diff options
| author | Petr Pchelko <ppchelko@wikimedia.org> | 2019-08-20 19:01:06 -0700 |
|---|---|---|
| committer | Petr Pchelko <ppchelko@wikimedia.org> | 2019-09-11 16:00:03 -0700 |
| commit | 7b4eafda0d986180d20f37f2489b70e8eca00df4 (patch) | |
| tree | fd0179afe8958ff2546a47dae6d618c6357dcac3 /includes/specials | |
| parent | f379b3f897d54623b6bb8e62fabdb64a7a6a6158 (diff) | |
| download | mediawikicore-7b4eafda0d986180d20f37f2489b70e8eca00df4.tar.gz mediawikicore-7b4eafda0d986180d20f37f2489b70e8eca00df4.zip | |
Replace usages of deprecated User::isAllowed. Step 2.
Bug: T220191
Depends-On: I509cd88355cfd0cc074f4135ec86399b4075f89f
Change-Id: I2341e6f1d108c92924620fba3c64ec090cb09918
Diffstat (limited to 'includes/specials')
38 files changed, 270 insertions, 103 deletions
diff --git a/includes/specials/SpecialApiSandbox.php b/includes/specials/SpecialApiSandbox.php index 9e496845f8e0..f4a33c8c54c5 100644 --- a/includes/specials/SpecialApiSandbox.php +++ b/includes/specials/SpecialApiSandbox.php @@ -21,6 +21,8 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; + /** * @ingroup SpecialPage * @since 1.27 @@ -35,7 +37,10 @@ class SpecialApiSandbox extends SpecialPage { $out = $this->getOutput(); $this->addHelpLink( 'Help:ApiSandbox' ); - $out->addJsConfigVars( 'apihighlimits', $this->getUser()->isAllowed( 'apihighlimits' ) ); + $out->addJsConfigVars( 'apihighlimits', MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'apihighlimits' ) + ); $out->addModuleStyles( [ 'mediawiki.special', 'mediawiki.hlist', diff --git a/includes/specials/SpecialAutoblockList.php b/includes/specials/SpecialAutoblockList.php index 34c3371bf269..3f98e93045aa 100644 --- a/includes/specials/SpecialAutoblockList.php +++ b/includes/specials/SpecialAutoblockList.php @@ -21,6 +21,8 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; + /** * A special page that lists autoblocks * @@ -81,7 +83,10 @@ class SpecialAutoblockList extends SpecialPage { 'ipb_parent_block_id IS NOT NULL' ]; # Is the user allowed to see hidden blocks? - if ( !$this->getUser()->isAllowed( 'hideuser' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'hideuser' ) + ) { $conds['ipb_deleted'] = 0; } diff --git a/includes/specials/SpecialBlock.php b/includes/specials/SpecialBlock.php index 07214af4fa43..1b0db7345c4c 100644 --- a/includes/specials/SpecialBlock.php +++ b/includes/specials/SpecialBlock.php @@ -25,6 +25,7 @@ use MediaWiki\Block\DatabaseBlock; use MediaWiki\Block\Restriction\PageRestriction; use MediaWiki\Block\Restriction\NamespaceRestriction; use MediaWiki\MediaWikiServices; +use MediaWiki\User\UserIdentity; /** * A special page that allows users with 'block' right to block users from @@ -269,7 +270,10 @@ class SpecialBlock extends FormSpecialPage { ]; # Allow some users to hide name from block log, blocklist and listusers - if ( $user->isAllowed( 'hideuser' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'hideuser' ) + ) { $a['HideUser'] = [ 'type' => 'check', 'label-message' => 'ipbhidename', @@ -363,7 +367,10 @@ class SpecialBlock extends FormSpecialPage { // If the username was hidden (ipb_deleted == 1), don't show the reason // unless this user also has rights to hideuser: T37839 - if ( !$block->getHideName() || $this->getUser()->isAllowed( 'hideuser' ) ) { + if ( !$block->getHideName() || MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'hideuser' ) + ) { $fields['Reason']['default'] = $block->getReason(); } else { $fields['Reason']['default'] = ''; @@ -545,7 +552,8 @@ class SpecialBlock extends FormSpecialPage { $user = $this->getUser(); # Link to edit the block dropdown reasons, if applicable - if ( $user->isAllowed( 'editinterface' ) ) { + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); + if ( $permissionManager->userHasRight( $user, 'editinterface' ) ) { $links[] = $linkRenderer->makeKnownLink( $this->msg( 'ipbreason-dropdown' )->inContentLanguage()->getTitle(), $this->msg( 'ipb-edit-dropdown' )->text(), @@ -579,7 +587,7 @@ class SpecialBlock extends FormSpecialPage { $text .= $out; # Add suppression block entries if allowed - if ( $user->isAllowed( 'suppressionlog' ) ) { + if ( $permissionManager->userHasRight( $user, 'suppressionlog' ) ) { LogEventsList::showLogExtract( $out, 'suppress', @@ -828,7 +836,10 @@ class SpecialBlock extends FormSpecialPage { } if ( $data['HideUser'] ) { - if ( !$performer->isAllowed( 'hideuser' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $performer, 'hideuser' ) + ) { # this codepath is unreachable except by a malicious user spoofing forms, # or by race conditions (user has hideuser and block rights, loads block form, # and loses hideuser rights before submission); so need to fail completely @@ -938,7 +949,10 @@ class SpecialBlock extends FormSpecialPage { } # If the name was hidden and the blocking user cannot hide # names, then don't allow any block changes... - if ( $currentBlock->getHideName() && !$performer->isAllowed( 'hideuser' ) ) { + if ( $currentBlock->getHideName() && !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $performer, 'hideuser' ) + ) { return [ 'cant-see-hidden-user' ]; } @@ -1106,13 +1120,15 @@ class SpecialBlock extends FormSpecialPage { /** * Can we do an email block? - * @param User $user The sysop wanting to make a block + * @param UserIdentity $user The sysop wanting to make a block * @return bool */ - public static function canBlockEmail( $user ) { + public static function canBlockEmail( UserIdentity $user ) { global $wgEnableUserEmail, $wgSysopEmailBans; - return ( $wgEnableUserEmail && $wgSysopEmailBans && $user->isAllowed( 'blockemail' ) ); + return ( $wgEnableUserEmail && $wgSysopEmailBans && MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'blockemail' ) ); } /** @@ -1138,7 +1154,10 @@ class SpecialBlock extends FormSpecialPage { if ( $performer->getBlock() ) { if ( $target instanceof User && $target->getId() == $performer->getId() ) { # User is trying to unblock themselves - if ( $performer->isAllowed( 'unblockself' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $performer, 'unblockself' ) + ) { return true; # User blocked themselves and is now trying to reverse it } elseif ( $performer->blockedBy() === $performer->getName() ) { diff --git a/includes/specials/SpecialBlockList.php b/includes/specials/SpecialBlockList.php index 638535940da8..2dd682f3052c 100644 --- a/includes/specials/SpecialBlockList.php +++ b/includes/specials/SpecialBlockList.php @@ -22,6 +22,7 @@ */ use MediaWiki\Block\DatabaseBlock; +use MediaWiki\MediaWikiServices; /** * A special page that lists existing blocks @@ -139,7 +140,10 @@ class SpecialBlockList extends SpecialPage { $conds = []; $db = $this->getDB(); # Is the user allowed to see hidden blocks? - if ( !