mirror of
https://gerrit.wikimedia.org/r/mediawiki/skins/MinervaNeue
synced 2024-11-17 19:21:39 +00:00
700b1c43e9
Previously it always used the global context RequestContext::getMain(), which is basically equivalent to using $wgTitle or $wgUser, and will not produce the correct results when used in other situations than regular web requests (e.g. API requests or jobs). MinervaPagePermissions is required to parse pages (due to the custom section edit links in SkinMinerva::doEditSectionLink), which is often done in API requests or jobs. Pass the appropriate context in SkinMinerva::getPermissions(). This fixes T234868. Note that MinervaPagePermissions is also used elsewhere and I am not fixing those cases. Depends-On: Iaa83e5f801c7776bf8218d8ce7484e2485b227d4 Bug: T234868 Change-Id: I2d6fd525f20a0b6beeeaa731f6b8caa471b8529d
229 lines
6.1 KiB
PHP
229 lines
6.1 KiB
PHP
<?php
|
|
/**
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
* http://www.gnu.org/copyleft/gpl.html
|
|
*
|
|
* @file
|
|
*/
|
|
namespace MediaWiki\Minerva\Permissions;
|
|
|
|
use Config;
|
|
use ConfigException;
|
|
use ContentHandler;
|
|
use IContextSource;
|
|
use MediaWiki\Minerva\LanguagesHelper;
|
|
use MediaWiki\Minerva\SkinOptions;
|
|
use MediaWiki\Permissions\PermissionManager;
|
|
use Title;
|
|
use User;
|
|
|
|
/**
|
|
* A wrapper for all available Minerva permissions.
|
|
*/
|
|
final class MinervaPagePermissions implements IMinervaPagePermissions {
|
|
|
|
/**
|
|
* @var Title Current page title
|
|
*/
|
|
private $title;
|
|
/**
|
|
* @var Config Extension config
|
|
*/
|
|
private $config;
|
|
|
|
/**
|
|
* @var User user object
|
|
*/
|
|
private $user;
|
|
|
|
/**
|
|
* @var ContentHandler
|
|
*/
|
|
private $contentHandler;
|
|
|
|
/**
|
|
* @var SkinOptions Minerva skin options
|
|
*/
|
|
private $skinOptions;
|
|
|
|
/**
|
|
* @var LanguagesHelper
|
|
*/
|
|
private $languagesHelper;
|
|
|
|
/**
|
|
* @var PermissionManager MediaWiki Core PermissionManager
|
|
*/
|
|
private $permissionManager;
|
|
|
|
/**
|
|
* Initialize internal Minerva Permissions system
|
|
* @param SkinOptions $skinOptions Skin options`
|
|
* @param LanguagesHelper $languagesHelper
|
|
* @param PermissionManager $permissionManager
|
|
*/
|
|
public function __construct(
|
|
SkinOptions $skinOptions,
|
|
LanguagesHelper $languagesHelper,
|
|
PermissionManager $permissionManager
|
|
) {
|
|
$this->skinOptions = $skinOptions;
|
|
$this->languagesHelper = $languagesHelper;
|
|
$this->permissionManager = $permissionManager;
|
|
}
|
|
|
|
/**
|
|
* @param IContextSource $context
|
|
* @param ContentHandler|null $contentHandler (for unit tests only)
|
|
* @return $this
|
|
*/
|
|
public function setContext( IContextSource $context, ContentHandler $contentHandler = null ) {
|
|
$this->title = $context->getTitle();
|
|
$this->config = $context->getConfig();
|
|
$this->user = $context->getUser();
|
|
// Title may be undefined in certain contexts (T179833)
|
|
// TODO: Check if this is still true if we always pass a context instead of using global one
|
|
if ( $this->title ) {
|
|
$this->contentHandler = $contentHandler ?: ContentHandler::getForTitle( $this->title );
|
|
}
|
|
return $this;
|
|
}
|
|
|
|
/**
|
|
* Gets whether or not the action is allowed.
|
|
*
|
|
* Actions isn't allowed when:
|
|
* <ul>
|
|
* <li>
|
|
* the action is disabled (by removing it from the <code>MinervaPageActions</code>
|
|
* configuration variable; or
|
|
* </li>
|
|
* <li>the user is on the main page</li>
|
|
* </ul>
|
|
*
|
|
* The "edit" action is not allowed if editing is not possible on the page
|
|
* @see method isCurrentPageContentModelEditable
|
|
*
|
|
* The "switch-language" is allowed if there are interlanguage links on the page,
|
|
* or <code>$wgMinervaAlwaysShowLanguageButton</code> is truthy.
