Merge "Let Html::element do the HTML encoding"

[lhc/web/wiklou.git] / includes / api / ApiQueryDeletedrevs.php

diff --git a/includes/api/ApiQueryDeletedrevs.php b/includes/api/ApiQueryDeletedrevs.php
index a6366f2..1af4d95 100644 (file)
--- a/includes/api/ApiQueryDeletedrevs.php
+++ b/includes/api/ApiQueryDeletedrevs.php
@@ -67,7 +67,7 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
                }
 
                // If user can't undelete, no tokens
-               if ( !$user->isAllowed( 'undelete' ) ) {
+               if ( !$this->getPermissionManager()->userHasRight( $user, 'undelete' ) ) {
                        $fld_token = false;
                }
 
@@ -197,9 +197,11 @@ class ApiQueryDeletedrevs extends ApiQueryBase {
                        // Paranoia: avoid brute force searches (T19342)
                        // (shouldn't be able to get here without 'deletedhistory', but
                        // check it again just in case)
-                       if ( !$user->isAllowed( 'deletedhistory' ) ) {
+                       if ( !$this->getPermissionManager()->userHasRight( $user, 'deletedhistory' ) ) {
                                $bitmask = RevisionRecord::DELETED_USER;
-                       } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
+                       } elseif ( !$this->getPermissionManager()
+                               ->userHasAnyRight( $user, 'suppressrevision', 'viewsuppressed' )
+                       ) {
                                $bitmask = RevisionRecord::DELETED_USER | RevisionRecord::DELETED_RESTRICTED;
                        } else {
                                $bitmask = 0;