$this->getUser()->isAllowed( 'hideuser' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'hideuser' ) + ) { $conds['ipb_deleted'] = 0; } diff --git a/includes/specials/SpecialBrokenRedirects.php b/includes/specials/SpecialBrokenRedirects.php index 9431cefbafcb..392b4e970d0f 100644 --- a/includes/specials/SpecialBrokenRedirects.php +++ b/includes/specials/SpecialBrokenRedirects.php @@ -21,6 +21,7 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; use Wikimedia\Rdbms\IResultWrapper; use Wikimedia\Rdbms\IDatabase; @@ -114,6 +115,8 @@ class SpecialBrokenRedirects extends QueryPage { } $linkRenderer = $this->getLinkRenderer(); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); + // $toObj may very easily be false if the $result list is cached if ( !is_object( $toObj ) ) { return '<del>' . $linkRenderer->makeLink( $fromObj ) . '</del>'; @@ -129,7 +132,7 @@ class SpecialBrokenRedirects extends QueryPage { // if the page is editable, add an edit link if ( // check user permissions - $this->getUser()->isAllowed( 'edit' ) && + $permissionManager->userHasRight( $this->getUser(), 'edit' ) && // check, if the content model is editable through action=edit ContentHandler::getForTitle( $fromObj )->supportsDirectEditing() ) { @@ -145,7 +148,7 @@ class SpecialBrokenRedirects extends QueryPage { $out = $from . $this->msg( 'word-separator' )->escaped(); - if ( $this->getUser()->isAllowed( 'delete' ) ) { + if ( $permissionManager->userHasRight( $this->getUser(), 'delete' ) ) { $links[] = $linkRenderer->makeKnownLink( $fromObj, $this->msg( 'brokenredirects-delete' )->text(), diff --git a/includes/specials/SpecialChangeContentModel.php b/includes/specials/SpecialChangeContentModel.php index 01f7e567699c..46fa17e054d4 100644 --- a/includes/specials/SpecialChangeContentModel.php +++ b/includes/specials/SpecialChangeContentModel.php @@ -1,5 +1,7 @@ <?php +use MediaWiki\MediaWikiServices; + class SpecialChangeContentModel extends FormSpecialPage { public function __construct() { @@ -226,7 +228,10 @@ class SpecialChangeContentModel extends FormSpecialPage { $flags = $this->oldRevision ? EDIT_UPDATE : EDIT_NEW; $flags |= EDIT_INTERNAL; - if ( $user->isAllowed( 'bot' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'bot' ) + ) { $flags |= EDIT_FORCE_BOT; } diff --git a/includes/specials/SpecialChangeEmail.php b/includes/specials/SpecialChangeEmail.php index c95aa1b558bb..7331cd7c2bee 100644 --- a/includes/specials/SpecialChangeEmail.php +++ b/includes/specials/SpecialChangeEmail.php @@ -23,6 +23,7 @@ use MediaWiki\Auth\AuthManager; use MediaWiki\Logger\LoggerFactory; +use MediaWiki\MediaWikiServices; /** * Let users change their email address. @@ -74,7 +75,10 @@ class SpecialChangeEmail extends FormSpecialPage { // This could also let someone check the current email address, so // require both permissions. - if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'viewmyprivateinfo' ) + ) { throw new PermissionsError( 'viewmyprivateinfo' ); } diff --git a/includes/specials/SpecialConfirmEmail.php b/includes/specials/SpecialConfirmEmail.php index f86a133a1325..2c42cd386adb 100644 --- a/includes/specials/SpecialConfirmEmail.php +++ b/includes/specials/SpecialConfirmEmail.php @@ -21,6 +21,8 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; + /** * Special page allows users to request email confirmation message, and handles * processing of the confirmation code when the link in the email is followed @@ -57,7 +59,10 @@ class SpecialConfirmEmail extends UnlistedSpecialPage { // This could also let someone check the current email address, so // require both permissions. - if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'viewmyprivateinfo' ) + ) { throw new PermissionsError( 'viewmyprivateinfo' ); } diff --git a/includes/specials/SpecialContributions.php b/includes/specials/SpecialContributions.php index 40c0edf542a0..e8b85fa024a0 100644 --- a/includes/specials/SpecialContributions.php +++ b/includes/specials/SpecialContributions.php @@ -126,7 +126,10 @@ class SpecialContributions extends IncludableSpecialPage { // Allows reverts to have the bot flag in recent changes. It is just here to // be passed in the form at the top of the page - if ( $user->isAllowed( 'markbotedits' ) && $request->getBool( 'bot' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'markbotedits' ) && $request->getBool( 'bot' ) + ) { $this->opts['bot'] = '1'; } @@ -373,7 +376,9 @@ class SpecialContributions extends IncludableSpecialPage { ); } - if ( $sp->getUser()->isAllowed( 'block' ) ) { # Block / Change block / Unblock links + # Block / Change block / Unblock links + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); + if ( $permissionManager->userHasRight( $sp->getUser(), 'block' ) ) { if ( $target->getBlock() && $target->getBlock()->getType() != DatabaseBlock::TYPE_AUTO ) { $tools['block'] = $linkRenderer->makeKnownLink( # Change block link SpecialPage::getTitleFor( 'Block', $username ), @@ -400,7 +405,7 @@ class SpecialContributions extends IncludableSpecialPage { ); # Suppression log link (T61120) - if ( $sp->getUser()->isAllowed( 'suppressionlog' ) ) { + if ( $permissionManager->userHasRight( $sp->getUser(), 'suppressionlog' ) ) { $tools['log-suppression'] = $linkRenderer->makeKnownLink( SpecialPage::getTitleFor( 'Log', 'suppress' ), $sp->msg( 'sp-contributions-suppresslog', $username )->text(), @@ -412,7 +417,7 @@ class SpecialContributions extends IncludableSpecialPage { # Don't show some links for IP ranges if ( !