Replace User::isAllowed with PermissionManager.

[lhc/web/wiklou.git] / includes / api / ApiQueryRevisions.php

diff --git a/includes/api/ApiQueryRevisions.php b/includes/api/ApiQueryRevisions.php
index 7e46c1a..3a06e36 100644 (file)
--- a/includes/api/ApiQueryRevisions.php
+++ b/includes/api/ApiQueryRevisions.php
@@ -76,7 +76,8 @@ class ApiQueryRevisions extends ApiQueryRevisionsBase {
         */
        public static function getRollbackToken( $pageid, $title, $rev ) {
                global $wgUser;
-               if ( !$wgUser->isAllowed( 'rollback' ) ) {
+               if ( !MediaWikiServices::getInstance()->getPermissionManager()
+                               ->userHasRight( $wgUser, 'rollback' ) ) {
                        return false;
                }
 
@@ -114,7 +115,7 @@ class ApiQueryRevisions extends ApiQueryRevisionsBase {
 
                if ( $revCount > 0 && $enumRevMode ) {
                        $this->dieWithError(
-                               [ 'apierror-revisions-nolist', $this->getModulePrefix() ], 'invalidparammix'
+                               [ 'apierror-revisions-norevids', $this->getModulePrefix() ], 'invalidparammix'
                        );
                }
 
@@ -153,9 +154,6 @@ class ApiQueryRevisions extends ApiQueryRevisionsBase {
                        if ( $this->token !== null || $pageCount > 0 ) {
                                $opts[] = 'page';
                        }
-                       if ( $this->fetchContent ) {
-                               $opts[] = 'text';
-                       }
                        if ( $this->fld_user ) {
                                $opts[] = 'user';
                        }
@@ -204,11 +202,12 @@ class ApiQueryRevisions extends ApiQueryRevisionsBase {
 
                if ( $resultPageSet === null && $this->fetchContent ) {
                        // For each page we will request, the user must have read rights for that page
-                       $user = $this->getUser();
                        $status = Status::newGood();
+                       $user = $this->getUser();
+
                        /** @var Title $title */
                        foreach ( $pageSet->getGoodTitles() as $title ) {
-                               if ( !$title->userCan( 'read', $user ) ) {
+                               if ( !$this->getPermissionManager()->userCan( 'read', $user, $title ) ) {
                                        $status->fatal( ApiMessage::create(
                                                [ 'apierror-cannotviewtitle', wfEscapeWikiText( $title->getPrefixedText() ) ],
                                                'accessdenied'
@@ -334,7 +333,7 @@ class ApiQueryRevisions extends ApiQueryRevisionsBase {
                        }
                        if ( $params['user'] !== null || $params['excludeuser'] !== null ) {
                                // Paranoia: avoid brute force searches (T19342)
-                               if ( !$this->getUser()->isAllowed( 'deletedhistory' ) ) {
+                               if ( !$this->getPermissionManager()->userHasRight( $this->getUser(), 'deletedhistory' ) ) {
                                        $bitmask = RevisionRecord::DELETED_USER;
                                } elseif ( !$this->getUser()->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
                                        $bitmask = RevisionRecord::DELETED_USER | RevisionRecord::DELETED_RESTRICTED;
@@ -392,6 +391,10 @@ class ApiQueryRevisions extends ApiQueryRevisionsBase {
 
                $this->addOption( 'LIMIT', $this->limit + 1 );
 
+               // T224017: `rev_timestamp` is never the correct index to use for this module, but
+               // MariaDB (10.1.37-39) sometimes insists on trying to use it anyway. Tell it not to.
+               $this->addOption( 'IGNORE INDEX', [ 'revision' => 'rev_timestamp' ] );
+
                $count = 0;
                $generated = [];
                $hookData = [];