X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Flogging%2FLogEventsList.php;h=e66bd69cd50c8b76d40586856f7bc8aad007ed0b;hb=d2f799f103d0b576e2e5b1764df449ec3016d3c4;hp=3fd52af01b86b6a543c522cbcf39500edb103938;hpb=54a8b9a14f42b063a143a981067ba564860ec556;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/logging/LogEventsList.php b/includes/logging/LogEventsList.php
index 3fd52af01b..2e7f065bf1 100644
--- a/includes/logging/LogEventsList.php
+++ b/includes/logging/LogEventsList.php
@@ -36,6 +36,7 @@ class LogEventsList extends ContextSource {
 
 	/**
 	 * @var array
+	 * @deprecated since 1.34, no longer used.
 	 */
 	protected $mDefaultQuery;
 
@@ -220,21 +221,6 @@ class LogEventsList extends ContextSource {
 		];
 	}
 
-	private function getDefaultQuery() {
-		if ( !isset( $this->mDefaultQuery ) ) {
-			$this->mDefaultQuery = $this->getRequest()->getQueryValues();
-			unset( $this->mDefaultQuery['title'] );
-			unset( $this->mDefaultQuery['dir'] );
-			unset( $this->mDefaultQuery['offset'] );
-			unset( $this->mDefaultQuery['limit'] );
-			unset( $this->mDefaultQuery['order'] );
-			unset( $this->mDefaultQuery['month'] );
-			unset( $this->mDefaultQuery['year'] );
-		}
-
-		return $this->mDefaultQuery;
-	}
-
 	/**
 	 * @param array $queryTypes
 	 * @return array Form descriptor
@@ -247,7 +233,10 @@ class LogEventsList extends ContextSource {
 		foreach ( LogPage::validTypes() as $type ) {
 			$page = new LogPage( $type );
 			$restriction = $page->getRestriction();
-			if ( $this->getUser()->isAllowed( $restriction ) ) {
+			if ( MediaWikiServices::getInstance()
+				->getPermissionManager()
+				->userHasRight( $this->getUser(), $restriction )
+			) {
 				$typesByName[$type] = $page->getName()->text();
 			}
 		}
@@ -464,11 +453,12 @@ class LogEventsList extends ContextSource {
 		}
 
 		$del = '';
+		$permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
 		// Don't show useless checkbox to people who cannot hide log entries
-		if ( $user->isAllowed( 'deletedhistory' ) ) {
-			$canHide = $user->isAllowed( 'deletelogentry' );
-			$canViewSuppressedOnly = $user->isAllowed( 'viewsuppressed' ) &&
-				!$user->isAllowed( 'suppressrevision' );
+		if ( $permissionManager->userHasRight( $user, 'deletedhistory' ) ) {
+			$canHide = $permissionManager->userHasRight( $user, 'deletelogentry' );
+			$canViewSuppressedOnly = $permissionManager->userHasRight( $user, 'viewsuppressed' ) &&
+				!$permissionManager->userHasRight( $user, 'suppressrevision' );
 			$entryIsSuppressed = self::isDeleted( $row, LogPage::DELETED_RESTRICTED );
 			$canViewThisSuppressedEntry = $canViewSuppressedOnly && $entryIsSuppressed;
 			if ( $row->log_deleted || $canHide ) {
@@ -522,7 +512,9 @@ class LogEventsList extends ContextSource {
 				in_array( $row->log_action, $action ) : $row->log_action == $action;
 			if ( $match && $right ) {
 				global $wgUser;
-				$match = $wgUser->isAllowed( $right );
+				$match = MediaWikiServices::getInstance()
+					->getPermissionManager()
+					->userHasRight( $wgUser, $right );
 			}
 		}
 
@@ -531,7 +523,7 @@ class LogEventsList extends ContextSource {
 
 	/**
 	 * Determine if the current user is allowed to view a particular
-	 * field of this log row, if it's marked as deleted.
+	 * field of this log row, if it's marked as deleted and/or restricted log type.
 	 *
 	 * @param stdClass $row
 	 * @param int $field
@@ -539,7 +531,8 @@ class LogEventsList extends ContextSource {
 	 * @return bool
 	 */
 	public static function userCan( $row, $field, User $user = null ) {
-		return self::userCanBitfield( $row->log_deleted, $field, $user );
+		return self::userCanBitfield( $row->log_deleted, $field, $user ) &&
+			self::userCanViewLogType( $row->log_type, $user );
 	}
 
 	/**
@@ -564,7 +557,32 @@ class LogEventsList extends ContextSource {
 			}
 			$permissionlist = implode( ', ', $permissions );
 			wfDebug( "Checking for $permissionlist due to $field match on $bitfield\n" );
-			return $user->isAllowedAny( ...$permissions );
+			return MediaWikiServices::getInstance()
+				->getPermissionManager()
+				->userHasAnyRight( $user, ...$permissions );
+		}
+		return true;
+	}
+
+	/**
+	 * Determine if the current user is allowed to view a particular
+	 * field of this log row, if it's marked as restricted log type.
+	 *
+	 * @param stdClass $type
+	 * @param User|null $user User to check, or null to use $wgUser
+	 * @return bool
+	 */
+	public static function userCanViewLogType( $type, User $user = null ) {
+		if ( $user === null ) {
+			global $wgUser;
+			$user = $wgUser;
+		}
+		$logRestrictions = MediaWikiServices::getInstance()->getMainConfig()->get( 'LogRestrictions' );
+		if ( isset( $logRestrictions[$type] ) && !MediaWikiServices::getInstance()
+				->getPermissionManager()
+				->userHasRight( $user, $logRestrictions[$type] )
+		) {
+			return false;
 		}
 		return true;
 	}
@@ -774,7 +792,10 @@ class LogEventsList extends ContextSource {
 
 		// Don't show private logs to unprivileged users
 		foreach ( $wgLogRestrictions as $logType => $right ) {
-			if ( $audience == 'public' || !$user->isAllowed( $right ) ) {
+			if ( $audience == 'public' || !MediaWikiServices::getInstance()
+					->getPermissionManager()
+					->userHasRight( $user, $right )
+			) {
 				$hiddenLogs[] = $logType;
 			}
 		}