* @file
* @ingroup Upload
*/
+
+use MediaWiki\MediaWikiServices;
use MediaWiki\Shell\Shell;
+use MediaWiki\User\UserIdentity;
/**
* @defgroup Upload Upload related
* identifying the missing permission.
* Can be overridden by subclasses.
*
- * @param User $user
+ * @param UserIdentity $user
* @return bool|string
*/
- public static function isAllowed( $user ) {
+ public static function isAllowed( UserIdentity $user ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
foreach ( [ 'upload', 'edit' ] as $permission ) {
- if ( !$user->isAllowed( $permission ) ) {
+ if ( !$permissionManager->userHasRight( $user, $permission ) ) {
return $permission;
}
}
return $result;
}
- $error = '';
- if ( !Hooks::run( 'UploadVerification',
- [ $this->mDestName, $this->mTempPath, &$error ], '1.28' )
- ) {
- return [ 'status' => self::HOOK_ABORTED, 'error' => $error ];
- }
-
return [ 'status' => self::OK ];
}
return $warnings;
}
+ /**
+ * Convert the warnings array returned by checkWarnings() to something that
+ * can be serialized. File objects will be converted to an associative array
+ * with the following keys:
+ *
+ * - fileName: The name of the file
+ * - timestamp: The upload timestamp
+ *
+ * @param mixed[] $warnings
+ * @return mixed[]
+ */
+ public static function makeWarningsSerializable( $warnings ) {
+ array_walk_recursive( $warnings, function ( &$param, $key ) {
+ if ( $param instanceof File ) {
+ $param = [
+ 'fileName' => $param->getName(),
+ 'timestamp' => $param->getTimestamp()
+ ];
+ } elseif ( is_object( $param ) ) {
+ throw new InvalidArgumentException(
+ 'UploadBase::makeWarningsSerializable: ' .
+ 'Unexpected object of class ' . get_class( $param ) );
+ }
+ } );
+ return $warnings;
+ }
+
/**
* Check whether the resulting filename is different from the desired one,
* but ignore things like ucfirst() and spaces/underscore things
* @throws UploadStashNotLoggedInException
*/
public function stashFile( User $user = null ) {
+ wfDeprecated( __METHOD__, '1.28' );
+
return $this->doStashFile( $user );
}
return $file;
}
- /**
- * Stash a file in a temporary directory, returning a key which can be used
- * to find the file again. See stashFile().
- *
- * @deprecated since 1.28
- * @return string File key
- */
- public function stashFileGetKey() {
- wfDeprecated( __METHOD__, '1.28' );
- return $this->doStashFile()->getFileKey();
- }
-
- /**
- * alias for stashFileGetKey, for backwards compatibility
- *
- * @deprecated since 1.28
- * @return string File key
- */
- public function stashSession() {
- wfDeprecated( __METHOD__, '1.28' );
- return $this->doStashFile()->getFileKey();
- }
-
/**
* If we've modified the upload file we need to manually remove it
* on exit to clean up.
$enc = null;
}
- if ( $enc ) {
+ if ( $enc !== null ) {
$chunk = iconv( $enc, "ASCII//IGNORE", $chunk );
}
* Check a block of CSS or CSS fragment for anything that looks like
* it is bringing in remote code.
* @param string $value a string of CSS
- * @param bool $propOnly only check css properties (start regex with :)
* @return bool true if the CSS contains an illegal string, false if otherwise
*/
private static function checkCssFragment( $value ) {
* wfFindFile finds a file, it exists in a shared repository.
*/
$file = wfFindFile( $this->getTitle(), [ 'latest' => true ] );
- if ( $file && !$user->isAllowed( 'reupload-shared' ) ) {
+ if ( $file && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'reupload-shared' )
+ ) {
return [ 'fileexists-shared-forbidden', $file->getName() ];
}
* @return bool
*/
public static function userCanReUpload( User $user, File $img ) {
- if ( $user->isAllowed( 'reupload' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( $permissionManager->userHasRight( $user, 'reupload' ) ) {
return true; // non-conditional
- } elseif ( !$user->isAllowed( 'reupload-own' ) ) {
+ } elseif ( !$permissionManager->userHasRight( $user, 'reupload-own' ) ) {
return false;
}
dépôts / lhc / web / wiklou.git / blobdiff