MediaWiki r9499 - Code Review

Repository:	MediaWiki
Revision:	< r9498‎ \| r9499 (on ViewVC)‎ \| r9500 >
Date:	08:03, 19 June 2005
Author:	vibber
Status:	old
Tags:
Comment:	* Special:Upload now uses 'upload' permission instead of hardcoding login check * Add 'importupload' permission to disable direct uploads to Special:Import
Modified paths:	/trunk/phase3/RELEASE-NOTES (modified) (history) (diff) /trunk/phase3/includes/DefaultSettings.php (modified) (history) (diff) /trunk/phase3/includes/SpecialImport.php (modified) (history) (diff) /trunk/phase3/includes/SpecialUpload.php (modified) (history) (diff) /trunk/phase3/languages/Language.php (modified) (history) (diff)

Diff [purge]

Index: trunk/phase3/includes/SpecialImport.php
—	—	@@ -29,7 +29,7 @@
30	30	* Constructor
31	31	*/
32	32	function wfSpecialImport( $page = '' ) {
33		~~- global $wgOut, $wgLang, $wgRequest, $wgTitle;~~
	33	+ global $wgUser, $wgOut, $wgLang, $wgRequest, $wgTitle;
34	34	global $wgImportSources;
35	35
36	36	###
—	—	@@ -42,7 +42,11 @@
43	43
44	44	switch( $wgRequest->getVal( "source" ) ) {
45	45	case "upload":
46		~~- $result = $importer->setupFromUpload( "xmlimport" );~~
	46	+ if( $wgUser->isAllowed( 'importupload' ) ) {
	47	+ $result = $importer->setupFromUpload( "xmlimport" );
	48	+ } else {
	49	+ return $wgOut->permissionRequired( 'importupload' );
	50	+ }
47	51	break;
48	52	case "interwiki":
49	53	$result = $importer->setupFromInterwiki(
—	—	@@ -68,9 +72,11 @@
69	73	}
70	74	}
71	75
72		~~- $wgOut->addWikiText( "<p>" . wfMsg( "importtext" ) . "</p>" );~~
73	76	$action = $wgTitle->escapeLocalUrl( 'action=submit' );
74		~~- $wgOut->addHTML( "~~
	77	+
	78	+ if( $wgUser->isAllowed( 'importupload' ) ) {
	79	+ $wgOut->addWikiText( "<p>" . wfMsg( "importtext" ) . "</p>" );
	80	+ $wgOut->addHTML( "
75	81	<fieldset>
76	82	<legend>Upload XML</legend>
77	83	<form enctype='multipart/form-data' method='post' action=\"$action\">
—	—	@@ -82,7 +88,12 @@
83	89	</form>
84	90	</fieldset>
85	91	" );
86		-
	92	+ } else {
	93	+ if( empty( $wgImportSources ) ) {
	94	+ $wgOut->addWikiText( wfMsg( 'importnosources' ) );
	95	+ }
	96	+ }
	97	+
87	98	if( !empty( $wgImportSources ) ) {
88	99	$wgOut->addHTML( "
89	100	<fieldset>
Index: trunk/phase3/includes/SpecialUpload.php
—	—	@@ -99,8 +99,7 @@
100	100	}
101	101
102	102	/** Various rights checks */
103		~~- if( ( $wgUser->isAnon() )~~
104		~~- OR $wgUser->isBlocked() ) {~~
	103	+ if( !$wgUser->isAllowed( 'upload' ) \|\| $wgUser->isBlocked() ) {
105	104	$wgOut->errorpage( 'uploadnologin', 'uploadnologintext' );
106	105	return;
107	106	}
Index: trunk/phase3/includes/DefaultSettings.php
—	—	@@ -686,6 +686,7 @@
687	687
688	688	$wgGroupPermissions['user' ]['move'] = true;
689	689	$wgGroupPermissions['user' ]['read'] = true;
	690	+$wgGroupPermissions['user' ]['upload'] = true;
690	691
691	692	$wgGroupPermissions['bot' ]['bot'] = true;
692	693
—	—	@@ -694,10 +695,12 @@
695	696	$wgGroupPermissions['sysop']['delete'] = true;
696	697	$wgGroupPermissions['sysop']['editinterface'] = true;
697	698	$wgGroupPermissions['sysop']['import'] = true;
698		~~-$wgGroupPermissions['sysop']['importraw'] = true;~~
	699	+$wgGroupPermissions['sysop']['importupload'] = true;
	700	+$wgGroupPermissions['user' ]['move'] = true;
699	701	$wgGroupPermissions['sysop']['patrol'] = true;
700	702	$wgGroupPermissions['sysop']['protect'] = true;
701	703	$wgGroupPermissions['sysop']['rollback'] = true;
	704	+$wgGroupPermissions['user' ]['upload'] = true;
702	705
703	706	$wgGroupPermissions['bureaucrat']['userrights'] = true;
704	707
—	—	@@ -1130,8 +1133,11 @@
1131	1134
1132	1135	/**
1133	1136	* List of interwiki prefixes for wikis we'll accept as sources for
1134		~~- * Special:Import (for sysops). Since complete page history# can be imported,~~
	1137	+ * Special:Import (for sysops). Since complete page history can be imported,
1135	1138	* these should be 'trusted'.
	1139	+ *
	1140	+ * If a user has the 'import' permission but not the 'importupload' permission,
	1141	+ * they will only be able to run imports through this transwiki interface.
1136	1142	*/
1137	1143	$wgImportSources = array();
1138	1144
Index: trunk/phase3/RELEASE-NOTES
—	—	@@ -300,6 +300,8 @@
301	301	* badaccess/badaccesstext to supercede sysop, developer messages
302	302	* Changed $wgGroupPermissions to more cut-n-paste-friendly format
303	303	* 'developer' group deprecated by default
	304	+* Special:Upload now uses 'upload' permission instead of hardcoding login check
	305	+* Add 'importupload' permission to disable direct uploads to Special:Import
304	306
305	307
306	308	=== Caveats ===
Index: trunk/phase3/languages/Language.php
—	—	@@ -1656,6 +1656,7 @@
1657	1657	'importnotext' => 'Empty or no text',
1658	1658	'importsuccess' => 'Import succeeded!',
1659	1659	'importhistoryconflict' => 'Conflicting history revision exists (may have imported this page before)',
	1660	+'importnosources' => 'No transwiki import sources have been defined and direct history uploads are disabled.',
1660	1661
1661	1662	# Keyboard access keys for power users
1662	1663	'accesskey-search' => 'f',

Status & tagging log

15:03, 12 September 2011 Meno25 (talk | contribs) changed the status of r9499 [removed: ok added: old]
14:05, 18 June 2009 ^demon (talk | contribs) changed the status of r9499 [removed: new added: ok]

MediaWiki r9499 - Code Review

Diff [purge]

Status & tagging log

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Support

MediaWiki.org

Development

Toolbox