$isRange ) { # Uploads: hide if IPs cannot upload (T220674) - if ( !$isIP || $target->isAllowed( 'upload' ) ) { + if ( !$isIP || $permissionManager->userHasRight( $target, 'upload' ) ) { $tools['uploads'] = $linkRenderer->makeKnownLink( SpecialPage::getTitleFor( 'Listfiles', $username ), $sp->msg( 'sp-contributions-uploads' )->text() @@ -428,7 +433,7 @@ class SpecialContributions extends IncludableSpecialPage { # Add link to deleted user contributions for priviledged users # Todo: T183457 - if ( $sp->getUser()->isAllowed( 'deletedhistory' ) ) { + if ( $permissionManager->userHasRight( $sp->getUser(), 'deletedhistory' ) ) { $tools['deletedcontribs'] = $linkRenderer->makeKnownLink( SpecialPage::getTitleFor( 'DeletedContributions', $username ), $sp->msg( 'sp-contributions-deleted', $username )->text() @@ -628,7 +633,10 @@ class SpecialContributions extends IncludableSpecialPage { $filters = []; - if ( $this->getUser()->isAllowed( 'deletedhistory' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'deletedhistory' ) + ) { $filters[] = Html::rawElement( 'span', [ 'class' => 'mw-input-with-label' ], diff --git a/includes/specials/SpecialCreateAccount.php b/includes/specials/SpecialCreateAccount.php index cc2fc80970d9..637025c9859c 100644 --- a/includes/specials/SpecialCreateAccount.php +++ b/includes/specials/SpecialCreateAccount.php @@ -57,7 +57,9 @@ class SpecialCreateAccount extends LoginSignupSpecialPage { } public function userCanExecute( User $user ) { - return $user->isAllowed( 'createaccount' ); + return MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'createaccount' ); } public function checkPermissions() { diff --git a/includes/specials/SpecialDoubleRedirects.php b/includes/specials/SpecialDoubleRedirects.php index cccca5063aa1..540ac5aaefc5 100644 --- a/includes/specials/SpecialDoubleRedirects.php +++ b/includes/specials/SpecialDoubleRedirects.php @@ -21,6 +21,7 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; use Wikimedia\Rdbms\IResultWrapper; use Wikimedia\Rdbms\IDatabase; @@ -155,7 +156,9 @@ class SpecialDoubleRedirects extends QueryPage { // if the page is editable, add an edit link if ( // check user permissions - $this->getUser()->isAllowed( 'edit' ) && + MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'edit' ) && // check, if the content model is editable through action=edit ContentHandler::getForTitle( $titleA )->supportsDirectEditing() ) { diff --git a/includes/specials/SpecialEditTags.php b/includes/specials/SpecialEditTags.php index 1dd19694c9ad..48357aa7ad57 100644 --- a/includes/specials/SpecialEditTags.php +++ b/includes/specials/SpecialEditTags.php @@ -129,7 +129,7 @@ class SpecialEditTags extends UnlistedSpecialPage { $this->ids ); - $this->isAllowed = $user->isAllowed( 'changetags' ); + $this->isAllowed = $this->permissionManager->userHasRight( $user, 'changetags' ); $this->reason = $request->getVal( 'wpReason' ); // We need a target page! diff --git a/includes/specials/SpecialEmailUser.php b/includes/specials/SpecialEmailUser.php index b42cdea08ad1..c8b92bd10db4 100644 --- a/includes/specials/SpecialEmailUser.php +++ b/includes/specials/SpecialEmailUser.php @@ -253,7 +253,10 @@ class SpecialEmailUser extends UnlistedSpecialPage { return 'mailnologin'; } - if ( !$user->isAllowed( 'sendemail' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'sendemail' ) + ) { return 'badaccess'; } diff --git a/includes/specials/SpecialExpandTemplates.php b/includes/specials/SpecialExpandTemplates.php index a466f2943686..72e881f96729 100644 --- a/includes/specials/SpecialExpandTemplates.php +++ b/includes/specials/SpecialExpandTemplates.php @@ -273,7 +273,10 @@ class SpecialExpandTemplates extends SpecialPage { // allowed and a valid edit token is not provided (T73111). However, MediaWiki // does not currently provide logged-out users with CSRF protection; in that case, // do not show the preview unless anonymous editing is allowed. - if ( $user->isAnon() && !$user->isAllowed( 'edit' ) ) { + if ( $user->isAnon() && !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'edit' ) + ) { $error = [ 'expand_templates_preview_fail_html_anon' ]; } elseif ( !$user->matchEditToken( $request->getVal( 'wpEditToken' ), '', $request ) ) { $error = [ 'expand_templates_preview_fail_html' ]; diff --git a/includes/specials/SpecialExport.php b/includes/specials/SpecialExport.php index 5a6358147f2a..e680d240c0fb 100644 --- a/includes/specials/SpecialExport.php +++ b/includes/specials/SpecialExport.php @@ -327,7 +327,9 @@ class SpecialExport extends SpecialPage { * @return bool */ private function userCanOverrideExportDepth() { - return $this->getUser()->isAllowed( 'override-export-depth' ); + return MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'override-export-depth' ); } /** diff --git a/includes/specials/SpecialImport.php b/includes/specials/SpecialImport.php index f21c20651b39..cfefa4764216 100644 --- a/includes/specials/SpecialImport.php +++ b/includes/specials/SpecialImport.php @@ -135,18 +135,19 @@ class SpecialImport extends SpecialPage { } $user = $this->getUser(); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); if ( !$user->matchEditToken( $request->getVal( 'editToken' ) ) ) { $source = Status::newFatal( 'import-token-mismatch' ); } elseif ( $this->sourceName === 'upload' ) { $isUpload = true; $this->usernamePrefix = $this->fullInterwikiPrefix = $request->getVal( 'usernamePrefix' ); - if ( $user->isAllowed( 'importupload' ) ) { + if ( $permissionManager->userHasRight( $user, 'importupload' ) ) { $source = ImportStreamSource::newFromUpload( "xmlimport" ); } else { throw new PermissionsError( 'importupload' ); } } elseif ( $this->sourceName === 'interwiki' ) { - if ( !