X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fapi%2FApiUndelete.php;h=840ef1bc8345353b003e162097c3e9db89ae159a;hb=485f66f1744fea056e20a5bef619989bf1749202;hp=952e0087c8388f2fb2fe2e62aaf64cb3fe6e1a8b;hpb=3d831abcb7a29513ba170095b4afc35112d64829;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/api/ApiUndelete.php b/includes/api/ApiUndelete.php index 952e0087c8..840ef1bc83 100644 --- a/includes/api/ApiUndelete.php +++ b/includes/api/ApiUndelete.php @@ -1,9 +1,5 @@ .@gmail.com" * * This program is free software; you can redistribute it and/or modify @@ -33,7 +29,6 @@ class ApiUndelete extends ApiBase { $this->useTransactionalTimeLimit(); $params = $this->extractRequestParams(); - $this->checkUserRightsAny( 'undelete' ); $user = $this->getUser(); if ( $user->isBlocked() ) { @@ -45,6 +40,10 @@ class ApiUndelete extends ApiBase { $this->dieWithError( [ 'apierror-invalidtitle', wfEscapeWikiText( $params['title'] ) ] ); } + if ( !$titleObj->userCan( 'undelete', $user, 'secure' ) ) { + $this->dieWithError( 'permdenied-undelete' ); + } + // Check if user can add tags if ( !is_null( $params['tags'] ) ) { $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $params['tags'], $user ); @@ -66,7 +65,7 @@ class ApiUndelete extends ApiBase { $pa = new PageArchive( $titleObj, $this->getConfig() ); $retval = $pa->undelete( - ( isset( $params['timestamps'] ) ? $params['timestamps'] : [] ), + ( $params['timestamps'] ?? [] ), $params['reason'], $params['fileids'], false,