return true;
}
- public function isRestricted() {
- return true;
- }
-
- public function userCanExecute( User $user ) {
- return $this->userCanChangeRights( $user, false );
- }
-
/**
* @param User $user
* @param bool $checkIfSelf
* @throws UserBlockedError|PermissionsError
*/
public function execute( $par ) {
- // If the visitor doesn't have permissions to assign or remove
- // any groups, it's a bit silly to give them the user search prompt.
-
$user = $this->getUser();
$request = $this->getRequest();
$out = $this->getOutput();
- /*
- * If the user is blocked and they only have "partial" access
- * (e.g. they don't have the userrights permission), then don't
- * allow them to use Special:UserRights.
- */
- if ( $user->isBlocked() && !$user->isAllowed( 'userrights' ) ) {
- throw new UserBlockedError( $user->getBlock() );
- }
-
if ( $par !== null ) {
$this->mTarget = $par;
} else {
$this->mTarget = trim( $this->mTarget );
}
- $available = $this->changeableGroups();
-
- if ( $this->mTarget === null ) {
- /*
- * If the user specified no target, and they can only
- * edit their own groups, automatically set them as the
- * target.
- */
- if ( !count( $available['add'] ) && !count( $available['remove'] ) ) {
- $this->mTarget = $user->getName();
- }
- }
-
- if ( $this->mTarget !== null && User::getCanonicalName( $this->mTarget ) === $user->getName() ) {
- $this->isself = true;
- }
-
- $fetchedStatus = $this->fetchUser( $this->mTarget );
+ $fetchedStatus = $this->fetchUser( $this->mTarget, true );
if ( $fetchedStatus->isOK() ) {
$this->mFetchedUser = $fetchedStatus->value;
if ( $this->mFetchedUser instanceof User ) {
}
}
- if ( !$this->userCanChangeRights( $user, true ) ) {
- if ( $this->isself && $request->getCheck( 'success' ) ) {
- // bug 48609: if the user just removed its own rights, this would
- // leads it in a "permissions error" page. In that case, show a
- // message that it can't anymore use this page instead of an error
- $this->setHeaders();
- $out->wrapWikiMsg( "<div class=\"successbox\">\n$1\n</div>", 'userrights-removed-self' );
- $out->returnToMain();
-
- return;
- }
-
- // @todo FIXME: There may be intermediate groups we can mention.
- $msg = $user->isAnon() ? 'userrights-nologin' : 'userrights-notallowed';
- throw new PermissionsError( null, [ [ $msg ] ] );
- }
-
// show a successbox, if the user rights was saved successfully
if ( $request->getCheck( 'success' ) && $this->mFetchedUser !== null ) {
$out->addModules( [ 'mediawiki.special.userrights' ] );
);
}
- $this->checkReadOnly();
-
$this->setHeaders();
$this->outputHeader();
$out->addModuleStyles( 'mediawiki.special' );
$this->addHelpLink( 'Help:Assigning permissions' );
- // show the general form
- if ( count( $available['add'] ) || count( $available['remove'] ) ) {
- $this->switchForm();
- }
+ $this->switchForm();
if (
$request->wasPosted() &&
$this->mTarget !== null &&
$user->matchEditToken( $request->getVal( 'wpEditToken' ), $this->mTarget )
) {
+ /*
+ * If the user is blocked and they only have "partial" access
+ * (e.g. they don't have the userrights permission), then don't
+ * allow them to change any user rights.
+ */
+ if ( $user->isBlocked() && !$user->isAllowed( 'userrights' ) ) {
+ throw new UserBlockedError( $user->getBlock() );
+ }
+
+ $this->checkReadOnly();
+
// save settings
if ( !$fetchedStatus->isOK() ) {
$this->getOutput()->addWikiText( $fetchedStatus->getWikiText() );
* @param string $username Name of the user.
*/
function editUserGroupsForm( $username ) {
- $status = $this->fetchUser( $username );
+ $status = $this->fetchUser( $username, true );
if ( !$status->isOK() ) {
$this->getOutput()->addWikiText( $status->getWikiText() );
*
* Side effects: error output for invalid access
* @param string $username
+ * @param bool $writing
* @return Status
*/
- public function fetchUser( $username ) {
+ public function fetchUser( $username, $writing ) {
$parts = explode( $this->getConfig()->get( 'UserrightsInterwikiDelimiter' ), $username );
if ( count( $parts ) < 2 ) {
$name = trim( $username );
if ( $database == wfWikiID() ) {
$database = '';
} else {
- if ( !$this->getUser()->isAllowed( 'userrights-interwiki' ) ) {
+ if ( $writing && !$this->getUser()->isAllowed( 'userrights-interwiki' ) ) {
return Status::newFatal( 'userrights-no-interwiki' );
}
if ( !UserRightsProxy::validDatabase( $database ) ) {
)
) . ' ' .
