X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Flogging%2FLogEventsList.php;h=66be436da4a67b609ac033ec4c32e46137c49e49;hb=c450243e703ee3098d93c432a3d1f0f4ae1cf85c;hp=3fd52af01b86b6a543c522cbcf39500edb103938;hpb=37f10242d25cd3214ae73ca47fe799cc5bdf8e20;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/logging/LogEventsList.php b/includes/logging/LogEventsList.php
index 3fd52af01b..66be436da4 100644
--- a/includes/logging/LogEventsList.php
+++ b/includes/logging/LogEventsList.php
@@ -531,7 +531,7 @@ class LogEventsList extends ContextSource {
 
 	/**
 	 * Determine if the current user is allowed to view a particular
-	 * field of this log row, if it's marked as deleted.
+	 * field of this log row, if it's marked as deleted and/or restricted log type.
 	 *
 	 * @param stdClass $row
 	 * @param int $field
@@ -539,7 +539,8 @@ class LogEventsList extends ContextSource {
 	 * @return bool
 	 */
 	public static function userCan( $row, $field, User $user = null ) {
-		return self::userCanBitfield( $row->log_deleted, $field, $user );
+		return self::userCanBitfield( $row->log_deleted, $field, $user ) &&
+			self::userCanViewLogType( $row->log_type, $user );
 	}
 
 	/**
@@ -564,7 +565,29 @@ class LogEventsList extends ContextSource {
 			}
 			$permissionlist = implode( ', ', $permissions );
 			wfDebug( "Checking for $permissionlist due to $field match on $bitfield\n" );
-			return $user->isAllowedAny( ...$permissions );
+			return MediaWikiServices::getInstance()
+				->getPermissionManager()
+				->userHasAnyRight( $user, ...$permissions );
+		}
+		return true;
+	}
+
+	/**
+	 * Determine if the current user is allowed to view a particular
+	 * field of this log row, if it's marked as restricted log type.
+	 *
+	 * @param stdClass $type
+	 * @param User|null $user User to check, or null to use $wgUser
+	 * @return bool
+	 */
+	public static function userCanViewLogType( $type, User $user = null ) {
+		if ( $user === null ) {
+			global $wgUser;
+			$user = $wgUser;
+		}
+		$logRestrictions = MediaWikiServices::getInstance()->getMainConfig()->get( 'LogRestrictions' );
+		if ( isset( $logRestrictions[$type] ) && !$user->isAllowed( $logRestrictions[$type] ) ) {
+			return false;
 		}
 		return true;
 	}