wikimedia/mediawiki-extensions-Thanks
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/Thanks synced 2024-11-15 02:54:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Security: Disable thank when the user is globally blocked

Browse source 
Bug: T151910
Change-Id: I3f39dd32cb76d1a20c8711d5de88e8fcbc36507d
This commit is contained in:
Amir Sarabadani 2018-07-12 15:51:00 +02:00 committed by Roan Kattouw
parent e059f99e82
commit 8ca5464a16
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
includes/ApiThank.php
View file

@ -13,6 +13,8 @@ abstract class ApiThank extends ApiBase {
$this->dieWithError( [ 'thanks-error-ratelimited', $user->getName() ], 'ratelimited' );
} elseif ( $user->isBlocked() ) {
$this->dieBlocked( $user->getBlock() );
} elseif ( $user->isBlockedGlobally() ) {
$this->dieBlocked( $user->getGlobalBlock() );
}
}

3
includes/ThanksHooks.php
View file

@ -54,6 +54,7 @@ class ThanksHooks {
if ( !$user->isAnon()
&& $recipientId !== $user->getId()
&& !$user->isBlocked()
&& !$user->isBlockedGlobally()
&& self::canReceiveThanks( $recipient )
&& !$rev->isDeleted( Revision::DELETED_TEXT )
&& ( !$oldRev || $rev->getParentId() == $oldRev->getId() )
@ -383,7 +384,7 @@ class ThanksHooks {
global $wgUser;
// Don't thank if anonymous or blocked
if ( $wgUser->isAnon() || $wgUser->isBlocked() ) {
if ( $wgUser->isAnon() || $wgUser->isBlocked() || $wgUser->isBlockedGlobally() ) {
return;
}