$isself = $this->getUser()->equals( $targetUser );
$available = $this->changeableGroups();
- if ( $targetUser->getId() == 0 ) {
+ if ( $targetUser->getId() === 0 ) {
return false;
}
- return !empty( $available['add'] )
- || !empty( $available['remove'] )
- || ( ( $isself || !$checkIfSelf ) &&
- ( !empty( $available['add-self'] )
- || !empty( $available['remove-self'] ) ) );
+ if ( $available['add'] || $available['remove'] ) {
+ // can change some rights for any user
+ return true;
+ }
+
+ if ( ( $available['add-self'] || $available['remove-self'] )
+ && ( $isself || !$checkIfSelf )
+ ) {
+ // can change some rights for self
+ return true;
+ }
+
+ return false;
}
/**
$user->matchEditToken( $request->getVal( 'wpEditToken' ), $this->mTarget )
) {
/*
- * If the user is blocked and they only have "partial" access
- * (e.g. they don't have the userrights permission), then don't
- * allow them to change any user rights.
- */
- if ( $user->isBlocked() && !$user->isAllowed( 'userrights' ) ) {
- throw new UserBlockedError( $user->getBlock() );
+ * If the user is blocked and they only have "partial" access
+ * (e.g. they don't have the userrights permission), then don't
+ * allow them to change any user rights.
+ */
+ if ( !$user->isAllowed( 'userrights' ) ) {
+ // @TODO Should the user be blocked from changing user rights if they
+ // are partially blocked?
+ $block = $user->getBlock();
+ if ( $block ) {
+ throw new UserBlockedError( $user->getBlock() );
+ }
}
$this->checkReadOnly();
// update groups in external authentication database
Hooks::run( 'UserGroupsChanged', [ $user, $add, $remove, $this->getUser(),
$reason, $oldUGMs, $newUGMs ] );
- MediaWiki\Auth\AuthManager::callLegacyAuthPlugin(
- 'updateExternalDBGroups', [ $user, $add, $remove ]
- );
wfDebug( 'oldGroups: ' . print_r( $oldGroups, true ) . "\n" );
wfDebug( 'newGroups: ' . print_r( $newGroups, true ) . "\n" );