Before we were not requiring deletedtext for the main guard against topics on deleted boards. I put up a quick fix for that (https://gerrit.wikimedia.org/r/#/c/209248/1), but it's over-restrictive.
We should require the appropriate one for particular cases. Matthias mentioned blocks and RevisionFormatter::processParam, possibly among others.
Often these are granted together, but there are important exceptions. E.g. the 'researcher' group normally does not have 'deletedtext'.
- Add a new key to FlowActions alongside 'permissions', e.g. coreDeletePermissions, pointing to the core permissions required. E.g.:
'view-topic-summary' => array(
// ... coreDeletePermissions = array( 'deletedtext', 'deletedhistory' ),
- Similar to above, but use 'permissions' with another key (e.g. PostRevision::MODERATED_CORE_DELETION). This would have to be consulted in addition to the other ones.
- Explicitly call $user>isAllowed( 'deletedhistory' ) or $user->isAllowedAll( 'deletedtext', 'deletedhistory' ) directly from various places e.g. TopicBlock.