

attachment patch_for_bug_6927.txt ignored as obsolete

bzimport added a comment.Aug 5 2006, 12:00 AM

carl.duisberg wrote:

Show necessary privileges to read for logged in users.

Checked in mediawiki 1.8 alpha

attachment bug6927.diff ignored as obsolete

brooke added a comment.Aug 31 2006, 4:59 PM

This looks like it'll produce some ugly output with wfMsg("group-$group-member") if there is
no such message defined for the group. I'd recommend using the existing function for getting
visible group names.

More generally, it maybe would make more sense to consolidate this sort of display, rather
than making every permission error page separately look up group lists?

bzimport added a comment.Sep 5 2006, 6:38 PM

carl.duisberg wrote:

(In reply to comment #3)
The applicable function is:
user::getGroupName( $group )

bzimport added a comment.Sep 6 2006, 4:31 PM

rotemliss wrote:

Comment on attachment 2198
Show necessary privileges to read for logged in users.

This patch cannot be used now, since OutputPage::permissionRequired was changed
in r15994, and this hack will no longer work.

bzimport added a comment.Sep 6 2006, 5:20 PM

rotemliss wrote:

Fixed in r16428.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL