X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fapi%2FApiParse.php;h=0cad5dee9ce0e79a2c4fda5070551cbd171325bc;hb=7c49c10d802445aa775a43144158ce867ebb9274;hp=35fad4a47496eb84e199cdf2b0f8def1bec9a53c;hpb=b79a28c4ce13940d1a3fb7af08d5ced80d64e59c;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/api/ApiParse.php b/includes/api/ApiParse.php
index 35fad4a474..0cad5dee9c 100644
--- a/includes/api/ApiParse.php
+++ b/includes/api/ApiParse.php
@@ -36,6 +36,12 @@ class ApiParse extends ApiBase {
 	/** @var Content $pstContent */
 	private $pstContent = null;
 
+	private function checkReadPermissions( Title $title ) {
+		if ( !$title->userCan( 'read', $this->getUser() ) ) {
+			$this->dieUsage( "You don't have permission to view this page", 'permissiondenied' );
+		}
+	}
+
 	public function execute() {
 		// The data is hot but user-dependent, like page views, so we set vary cookies
 		$this->getMain()->setCacheMode( 'anon-public-user-private' );
@@ -102,6 +108,8 @@ class ApiParse extends ApiBase {
 				if ( !$rev ) {
 					$this->dieUsage( "There is no revision ID $oldid", 'missingrev' );
 				}
+
+				$this->checkReadPermissions( $rev->getTitle() );
 				if ( !$rev->userCan( Revision::DELETED_TEXT, $this->getUser() ) ) {
 					$this->dieUsage( "You don't have permission to view deleted revisions", 'permissiondenied' );
 				}
@@ -161,6 +169,8 @@ class ApiParse extends ApiBase {
 				if ( !$titleObj || !$titleObj->exists() ) {
 					$this->dieUsage( "The page you specified doesn't exist", 'missingtitle' );
 				}
+
+				$this->checkReadPermissions( $titleObj );
 				$wgTitle = $titleObj;
 
 				if ( isset( $prop['revid'] ) ) {
@@ -631,6 +641,8 @@ class ApiParse extends ApiBase {
 			$hiddencats[$row->page_title] = isset( $row->pp_propname );
 		}
 
+		$linkCache = LinkCache::singleton();
+
 		foreach ( $links as $link => $sortkey ) {
 			$entry = [];
 			$entry['sortkey'] = $sortkey;
@@ -638,6 +650,14 @@ class ApiParse extends ApiBase {
 			ApiResult::setContentValue( $entry, 'category', (string)$link );
 			if ( !isset( $hiddencats[$link] ) ) {
 				$entry['missing'] = true;
+
+				// We already know the link doesn't exist in the database, so
+				// tell LinkCache that before calling $title->isKnown().
+				$title = Title::makeTitle( NS_CATEGORY, $link );
+				$linkCache->addBadLinkObj( $title );
+				if ( $title->isKnown() ) {
+					$entry['known'] = true;
+				}
 			} elseif ( $hiddencats[$link] ) {
 				$entry['hidden'] = true;
 			}