SECURITY: Check permissions before job execution

CVE-2021-41801

Bug: T279090
Change-Id: Ibc299edf626ca9aa1cd9d83b888820f5aca9af7c
This commit is contained in:
RhinosF1 2021-04-21 14:16:18 -05:00 committed by Reedy
parent 21ac670bee
commit b37d68a4c1
2 changed files with 12 additions and 2 deletions

View file

@ -1,6 +1,6 @@
{
"name": "Replace Text",
"version": "1.4.1",
"version": "1.4.2",
"author": [
"Yaron Koren",
"Niklas Laxström",

View file

@ -41,6 +41,17 @@ class ReplaceTextJob extends Job {
* @return bool success
*/
function run() {
// T279090
$current_user = User::newFromId( $this->params['user_id'] );
$permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
if ( !$permissionManager->userCan(
'replacetext', $current_user, $this->title
) ) {
$this->error = 'replacetext: permission no longer valid';
// T279090#6978214
return true;
}
if ( isset( $this->params['session'] ) ) {
$callback = RequestContext::importScopedSession( $this->params['session'] );
$this->addTeardownCallback( function () use ( &$callback ) {
@ -54,7 +65,6 @@ class ReplaceTextJob extends Job {
}
if ( array_key_exists( 'move_page', $this->params ) ) {
$current_user = User::newFromId( $this->params['user_id'] );
$new_title = ReplaceTextSearch::getReplacedTitle(
$this->title,
$this->params['target_str'],