Xml::submitButton(
- $this->msg(
- 'editusergroup',
- $this->mFetchedUser === null ? '[]' : $this->mFetchedUser->getName()
- )->text()
+ $this->msg( 'editusergroup' )->text()
) .
Html::closeElement( 'fieldset' ) .
Html::closeElement( 'form' ) . "\n"
Linker::TOOL_LINKS_EMAIL /* Add "send e-mail" link */
);
+ list( $groupCheckboxes, $canChangeAny ) = $this->groupCheckboxes( $groups, $user );
$this->getOutput()->addHTML(
Xml::openElement(
'form',
$this->msg( 'userrights-editusergroup', $user->getName() )->text()
) .
$this->msg( 'editinguser' )->params( wfEscapeWikiText( $user->getName() ) )
- ->rawParams( $userToolLinks )->parse() .
- $this->msg( 'userrights-groups-help', $user->getName() )->parse() .
- $grouplist .
- $this->groupCheckboxes( $groups, $user ) .
- Xml::openElement( 'table', [ 'id' => 'mw-userrights-table-outer' ] ) .
- "<tr>
- <td class='mw-label'>" .
- Xml::label( $this->msg( 'userrights-reason' )->text(), 'wpReason' ) .
- "</td>
- <td class='mw-input'>" .
- Xml::input( 'user-reason', 60, $this->getRequest()->getVal( 'user-reason', false ),
- [ 'id' => 'wpReason', 'maxlength' => 255 ] ) .
- "</td>
- </tr>
- <tr>
- <td></td>
- <td class='mw-submit'>" .
- Xml::submitButton( $this->msg( 'saveusergroups', $user->getName() )->text(),
- [ 'name' => 'saveusergroups' ] +
- Linker::tooltipAndAccesskeyAttribs( 'userrights-set' )
- ) .
- "</td>
- </tr>" .
- Xml::closeElement( 'table' ) . "\n" .
+ ->rawParams( $userToolLinks )->parse()
+ );
+ if ( $canChangeAny ) {
+ $this->getOutput()->addHTML(
+ $this->msg( 'userrights-groups-help', $user->getName() )->parse() .
+ $grouplist .
+ $groupCheckboxes .
+ Xml::openElement( 'table', [ 'id' => 'mw-userrights-table-outer' ] ) .
+ "<tr>
+ <td class='mw-label'>" .
+ Xml::label( $this->msg( 'userrights-reason' )->text(), 'wpReason' ) .
+ "</td>
+ <td class='mw-input'>" .
+ Xml::input( 'user-reason', 60, $this->getRequest()->getVal( 'user-reason', false ),
+ [ 'id' => 'wpReason', 'maxlength' => 255 ] ) .
+ "</td>
+ </tr>
+ <tr>
+ <td></td>
+ <td class='mw-submit'>" .
+ Xml::submitButton( $this->msg( 'saveusergroups', $user->getName() )->text(),
+ [ 'name' => 'saveusergroups' ] +
+ Linker::tooltipAndAccesskeyAttribs( 'userrights-set' )
+ ) .
+ "</td>
+ </tr>" .
+ Xml::closeElement( 'table' ) . "\n"
+ );
+ } else {
+ $this->getOutput()->addHTML( $grouplist );
+ }
+ $this->getOutput()->addHTML(
Xml::closeElement( 'fieldset' ) .
Xml::closeElement( 'form' ) . "\n"
);
* @todo Just pass the username string?
* @param array $usergroups Groups the user belongs to
* @param User $user
- * @return string XHTML table element with checkboxes
+ * @return Array with 2 elements: the XHTML table element with checkxboes, and
+ * whether any groups are changeable
*/
private function groupCheckboxes( $usergroups, $user ) {
$allgroups = $this->getAllGroups();
}
$ret .= Xml::closeElement( 'tr' ) . Xml::closeElement( 'table' );
- return $ret;
+ return [ $ret, (bool)$columns['changeable'] ];
}
/**
* @return bool Can we remove the group?
*/
private function canRemove( $group ) {
- // $this->changeableGroups()['remove'] doesn't work, of course. Thanks, PHP.
$groups = $this->changeableGroups();
return in_array(
return 'users';
}
}
+