/**
* @todo document, briefly.
- * @addtogroup SpecialPage
*/
class ProtectionForm {
var $mRestrictions = array();
} else if ( strlen($this->mTitle->mRestrictionsExpiry) == 0 ) {
$this->mExpiry = '';
} else {
- $this->mExpiry = wfTimestamp( TS_RFC2822, $this->mTitle->mRestrictionsExpiry );
+ // FIXME: this format is not user friendly
+ $this->mExpiry = wfTimestamp( TS_ISO_8601, $this->mTitle->mRestrictionsExpiry );
}
}
foreach( $this->mApplicableTypes as $action ) {
$val = $wgRequest->getVal( "mwProtect-level-$action" );
if( isset( $val ) && in_array( $val, $wgRestrictionLevels ) ) {
+ //prevent users from setting levels that they cannot later unset
+ if( $val == 'sysop' ) {
+ //special case, rewrite sysop to either protect and editprotected
+ if( !$wgUser->isAllowed('protect') && !$wgUser->isAllowed('editprotected') )
+ continue;
+ } else {
+ if( !$wgUser->isAllowed($val) )
+ continue;
+ }
$this->mRestrictions[$action] = $val;
}
}
return false;
}
+ // Fixme: non-qualified absolute times are not in users specified timezone
+ // and there isn't notice about it in the ui
$expiry = wfTimestamp( TS_MW, $expiry );
if ( $expiry < wfTimestampNow() ) {
Xml::openElement( 'table', array( 'id' => 'mw-protect-table2' ) ) .
Xml::openElement( 'tbody' );
- global $wgEnableCascadingProtection;
- if( $wgEnableCascadingProtection && $this->mTitle->exists() ) {
+ if( $this->mTitle->exists() ) {
$out .= '<tr>
<td></td>
<td class="mw-input">' .
}
function buildSelector( $action, $selected ) {
- global $wgRestrictionLevels;
+ global $wgRestrictionLevels, $wgUser;
$id = 'mwProtect-level-' . $action;
$attribs = array(
'id' => $id,
$out = Xml::openElement( 'select', $attribs );
foreach( $wgRestrictionLevels as $key ) {
+ //don't let them choose levels above their own (aka so they can still unprotect and edit the page). but only when the form isn't disabled
+ if( $key == 'sysop' ) {
+ //special case, rewrite sysop to protect and editprotected
+ if( !$wgUser->isAllowed('protect') && !$wgUser->isAllowed('editprotected') && $this->disabled )
+ continue;
+ } else {
+ if( !$wgUser->isAllowed($key) && !$this->disabled )
+ continue;
+ }
$out .= Xml::option( $this->getOptionLabel( $key ), $key, $key == $selected );
}
$out .= Xml::closeElement( 'select' );