$user->isAllowed( 'import' ) ) { + if ( !$permissionManager->userHasRight( $user, 'import' ) ) { throw new PermissionsError( 'import' ); } $this->interwiki = $this->fullInterwikiPrefix = $request->getVal( 'interwiki' ); @@ -325,10 +326,11 @@ class SpecialImport extends SpecialPage { private function showForm() { $action = $this->getPageTitle()->getLocalURL( [ 'action' => 'submit' ] ); $user = $this->getUser(); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); $out = $this->getOutput(); $this->addHelpLink( 'https://meta.wikimedia.org/wiki/Special:MyLanguage/Help:Import', true ); - if ( $user->isAllowed( 'importupload' ) ) { + if ( $permissionManager->userHasRight( $user, 'importupload' ) ) { $mappingSelection = $this->getMappingFormPart( 'upload' ); $out->addHTML( Xml::fieldset( $this->msg( 'import-upload' )->text() ) . @@ -401,7 +403,7 @@ class SpecialImport extends SpecialPage { $out->addWikiMsg( 'importnosources' ); } - if ( $user->isAllowed( 'import' ) && !empty( $this->importSources ) ) { + if ( $permissionManager->userHasRight( $user, 'import' ) && !empty( $this->importSources ) ) { # Show input field for import depth only if $wgExportMaxLinkDepth > 0 $importDepth = ''; if ( $this->getConfig()->get( 'ExportMaxLinkDepth' ) > 0 ) { diff --git a/includes/specials/SpecialLog.php b/includes/specials/SpecialLog.php index ac8baa12c1c4..7c858147e174 100644 --- a/includes/specials/SpecialLog.php +++ b/includes/specials/SpecialLog.php @@ -94,7 +94,9 @@ class SpecialLog extends SpecialPage { if ( !LogPage::isLogType( $type ) ) { $opts->setValue( 'type', '' ); } elseif ( isset( $logRestrictions[$type] ) - && !$this->getUser()->isAllowed( $logRestrictions[$type] ) + && !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), $logRestrictions[$type] ) ) { throw new PermissionsError( $logRestrictions[$type] ); } diff --git a/includes/specials/SpecialMovepage.php b/includes/specials/SpecialMovepage.php index 6da362dd1bdf..0767fafe6732 100644 --- a/includes/specials/SpecialMovepage.php +++ b/includes/specials/SpecialMovepage.php @@ -209,7 +209,9 @@ class MovePageForm extends UnlistedSpecialPage { } if ( count( $err ) == 1 && isset( $err[0][0] ) && $err[0][0] == 'file-exists-sharedrepo' - && $user->isAllowed( 'reupload-shared' ) + && MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'reupload-shared' ) ) { $out->wrapWikiMsg( "<div class='warningbox'>\n$1\n</div>\n", @@ -374,7 +376,10 @@ class MovePageForm extends UnlistedSpecialPage { ); } - if ( $user->isAllowed( 'suppressredirect' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'suppressredirect' ) + ) { if ( $handlerSupportsRedirects ) { $isChecked = $this->leaveRedirect; $isDisabled = false; @@ -520,6 +525,7 @@ class MovePageForm extends UnlistedSpecialPage { function doSubmit() { $user = $this->getUser(); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); if ( $user->pingLimiter( 'move' ) ) { throw new ThrottledError; @@ -540,7 +546,7 @@ class MovePageForm extends UnlistedSpecialPage { # Show a warning if the target file exists on a shared repo $repoGroup = $services->getRepoGroup(); if ( $nt->getNamespace() == NS_FILE - && !( $this->moveOverShared && $user->isAllowed( 'reupload-shared' ) ) + && !( $this->moveOverShared && $permissionManager->userHasRight( $user, 'reupload-shared' ) ) && !$repoGroup->getLocalRepo()->findFile( $nt ) && $repoGroup->findFile( $nt ) ) { @@ -551,7 +557,7 @@ class MovePageForm extends UnlistedSpecialPage { # Delete to make way if requested if ( $this->deleteAndMove ) { - $permErrors = $nt->getUserPermissionsErrors( 'delete', $user ); + $permErrors = $permissionManager->getPermissionErrors( 'delete', $user, $nt ); if ( count( $permErrors ) ) { # Only show the first error $this->showForm( $permErrors, true ); @@ -592,7 +598,7 @@ class MovePageForm extends UnlistedSpecialPage { if ( !$handler->supportsRedirects() ) { $createRedirect = false; - } elseif ( $user->isAllowed( 'suppressredirect' ) ) { + } elseif ( $permissionManager->userHasRight( $user, 'suppressredirect' ) ) { $createRedirect = $this->leaveRedirect; } else { $createRedirect = true; @@ -607,7 +613,6 @@ class MovePageForm extends UnlistedSpecialPage { $this->moveTalk = false; } if ( $this->moveSubpages ) { - $permissionManager = $services->getPermissionManager(); $this->moveSubpages = $permissionManager->userCan( 'move-subpages', $user, $ot ); } diff --git a/includes/specials/SpecialPasswordReset.php b/includes/specials/SpecialPasswordReset.php index 3524d79e65cf..2ef96ad85412 100644 --- a/includes/specials/SpecialPasswordReset.php +++ b/includes/specials/SpecialPasswordReset.php @@ -22,6 +22,7 @@ */ use MediaWiki\Auth\AuthManager; +use MediaWiki\MediaWikiServices; /** * Special page for requesting a password reset email. @@ -52,7 +53,11 @@ class SpecialPasswordReset extends FormSpecialPage { private function getPasswordReset() { if ( $this->passwordReset === null ) { - $this->passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() ); + $this->passwordReset = new PasswordReset( + $this->getConfig(), + AuthManager::singleton(), + MediaWikiServices::getInstance()->getPermissionManager() + ); } return $this->passwordReset; } diff --git a/includes/specials/SpecialPreferences.php b/includes/specials/SpecialPreferences.php index 0bc9147fad5c..d541eadcd6b3 100644 --- a/includes/specials/SpecialPreferences.php +++ b/includes/specials/SpecialPreferences.php @@ -115,7 +115,10 @@ class SpecialPreferences extends SpecialPage { } protected function showResetForm() { - if ( !$this->getUser()->isAllowed( 'editmyoptions' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'editmyoptions' ) + ) { throw new PermissionsError( 'editmyoptions' ); } @@ -134,7 +137,10 @@ class SpecialPreferences extends SpecialPage { } public function submitReset( $formData ) { - if ( !