wikimedia/mediawiki-extensions-DiscussionTools
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/DiscussionTools synced 2024-11-12 09:58:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Don't allow query and cookie hacks to enable topic subscriptions"

Browse source
This commit is contained in:
jenkins-bot 2021-04-14 09:06:06 +00:00 committed by Gerrit Code Review
parent ea2493cd80 9420f22e9d
commit 5938e97250
1 changed files with 14 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
includes/Hooks/HookUtils.php
View file

@ -228,19 +228,26 @@ class HookUtils {
}
// ?dtenable=1 overrides all user and title checks
if (
$output->getRequest()->getVal( 'dtenable' ) ||
$queryEnable = $output->getRequest()->getVal( 'dtenable' ) ||
// Extra hack for parses from API, where this parameter isn't passed to derivative requests
RequestContext::getMain()->getRequest()->getVal( 'dtenable' )
) {
RequestContext::getMain()->getRequest()->getVal( 'dtenable' );
// The cookie hack allows users to enable all features when they are not
// yet available on the wiki
$cookieEnable = $output->getRequest()->getCookie( 'discussiontools-tempenable' ) ?: false;
if ( $feature === self::TOPICSUBSCRIPTION ) {
// Can't be enabled via query/cookie, because the tables may not exist yet (T280082)
$queryEnable = false;
$cookieEnable = false;
}
if ( $queryEnable ) {
return true;
}
return static::isAvailableForTitle( $title ) && (
static::isFeatureEnabledForUser( $output->getUser(), $feature ) ||
// The cookie hack allows users to enable all features when they are not
// yet available on the wiki
$output->getRequest()->getCookie( 'discussiontools-tempenable' ) ?: false
$cookieEnable
);
}
}