diff options
| author | Cindy Cicalese <cindom@gmail.com> | 2021-01-11 10:26:02 -0500 |
|---|---|---|
| committer | Cicalese <ccicalese@wikimedia.org> | 2021-02-23 14:31:14 +0000 |
| commit | f6e1891c6f36a4fb4248512e1a21d65bb56138cf (patch) | |
| tree | f63ff2a44bd7c774197ab37795c7fc7fe225d31c /includes/api/ApiQueryFilearchive.php | |
| parent | 9cd7d35500b20e7c72903d2688fad9f7ed45af96 (diff) | |
| download | mediawikicore-f6e1891c6f36a4fb4248512e1a21d65bb56138cf.tar.gz mediawikicore-f6e1891c6f36a4fb4248512e1a21d65bb56138cf.zip | |
Use Authority and GroupPermissionLookup in Action API
Replaces calls directly to PermissionManager with calls to
the Authority object available from Context or the
GroupPermissionLookup service.
This patch does not address use of PermissionManager for
blocks.
Deprecations:
- ApiBase::checkUserRightsAny deprecated passing optional
User parameter
- ApiBase::checkTitleUserPermissions deprecated passing
LinkTarget as first parameter, takes PageIdentity instead
Bug: T271462
Bug: T271854
Change-Id: I5d7cac1c28a37e074750c46cda03283980a07fca
Diffstat (limited to 'includes/api/ApiQueryFilearchive.php')
| -rw-r--r-- | includes/api/ApiQueryFilearchive.php | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/includes/api/ApiQueryFilearchive.php b/includes/api/ApiQueryFilearchive.php index 5742c0860be5..2e3f6cc26bce 100644 --- a/includes/api/ApiQueryFilearchive.php +++ b/includes/api/ApiQueryFilearchive.php @@ -57,14 +57,10 @@ class ApiQueryFilearchive extends ApiQueryBase { $fld_bitdepth = isset( $prop['bitdepth'] ); $fld_archivename = isset( $prop['archivename'] ); - if ( $fld_description && - !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) - ) { + if ( $fld_description && !$this->getAuthority()->isAllowed( 'deletedhistory' ) ) { $this->dieWithError( 'apierror-cantview-deleted-description', 'permissiondenied' ); } - if ( $fld_metadata && - !$this->getPermissionManager()->userHasAnyRight( $user, 'deletedtext', 'undelete' ) - ) { + if ( $fld_metadata && !$this->getAuthority()->isAllowedAny( 'deletedtext', 'undelete' ) ) { $this->dieWithError( 'apierror-cantview-deleted-metadata', 'permissiondenied' ); } @@ -119,11 +115,9 @@ class ApiQueryFilearchive extends ApiQueryBase { if ( $sha1 ) { $this->addWhereFld( 'fa_sha1', $sha1 ); // Paranoia: avoid brute force searches (T19342) - if ( !$this->getPermissionManager()->userHasRight( $user, 'deletedtext' ) ) { + if ( !$this->getAuthority()->isAllowed( 'deletedtext' ) ) { $bitmask = File::DELETED_FILE; - } elseif ( !$this->getPermissionManager() - ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) - ) { + } elseif ( !$this->getAuthority()->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) { $bitmask = File::DELETED_FILE | File::DELETED_RESTRICTED; } else { $bitmask = 0; |