$this->getUser()->isAllowed( 'editmyoptions' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'editmyoptions' ) + ) { throw new PermissionsError( 'editmyoptions' ); } diff --git a/includes/specials/SpecialRecentChanges.php b/includes/specials/SpecialRecentChanges.php index 0bfe1855df0f..4683fe68613c 100644 --- a/includes/specials/SpecialRecentChanges.php +++ b/includes/specials/SpecialRecentChanges.php @@ -185,7 +185,9 @@ class SpecialRecentChanges extends ChangesListSpecialPage { if ( !$this->including() && $this->getUser()->isLoggedIn() && - $this->getUser()->isAllowed( 'viewmywatchlist' ) + MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'viewmywatchlist' ) ) { $this->registerFiltersFromDefinitions( [ $this->watchlistFilterGroupDefinition ] ); $watchlistGroup = $this->getFilterGroup( 'watchlist' ); @@ -279,7 +281,10 @@ class SpecialRecentChanges extends ChangesListSpecialPage { $join_conds = array_merge( $join_conds, $rcQuery['joins'] ); // JOIN on watchlist for users - if ( $user->isLoggedIn() && $user->isAllowed( 'viewmywatchlist' ) ) { + if ( $user->isLoggedIn() && MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'viewmywatchlist' ) + ) { $tables[] = 'watchlist'; $fields[] = 'wl_user'; $fields[] = 'wl_notificationtimestamp'; diff --git a/includes/specials/SpecialRecentChangesLinked.php b/includes/specials/SpecialRecentChangesLinked.php index 26f36655978a..0921adaab875 100644 --- a/includes/specials/SpecialRecentChangesLinked.php +++ b/includes/specials/SpecialRecentChangesLinked.php @@ -21,6 +21,8 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; + /** * This is to display changes made to all articles linked in an article. * @@ -91,7 +93,10 @@ class SpecialRecentChangesLinked extends SpecialRecentChanges { // left join with watchlist table to highlight watched rows $uid = $this->getUser()->getId(); - if ( $uid && $this->getUser()->isAllowed( 'viewmywatchlist' ) ) { + if ( $uid && MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'viewmywatchlist' ) + ) { $tables[] = 'watchlist'; $select[] = 'wl_user'; $join_conds['watchlist'] = [ 'LEFT JOIN', [ diff --git a/includes/specials/SpecialRevisionDelete.php b/includes/specials/SpecialRevisionDelete.php index 437263f186b3..698e5907cfac 100644 --- a/includes/specials/SpecialRevisionDelete.php +++ b/includes/specials/SpecialRevisionDelete.php @@ -21,6 +21,7 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; use MediaWiki\Storage\RevisionRecord; use MediaWiki\Permissions\PermissionManager; @@ -192,9 +193,11 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { $this->typeLabels = self::$UILabels[$this->typeName]; $list = $this->getList(); $list->reset(); - $this->mIsAllowed = $user->isAllowed( RevisionDeleter::getRestriction( $this->typeName ) ); - $canViewSuppressedOnly = $this->getUser()->isAllowed( 'viewsuppressed' ) && - !$this->getUser()->isAllowed( 'suppressrevision' ); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); + $this->mIsAllowed = $permissionManager->userHasRight( $user, + RevisionDeleter::getRestriction( $this->typeName ) ); + $canViewSuppressedOnly = $permissionManager->userHasRight( $user, 'viewsuppressed' ) && + !$permissionManager->userHasRight( $user, 'suppressrevision' ); $pageIsSuppressed = $list->areAnySuppressed(); $this->mIsAllowed = $this->mIsAllowed && !( $canViewSuppressedOnly && $pageIsSuppressed ); @@ -211,7 +214,7 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { [ 'revdelete-hide-comment', 'wpHideComment', RevisionRecord::DELETED_COMMENT ], [ 'revdelete-hide-user', 'wpHideUser', RevisionRecord::DELETED_USER ] ]; - if ( $user->isAllowed( 'suppressrevision' ) ) { + if ( $permissionManager->userHasRight( $user, 'suppressrevision' ) ) { $this->checks[] = [ 'revdelete-hide-restricted', 'wpHideRestricted', RevisionRecord::DELETED_RESTRICTED ]; } @@ -223,7 +226,7 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { $this->showForm(); } - if ( $user->isAllowed( 'deletedhistory' ) ) { + if ( $permissionManager->userHasRight( $user, 'deletedhistory' ) ) { $qc = $this->getLogQueryCond(); # Show relevant lines from the deletion log $deleteLogPage = new LogPage( 'delete' ); @@ -237,7 +240,7 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { ); } # Show relevant lines from the suppression log - if ( $user->isAllowed( 'suppressionlog' ) ) { + if ( $permissionManager->userHasRight( $user, 'suppressionlog' ) ) { $suppressLogPage = new LogPage( 'suppress' ); $output->addHTML( "<h2>" . $suppressLogPage->getName()->escaped() . "</h2>\n" ); LogEventsList::showLogExtract( @@ -276,7 +279,10 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { [ 'action' => 'history' ] ); # Link to deleted edits - if ( $this->getUser()->isAllowed( 'undelete' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'undelete' ) + ) { $undelete = SpecialPage::getTitleFor( 'Undelete' ); $links[] = $linkRenderer->makeKnownLink( $undelete, @@ -480,7 +486,10 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { Xml::closeElement( 'fieldset' ) . "\n" . Xml::closeElement( 'form' ) . "\n"; // Show link to edit the dropdown reasons - if ( $this->getUser()->isAllowed( 'editinterface' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'editinterface' ) + ) { $link = $this->getLinkRenderer()->makeKnownLink( $this->msg( 'revdelete-reason-dropdown' )->inContentLanguage()->getTitle(), $this->msg( 'revdelete-edit-reasonlist' )->text(), @@ -506,7 +515,10 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { 'revdelete-text-others' ); - if ( $this->getUser()->isAllowed( 'suppressrevision' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'suppressrevision' ) + ) { $this->getOutput()->addWikiMsg( 'revdelete-suppress-text' ); } @@ -611,7 +623,9 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { } # Can the user set this field? if ( $bitParams[RevisionRecord::DELETED_RESTRICTED] == 1 - && !