From: Vincent Privat Date: Mon, 9 Sep 2019 20:07:38 +0000 (+0200) Subject: api: Make ApiQuery(All)DeletedRevisions accessible to everyone X-Git-Tag: 1.34.0-rc.0~274^2 X-Git-Url: https://git.heureux-cyclage.org/?a=commitdiff_plain;h=9f58ae9d308d1b2ae4d6be312637db1773504ea5;p=lhc%2Fweb%2Fwiklou.git api: Make ApiQuery(All)DeletedRevisions accessible to everyone Effectively removes the 'deletedhistory' requirement, as this API does not expose more information than the public toolforge database replica. Bug: T232389 Change-Id: I84dc138aa310b601423161d1140891d47f8c64d8 --- diff --git a/RELEASE-NOTES-1.34 b/RELEASE-NOTES-1.34 index 2e220afa3c..47d4d2b7b7 100644 --- a/RELEASE-NOTES-1.34 +++ b/RELEASE-NOTES-1.34 @@ -162,8 +162,8 @@ $wgPasswordPolicy['policies']['default']['PasswordNotInLargeBlacklist'] = false; === Action API changes in 1.34 === * The 'recenteditcount' response property from action=query list=allusers, deprecated in 1.25, has been removed. -* (T60993) action=query list=filearchive no longer requires the 'deletedhistory' - user right. +* (T60993) action=query list=filearchive, list=alldeletedrevisions and + prop=deletedrevisions no longer require the 'deletedhistory' user right. === Action API internal changes in 1.34 === * The exception thrown in ApiModuleManager::getModule has been changed diff --git a/includes/api/ApiQueryAllDeletedRevisions.php b/includes/api/ApiQueryAllDeletedRevisions.php index 7d6d342113..2a499844a4 100644 --- a/includes/api/ApiQueryAllDeletedRevisions.php +++ b/includes/api/ApiQueryAllDeletedRevisions.php @@ -43,9 +43,6 @@ class ApiQueryAllDeletedRevisions extends ApiQueryRevisionsBase { * @return void */ protected function run( ApiPageSet $resultPageSet = null ) { - // Before doing anything at all, let's check permissions - $this->checkUserRightsAny( 'deletedhistory' ); - $user = $this->getUser(); $db = $this->getDB(); $params = $this->extractRequestParams( false ); @@ -144,8 +141,15 @@ class ApiQueryAllDeletedRevisions extends ApiQueryRevisionsBase { } // This means stricter restrictions - if ( $this->fetchContent ) { - $this->checkUserRightsAny( [ 'deletedtext', 'undelete' ] ); + if ( ( $this->fld_comment || $this->fld_parsedcomment ) && + !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) + ) { + $this->dieWithError( 'apierror-cantview-deleted-comment', 'permissiondenied' ); + } + if ( $this->fetchContent && + !$this->getPermissionManager()->userHasAnyRight( $user, 'deletedtext', 'undelete' ) + ) { + $this->dieWithError( 'apierror-cantview-deleted-revision-content', 'permissiondenied' ); } $miser_ns = null; @@ -235,8 +239,6 @@ class ApiQueryAllDeletedRevisions extends ApiQueryRevisionsBase { if ( !is_null( $params['user'] ) || !is_null( $params['excludeuser'] ) ) { // Paranoia: avoid brute force searches (T19342) - // (shouldn't be able to get here without 'deletedhistory', but - // check it again just in case) if ( !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) ) { $bitmask = RevisionRecord::DELETED_USER; } elseif ( !