From e2479d45da6aff3dfe485c990b39bae8c25e5fc4 Mon Sep 17 00:00:00 2001
From: Andrew Garrett <werdna@users.mediawiki.org>
Date: Wed, 8 Feb 2012 01:02:11 +0000
Subject: [PATCH] (bug 33392) Fix issue where users without permission to add
 restricted actions could nonetheless remove them. Patch by Nikola Kovacs,
 with modifications for code style.

---
 Views/AbuseFilterViewEdit.php | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/Views/AbuseFilterViewEdit.php b/Views/AbuseFilterViewEdit.php
index f7923cbc7..5554faf6c 100644
--- a/Views/AbuseFilterViewEdit.php
+++ b/Views/AbuseFilterViewEdit.php
@@ -53,6 +53,7 @@ class AbuseFilterViewEdit extends AbuseFilterView {
 				array( $newRow->mOriginalRow, $newRow->mOriginalActions )
 			);
 
+			$origActions = $newRow->mOriginalActions;
 			unset( $newRow->mOriginalRow );
 			unset( $newRow->mOriginalActions );
 
@@ -64,12 +65,18 @@ class AbuseFilterViewEdit extends AbuseFilterView {
 
 			// Check for restricted actions
 			global $wgAbuseFilterRestrictedActions;
+			$allActions = array_keys( array_merge(
+						array_filter( $actions ),
+						array_filter( $origActions )
+					) );
+
 			if (
-				array_intersect(
-					$wgAbuseFilterRestrictedActions,
-					array_keys( array_filter( $actions ) ) )
-				&& !$user->isAllowed( 'abusefilter-modify-restricted' ) )
-			{
+				count( array_intersect(
+						$wgAbuseFilterRestrictedActions,
+						$allActions
+				) )
+				&& !$user->isAllowed( 'abusefilter-modify-restricted' )
+			) {
 				$out->addHTML(
 					$this->buildFilterEditor(
 						wfMsgExt( 'abusefilter-edit-restricted', 'parse' ),