$this->getUser()->isAllowed( 'suppressrevision' ) + && !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'suppressrevision' ) ) { throw new PermissionsError( 'suppressrevision' ); } diff --git a/includes/specials/SpecialTags.php b/includes/specials/SpecialTags.php index 9a95249c759a..2c8d43297da3 100644 --- a/includes/specials/SpecialTags.php +++ b/includes/specials/SpecialTags.php @@ -21,6 +21,8 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; + /** * A special page that lists tags for edits * @@ -77,9 +79,10 @@ class SpecialTags extends SpecialPage { $out->wrapWikiMsg( "<div class='mw-tags-intro'>\n$1\n</div>", 'tags-intro' ); $user = $this->getUser(); - $userCanManage = $user->isAllowed( 'managechangetags' ); - $userCanDelete = $user->isAllowed( 'deletechangetags' ); - $userCanEditInterface = $user->isAllowed( 'editinterface' ); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); + $userCanManage = $permissionManager->userHasRight( $user, 'managechangetags' ); + $userCanDelete = $permissionManager->userHasRight( $user, 'deletechangetags' ); + $userCanEditInterface = $permissionManager->userHasRight( $user, 'editinterface' ); // Show form to create a tag if ( $userCanManage ) { @@ -329,7 +332,9 @@ class SpecialTags extends SpecialPage { protected function showDeleteTagForm( $tag ) { $user = $this->getUser(); - if ( !$user->isAllowed( 'deletechangetags' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'deletechangetags' ) ) { throw new PermissionsError( 'deletechangetags' ); } @@ -388,7 +393,9 @@ class SpecialTags extends SpecialPage { $actionStr = $activate ? 'activate' : 'deactivate'; $user = $this->getUser(); - if ( !$user->isAllowed( 'managechangetags' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'managechangetags' ) ) { throw new PermissionsError( 'managechangetags' ); } diff --git a/includes/specials/SpecialUnblock.php b/includes/specials/SpecialUnblock.php index 9b8022b7c2be..931b179a36b6 100644 --- a/includes/specials/SpecialUnblock.php +++ b/includes/specials/SpecialUnblock.php @@ -22,6 +22,7 @@ */ use MediaWiki\Block\DatabaseBlock; +use MediaWiki\MediaWikiServices; /** * A special page for unblocking users @@ -208,7 +209,10 @@ class SpecialUnblock extends SpecialPage { # If the name was hidden and the blocking user cannot hide # names, then don't allow any block removals... - if ( !$performer->isAllowed( 'hideuser' ) && $block->getHideName() ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $performer, 'hideuser' ) && $block->getHideName() + ) { return [ 'unblock-hideuser' ]; } diff --git a/includes/specials/SpecialUndelete.php b/includes/specials/SpecialUndelete.php index fe629dba8b3e..d3d3bd7b06dd 100644 --- a/includes/specials/SpecialUndelete.php +++ b/includes/specials/SpecialUndelete.php @@ -102,7 +102,9 @@ class SpecialUndelete extends SpecialPage { $this->mDiff = $request->getCheck( 'diff' ); $this->mDiffOnly = $request->getBool( 'diffonly', $this->getUser()->getOption( 'diffonly' ) ); $this->mComment = $request->getText( 'wpComment' ); - $this->mUnsuppress = $request->getVal( 'wpUnsuppress' ) && $user->isAllowed( 'suppressrevision' ); + $this->mUnsuppress = $request->getVal( 'wpUnsuppress' ) && MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'suppressrevision' ); $this->mToken = $request->getVal( 'token' ); $block = $user->getBlock(); @@ -153,7 +155,7 @@ class SpecialUndelete extends SpecialPage { if ( $this->mTargetObj !== null ) { return $permissionManager->userCan( $permission, $user, $this->mTargetObj ); } else { - return $user->isAllowed( $permission ); + return $permissionManager->userHasRight( $user, $permission ); } } @@ -179,7 +181,10 @@ class SpecialUndelete extends SpecialPage { $out->addWikiMsg( 'undelete-header' ); # Not all users can just browse every deleted page from the list - if ( $user->isAllowed( 'browsearchive' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'browsearchive' ) + ) { $this->showSearchForm(); } @@ -774,7 +779,8 @@ class SpecialUndelete extends SpecialPage { LogEventsList::showLogExtract( $out, 'delete', $this->mTargetObj ); # Show relevant lines from the suppression log: $suppressLogPage = new LogPage( 'suppress' ); - if ( $this->getUser()->isAllowed( 'suppressionlog' ) ) { + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); + if ( $permissionManager->userHasRight( $this->getUser(), 'suppressionlog' ) ) { $out->addHTML( Xml::element( 'h2', null, $suppressLogPage->getName()->text() ) . "\n" ); LogEventsList::showLogExtract( $out, 'suppress', $this->mTargetObj ); } @@ -826,7 +832,7 @@ class SpecialUndelete extends SpecialPage { ] ) ); - if ( $this->getUser()->isAllowed( 'suppressrevision' ) ) { + if ( $permissionManager->userHasRight( $this->getUser(), 'suppressrevision' ) ) { $fields[] = new OOUI\FieldLayout( new OOUI\CheckboxInputWidget( [ 'name' => 'wpUnsuppress', @@ -866,7 +872,7 @@ class SpecialUndelete extends SpecialPage { if ( $haveRevisions ) { # Show the page's stored (deleted) history - if ( $this->getUser()->isAllowed( 'deleterevision' ) ) { + if ( $permissionManager->userHasRight( $this->getUser(), 'deleterevision' ) ) { $history .= Html::element( 'button', [ diff --git a/includes/specials/SpecialUpload.php b/includes/specials/SpecialUpload.php index 81c9d567f1da..e7c2e42a77da 100644 --- a/includes/specials/SpecialUpload.php +++ b/includes/specials/SpecialUpload.php @@ -311,16 +311,18 @@ class SpecialUpload extends SpecialPage { protected function showViewDeletedLinks() { $title = Title::makeTitleSafe( NS_FILE, $this->mDesiredDestName ); $user = $this->getUser(); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); // Show a subtitle link to deleted revisions (to sysops et al only) if ( $title instanceof Title ) { $count = $title->isDeleted(); - if ( $count > 0 && $user->isAllowed( 'deletedhistory' ) ) { + if ( $count > 0 && $permissionManager->userHasRight( $user, 'deletedhistory' ) ) { $restorelink = $this->getLinkRenderer()->makeKnownLink( SpecialPage::getTitleFor( 'Undelete', $title->getPrefixedText() ), $this->msg( 'restorelink' )->numParams( $count )->text() ); - $link = $this->msg( $user->isAllowed( 'delete' ) ? 