|
|
*
|
|
* @inheritDoc
|
|
* @throws ConfigException
|
|
*/
|
|
public function isAllowed( $action ) {
|
|
global $wgHideInterlanguageLinks;
|
|
|
|
if ( !$this->title ) {
|
|
return false;
|
|
}
|
|
|
|
// T206406: Enable "Talk" or "Discussion" button on Main page, also, not forgetting
|
|
// the "switch-language" button. But disable "edit" and "watch" actions.
|
|
if ( $this->title->isMainPage() ) {
|
|
if ( !in_array( $action, $this->config->get( 'MinervaPageActions' ) ) ) {
|
|
return false;
|
|
}
|
|
if ( $action === self::SWITCH_LANGUAGE ) {
|
|
return !$wgHideInterlanguageLinks;
|
|
}
|
|
return $action === self::TALK;
|
|
}
|
|
|
|
if ( $action === self::HISTORY && $this->title->exists() ) {
|
|
return $this->skinOptions->get( SkinOptions::HISTORY_IN_PAGE_ACTIONS );
|
|
}
|
|
|
|
if ( $action === SkinOptions::TOOLBAR_SUBMENU ) {
|
|
return $this->skinOptions->get( SkinOptions::TOOLBAR_SUBMENU );
|
|
}
|
|
|
|
if ( $action === self::EDIT_OR_CREATE ) {
|
|
return $this->canEditOrCreate();
|
|
}
|
|
|
|
if ( !in_array( $action, $this->config->get( 'MinervaPageActions' ) ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( $action === self::CONTENT_EDIT ) {
|
|
return $this->isCurrentPageContentModelEditable();
|
|
}
|
|
|
|
if ( $action === self::WATCH ) {
|
|
return $this->title->isWatchable()
|
|
? $this->user->isAllowedAll( 'viewmywatchlist', 'editmywatchlist' )
|
|
: false;
|
|
}
|
|
|
|
if ( $action === self::SWITCH_LANGUAGE ) {
|
|
if ( $wgHideInterlanguageLinks ) {
|
|
return false;
|
|
}
|
|
return $this->languagesHelper->doesTitleHasLanguagesOrVariants( $this->title ) ||
|
|
$this->config->get( 'MinervaAlwaysShowLanguageButton' );
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* @inheritDoc
|
|
*/
|
|
public function isTalkAllowed() {
|
|
if ( !$this->title ) {
|
|
return false;
|
|
}
|
|
|
|
return $this->isAllowed( self::TALK ) &&
|
|
( $this->title->isTalkPage() || $this->title->canHaveTalkPage() ) &&
|
|
$this->user->isLoggedIn();
|
|
}
|
|
|
|
/**
|
|
* Checks whether the editor can handle the existing content handler type.
|
|
*
|
|
* @return bool
|
|
*/
|
|
protected function isCurrentPageContentModelEditable() {
|
|
return $this->contentHandler
|
|
&& $this->contentHandler->supportsDirectEditing()
|
|
&& $this->contentHandler->supportsDirectApiEditing();
|
|
}
|
|
|
|
/**
|
|
* Returns true if $title page exists and is editable or is creatable by $user as determined by
|
|
* quick checks.
|
|
* @return bool
|
|
*/
|
|
private function canEditOrCreate() {
|
|
if ( !$this->title ) {
|
|
return false;
|
|
}
|
|
|
|
$userQuickEditCheck =
|
|
$this->permissionManager->userCan(
|
|
'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK
|
|
) && (
|
|
$this->title->exists() ||
|
|
$this->permissionManager->userCan(
|
|
'create', $this->user, $this->title, PermissionManager::RIGOR_QUICK
|
|
)
|
|
);
|
|
$blocked = $this->user->isAnon() ? false : $this->permissionManager->isBlockedFrom(
|
|
$this->user, $this->title, true
|
|
);
|
|
return $this->isCurrentPageContentModelEditable() && $userQuickEditCheck && !$blocked;
|
|
}
|
|
}
|