$this->getPermissionManager() diff --git a/includes/api/ApiQueryDeletedRevisions.php b/includes/api/ApiQueryDeletedRevisions.php index fc88499885..12fd20ae59 100644 --- a/includes/api/ApiQueryDeletedRevisions.php +++ b/includes/api/ApiQueryDeletedRevisions.php @@ -40,8 +40,6 @@ class ApiQueryDeletedRevisions extends ApiQueryRevisionsBase { protected function run( ApiPageSet $resultPageSet = null ) { $user = $this->getUser(); - // Before doing anything at all, let's check permissions - $this->checkUserRightsAny( 'deletedhistory' ); $pageSet = $this->getPageSet(); $pageMap = $pageSet->getGoodAndMissingTitlesByNamespace(); @@ -95,8 +93,15 @@ class ApiQueryDeletedRevisions extends ApiQueryRevisionsBase { } // This means stricter restrictions - if ( $this->fetchContent ) { - $this->checkUserRightsAny( [ 'deletedtext', 'undelete' ] ); + if ( ( $this->fld_comment || $this->fld_parsedcomment ) && + !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) + ) { + $this->dieWithError( 'apierror-cantview-deleted-comment', 'permissiondenied' ); + } + if ( $this->fetchContent && + !$this->getPermissionManager()->userHasAnyRight( $user, 'deletedtext', 'undelete' ) + ) { + $this->dieWithError( 'apierror-cantview-deleted-revision-content', 'permissiondenied' ); } $dir = $params['dir']; @@ -130,8 +135,6 @@ class ApiQueryDeletedRevisions extends ApiQueryRevisionsBase { if ( !is_null( $params['user'] ) || !is_null( $params['excludeuser'] ) ) { // Paranoia: avoid brute force searches (T19342) - // (shouldn't be able to get here without 'deletedhistory', but - // check it again just in case) if ( !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) ) { $bitmask = RevisionRecord::DELETED_USER; } elseif ( !$this->getPermissionManager() diff --git a/includes/api/i18n/en.json b/includes/api/i18n/en.json index 35e45f1005..cc5e872cee 100644 --- a/includes/api/i18n/en.json +++ b/includes/api/i18n/en.json @@ -1727,8 +1727,10 @@ "apierror-cantoverwrite-sharedfile": "The target file exists on a shared repository and you do not have permission to override it.", "apierror-cantsend": "You are not logged in, you do not have a confirmed email address, or you are not allowed to send email to other users, so you cannot send email.", "apierror-cantundelete": "Couldn't undelete: the requested revisions may not exist, or may have been undeleted already.", + "apierror-cantview-deleted-comment": "You don't have permission to view deleted comments.", "apierror-cantview-deleted-description": "You don't have permission to view descriptions of deleted files.", "apierror-cantview-deleted-metadata": "You don't have permission to view metadata of deleted files.", + "apierror-cantview-deleted-revision-content": "You don't have permission to view content of deleted revisions.", "apierror-changeauth-norequest": "Failed to create change request.", "apierror-chunk-too-small": "Minimum chunk size is $1 {{PLURAL:$1|byte|bytes}} for non-final chunks.", "apierror-cidrtoobroad": "$1 CIDR ranges broader than /$2 are not accepted.", diff --git a/includes/api/i18n/qqq.json b/includes/api/i18n/qqq.json index e796d25016..b648443729 100644 --- a/includes/api/i18n/qqq.json +++ b/includes/api/i18n/qqq.json @@ -1615,8 +1615,10 @@ "apierror-cantoverwrite-sharedfile": "{{doc-apierror}}", "apierror-cantsend": "{{doc-apierror}}", "apierror-cantundelete": "{{doc-apierror}}", + "apierror-cantview-deleted-comment": "{{doc-apierror}}", "apierror-cantview-deleted-description": "{{doc-apierror}}", "apierror-cantview-deleted-metadata": "{{doc-apierror}}", + "apierror-cantview-deleted-revision-content": "{{doc-apierror}}", "apierror-changeauth-norequest": "{{doc-apierror}}", "apierror-chunk-too-small": "{{doc-apierror}}\n\nParameters:\n* $1 - Minimum size in bytes.", "apierror-cidrtoobroad": "{{doc-apierror}}\n\nParameters:\n* $1 - \"IPv4\" or \"IPv6\"\n* $2 - Minimum CIDR mask length.",