'thisisdeleted' : 'viewdeleted' ) - ->rawParams( $restorelink )->parseAsBlock(); + $link = $this->msg( + $permissionManager->userHasRight( $user, 'delete' ) ? 'thisisdeleted' : 'viewdeleted' + )->rawParams( $restorelink )->parseAsBlock(); $this->getOutput()->addHTML( Html::rawElement( 'div', diff --git a/includes/specials/SpecialUserrights.php b/includes/specials/SpecialUserrights.php index 5747f67b83c9..585699ddd0c2 100644 --- a/includes/specials/SpecialUserrights.php +++ b/includes/specials/SpecialUserrights.php @@ -21,6 +21,8 @@ * @ingroup SpecialPage */ +use MediaWiki\MediaWikiServices; + /** * Special page to allow managing user group membership * @@ -161,7 +163,10 @@ class UserrightsPage extends SpecialPage { * (e.g. they don't have the userrights permission), then don't * allow them to change any user rights. */ - if ( !$user->isAllowed( 'userrights' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $user, 'userrights' ) + ) { $block = $user->getBlock(); if ( $block && $block->isSitewide() ) { throw new UserBlockedError( $block ); @@ -515,7 +520,10 @@ class UserrightsPage extends SpecialPage { if ( WikiMap::isCurrentWikiId( $dbDomain ) ) { $dbDomain = ''; } else { - if ( $writing && !$this->getUser()->isAllowed( 'userrights-interwiki' ) ) { + if ( $writing && !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'userrights-interwiki' ) + ) { return Status::newFatal( 'userrights-no-interwiki' ); } if ( !UserRightsProxy::validDatabase( $dbDomain ) ) { diff --git a/includes/specials/SpecialWatchlist.php b/includes/specials/SpecialWatchlist.php index 3d563309de93..84b3331d5c02 100644 --- a/includes/specials/SpecialWatchlist.php +++ b/includes/specials/SpecialWatchlist.php @@ -381,12 +381,10 @@ class SpecialWatchlist extends ChangesListSpecialPage { // Log entries with DELETED_ACTION must not show up unless the user has // the necessary rights. - if ( !$user->isAllowed( 'deletedhistory' ) ) { + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); + if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) { $bitmask = LogPage::DELETED_ACTION; - } elseif ( !MediaWikiServices::getInstance() - ->getPermissionManager() - ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) - ) { + } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) { $bitmask = LogPage::DELETED_ACTION | LogPage::DELETED_RESTRICTED; } else { $bitmask = 0; diff --git a/includes/specials/SpecialWhatLinksHere.php b/includes/specials/SpecialWhatLinksHere.php index 284008652617..5fe3605a9375 100644 --- a/includes/specials/SpecialWhatLinksHere.php +++ b/includes/specials/SpecialWhatLinksHere.php @@ -21,6 +21,7 @@ * @todo Use some variant of Pager or something; the pagination here is lousy. */ +use MediaWiki\MediaWikiServices; use Wikimedia\Rdbms\IDatabase; /** @@ -416,7 +417,9 @@ class SpecialWhatLinksHere extends IncludableSpecialPage { // if the page is editable, add an edit link if ( // check user permissions - $this->getUser()->isAllowed( 'edit' ) && + MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'edit' ) && // check, if the content model is editable through action=edit ContentHandler::getForTitle( $target )->supportsDirectEditing() ) { diff --git a/includes/specials/forms/PreferencesFormOOUI.php b/includes/specials/forms/PreferencesFormOOUI.php index ea23973de494..b1bfd0bb32e3 100644 --- a/includes/specials/forms/PreferencesFormOOUI.php +++ b/includes/specials/forms/PreferencesFormOOUI.php @@ -73,16 +73,18 @@ class PreferencesFormOOUI extends OOUIHTMLForm { * @return string */ function getButtons() { - if ( !MediaWikiServices::getInstance() - ->getPermissionManager() - ->userHasAnyRight( $this->getModifiedUser(), 'editmyprivateinfo', 'editmyoptions' ) - ) { + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); + if ( !$permissionManager->userHasAnyRight( + $this->getModifiedUser(), + 'editmyprivateinfo', + 'editmyoptions' + ) ) { return ''; } $html = parent::getButtons(); - if ( $this->getModifiedUser()->isAllowed( 'editmyoptions' ) ) { + if ( $permissionManager->userHasRight( $this->getModifiedUser(), 'editmyoptions' ) ) { $t = $this->getTitle()->getSubpage( 'reset' ); $html .= new OOUI\ButtonWidget( [ diff --git a/includes/specials/forms/UploadForm.php b/includes/specials/forms/UploadForm.php index 1e5f8168d69e..0b4e0589c095 100644 --- a/includes/specials/forms/UploadForm.php +++ b/includes/specials/forms/UploadForm.php @@ -76,7 +76,10 @@ class UploadForm extends HTMLForm { parent::__construct( $descriptor, $context, 'upload' ); # Add a link to edit MediaWiki:Licenses - if ( $this->getUser()->isAllowed( 'editinterface' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'editinterface' ) + ) { $this->getOutput()->addModuleStyles( 'mediawiki.special' ); $licensesLink = $linkRenderer->makeKnownLink( $this->msg( 'licenses' )->inContentLanguage()->getTitle(), diff --git a/includes/specials/pagers/ActiveUsersPager.php b/includes/specials/pagers/ActiveUsersPager.php index 0abe842e79ea..c9c3b07f81a0 100644 --- a/includes/specials/pagers/ActiveUsersPager.php +++ b/includes/specials/pagers/ActiveUsersPager.php @@ -19,6 +19,8 @@ * @ingroup Pager */ +use MediaWiki\MediaWikiServices; + /** * This class is used to get a list of active users. The ones with specials * rights (sysop, bureaucrat, developer) will have them displayed @@ -124,7 +126,10 @@ class ActiveUsersPager extends UsersPager { ] ]; $conds['ug2.ug_user'] = null; } - if ( !