X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fapi%2FApiUndelete.php;h=3aa7b608dca7497ff39550ee562d24070bdf000c;hb=fb79f30319b9ad2a7eb0f5f4d1668143ec8f963e;hp=7fda1ea01a400b1d278a25e7993500c10613c9e8;hpb=950b3f960aea995ab7c95b01519866a2a1c923ab;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/api/ApiUndelete.php b/includes/api/ApiUndelete.php
index 7fda1ea01a..3aa7b608dc 100644
--- a/includes/api/ApiUndelete.php
+++ b/includes/api/ApiUndelete.php
@@ -33,7 +33,6 @@ class ApiUndelete extends ApiBase {
 		$this->useTransactionalTimeLimit();
 
 		$params = $this->extractRequestParams();
-		$this->checkUserRightsAny( 'undelete' );
 
 		$user = $this->getUser();
 		if ( $user->isBlocked() ) {
@@ -45,6 +44,10 @@ class ApiUndelete extends ApiBase {
 			$this->dieWithError( [ 'apierror-invalidtitle', wfEscapeWikiText( $params['title'] ) ] );
 		}
 
+		if ( !$titleObj->userCan( 'undelete', $user, 'secure' ) ) {
+			$this->dieWithError( 'permdenied-undelete' );
+		}
+
 		// Check if user can add tags
 		if ( !is_null( $params['tags'] ) ) {
 			$ableToTag = ChangeTags::canAddTagsAccompanyingChange( $params['tags'], $user );
@@ -145,6 +148,6 @@ class ApiUndelete extends ApiBase {
 	}
 
 	public function getHelpUrls() {
-		return 'https://www.mediawiki.org/wiki/API:Undelete';
+		return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Undelete';
 	}
 }