wikimedia/mediawiki-skins-MinervaNeue
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/skins/MinervaNeue synced 2024-11-24 06:13:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Watchstar should respect viewmywatchlist|editmywatchlist permissions

Browse source 
If viewmywatchlist|editmywatchlist permisions were set to false for
anonymous user, MinervaSkin would show a watchstar icon that links
to LoginPage, even if user was logged in. Clicking watching action
would cause browser to reload the page without any effect.
Under the hood - system would redirect to login, and then the login
page would redirect user back to the article page because user is
logged in.

MinervaSkin should respect viewmywatchlist|editmywatchlist
permissions. If user do not have access to watchlist, do not show
watch icon.

Bug: T221792
Change-Id: I26a1133a7ccff6a4adcdc72d594d0902bfa8ff79
This commit is contained in:
Piotr Miazga 2019-05-23 21:25:39 +02:00 committed by Pmiazga
parent 4a54748cfe
commit 4ec9b06a77
2 changed files with 31 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
includes/skins/SkinMinerva.php
View file

@ -245,6 +245,10 @@ class SkinMinerva extends SkinTemplate {
return $this->isCurrentPageContentModelEditable();
}
if ( $action === 'watch' ) {
return $this->getUser()->isAllowedAll( 'viewmywatchlist', 'editmywatchlist' );
}
if ( $action === 'switch-language' ) {
return $this->doesPageHaveLanguages || $config->get( 'MinervaAlwaysShowLanguageButton' );
}

27
tests/phpunit/skins/SkinMinervaPageActionsTest.php
View file

@ -186,4 +186,31 @@ class SkinMinervaPageActionsTest extends MediaWikiTestCase {
$this->assertEquals( $expected, $this->skin->isAllowedPageAction( 'switch-language' ) );
}
/**
* Watch action requires 'viewmywatchlist' and 'editmywatchlist' permissions
* to be grated. Verify that isAllowedAction('watch') returns false when user
* do not have those permissions granted
* @covers SkinMinerva::isAllowedPageAction
*/
public function test_watch_is_allowed_only_when_watchlist_permissions_are_granted() {
$title = Title::newFromText( 'test_watchstar_permissions' );
$requestContext = RequestContext::getMain();
$requestContext->setTitle( $title );
$userMock = $this->getMockBuilder( 'User' )
->disableOriginalConstructor()
->setMethods( [ 'isAllowedAll' ] )
->getMock();
$userMock->expects( $this->once() )
->method( 'isAllowedAll' )
->with( 'viewmywatchlist', 'editmywatchlist' )
->willReturn( false );
$requestContext->setUser( $userMock );
$result = new TestSkinMinerva();
$result->setContext( $requestContext );
$this->assertTrue( $this->skin->isAllowedPageAction( 'talk' ) );
$this->assertFalse( $this->skin->isAllowedPageAction( 'watch' ) );
}
}