$this->getUser()->isAllowed( 'hideuser' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'hideuser' ) + ) { $conds[] = 'NOT EXISTS (' . $dbr->selectSQLText( 'ipblocks', '1', [ 'ipb_user=user_id', 'ipb_deleted' => 1 ] ) . ')'; diff --git a/includes/specials/pagers/BlockListPager.php b/includes/specials/pagers/BlockListPager.php index 4441a333141d..718da6da0f2d 100644 --- a/includes/specials/pagers/BlockListPager.php +++ b/includes/specials/pagers/BlockListPager.php @@ -137,7 +137,10 @@ class BlockListPager extends TablePager { $value, /* User preference timezone */true ) ); - if ( $this->getUser()->isAllowed( 'block' ) ) { + if ( MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'block' ) + ) { $links = []; if ( $row->ipb_auto ) { $links[] = $linkRenderer->makeKnownLink( @@ -358,7 +361,10 @@ class BlockListPager extends TablePager { $info['conds'][] = 'ipb_expiry > ' . $db->addQuotes( $db->timestamp() ); # Is the user allowed to see hidden blocks? - if ( !$this->getUser()->isAllowed( 'hideuser' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'hideuser' ) + ) { $info['conds']['ipb_deleted'] = 0; } diff --git a/includes/specials/pagers/ContribsPager.php b/includes/specials/pagers/ContribsPager.php index d76dfb88254f..3a56a87ede75 100644 --- a/includes/specials/pagers/ContribsPager.php +++ b/includes/specials/pagers/ContribsPager.php @@ -269,6 +269,7 @@ class ContribsPager extends RangeChronologicalPager { 'options' => [], 'join_conds' => $revQuery['joins'], ]; + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); // WARNING: Keep this in sync with getTargetTable()! $user = User::newFromName( $this->target, false ); @@ -313,14 +314,11 @@ class ContribsPager extends RangeChronologicalPager { $queryInfo['conds'] = array_merge( $queryInfo['conds'], $this->getNamespaceCond() ); // Paranoia: avoid brute force searches (T19342) - if ( !$user->isAllowed( 'deletedhistory' ) ) { + if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) { $queryInfo['conds'][] = $this->mDb->bitAnd( 'rev_deleted', RevisionRecord::DELETED_USER ) . ' = 0'; - } elseif ( !MediaWikiServices::getInstance() - ->getPermissionManager() - ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) - ) { + } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) { $queryInfo['conds'][] = $this->mDb->bitAnd( 'rev_deleted', RevisionRecord::SUPPRESSED_USER ) . ' != ' . RevisionRecord::SUPPRESSED_USER; diff --git a/includes/specials/pagers/DeletedContribsPager.php b/includes/specials/pagers/DeletedContribsPager.php index cd6294d67f29..2893759eae70 100644 --- a/includes/specials/pagers/DeletedContribsPager.php +++ b/includes/specials/pagers/DeletedContribsPager.php @@ -90,13 +90,11 @@ class DeletedContribsPager extends IndexPager { ]; $conds = array_merge( $userCond, $this->getNamespaceCond() ); $user = $this->getUser(); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); // Paranoia: avoid brute force searches (T19792) - if ( !$user->isAllowed( 'deletedhistory' ) ) { + if ( !$permissionManager->userHasRight( $user, 'deletedhistory' ) ) { $conds[] = $this->mDb->bitAnd( 'ar_deleted', RevisionRecord::DELETED_USER ) . ' = 0'; - } elseif ( !MediaWikiServices::getInstance() - ->getPermissionManager() - ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) - ) { + } elseif ( !$permissionManager->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' ) ) { $conds[] = $this->mDb->bitAnd( 'ar_deleted', RevisionRecord::SUPPRESSED_USER ) . ' != ' . RevisionRecord::SUPPRESSED_USER; } @@ -325,8 +323,9 @@ class DeletedContribsPager extends IndexPager { ); $user = $this->getUser(); + $permissionManager = MediaWikiServices::getInstance()->getPermissionManager(); - if ( $user->isAllowed( 'deletedtext' ) ) { + if ( $permissionManager->userHasRight( $user, 'deletedtext' ) ) { $last = $linkRenderer->makeKnownLink( $undelete, $this->messages['diff'], @@ -344,7 +343,9 @@ class DeletedContribsPager extends IndexPager { $comment = Linker::revComment( $rev ); $date = $this->getLanguage()->userTimeAndDate( $rev->getTimestamp(), $user ); - if ( !$user->isAllowed( 'undelete' ) || !$rev->userCan( RevisionRecord::DELETED_TEXT, $user ) ) { + if ( !$permissionManager->userHasRight( $user, 'undelete' ) || + !$rev->userCan( RevisionRecord::DELETED_TEXT, $user ) + ) { $link = htmlspecialchars( $date ); // unusable link } else { $link = $linkRenderer->makeKnownLink( diff --git a/includes/specials/pagers/ProtectedPagesPager.php b/includes/specials/pagers/ProtectedPagesPager.php index 747dea284ac9..bb5592ce9530 100644 --- a/includes/specials/pagers/ProtectedPagesPager.php +++ b/includes/specials/pagers/ProtectedPagesPager.php @@ -20,6 +20,7 @@ */ use MediaWiki\Linker\LinkRenderer; +use MediaWiki\MediaWikiServices; class ProtectedPagesPager extends TablePager { @@ -159,7 +160,10 @@ class ProtectedPagesPager extends TablePager { $formatted = htmlspecialchars( $this->getLanguage()->formatExpiry( $value, /* User preference timezone */true ) ); $title = Title::makeTitleSafe( $row->page_namespace, $row->page_title ); - if ( $this->getUser()->isAllowed( 'protect' ) && $title ) { + if ( $title && MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'protect' ) + ) { $changeProtection = $linkRenderer->makeKnownLink( $title, $this->msg( 'protect_change' )->text(), diff --git a/includes/specials/pagers/UsersPager.php b/includes/specials/pagers/UsersPager.php index ba078e9f3c0d..ee0ac003ae9d 100644 --- a/includes/specials/pagers/UsersPager.php +++ b/includes/specials/pagers/UsersPager.php @@ -23,6 +23,8 @@ * @ingroup Pager */ +use MediaWiki\MediaWikiServices; + /** * This class is used to get a list of user. The ones with specials * rights (sysop, bureaucrat, developer) will have them displayed @@ -123,7 +125,10 @@ class UsersPager extends AlphabeticPager { $conds = []; // Don't show hidden names - if ( !$this->getUser()->isAllowed( 'hideuser' ) ) { + if ( !MediaWikiServices::getInstance() + ->getPermissionManager() + ->userHasRight( $this->getUser(), 'hideuser' ) + ) { $conds[] = 'ipb_deleted IS NULL OR ipb_deleted = 0'; } |