Revert "SECURITY: Do not show log action if revdeleted" and fix UI message

[lhc/web/wiklou.git] / includes / api / ApiQueryLogEvents.php

diff --git a/includes/api/ApiQueryLogEvents.php b/includes/api/ApiQueryLogEvents.php
index 5f9fae4..7d79680 100644 (file)
--- a/includes/api/ApiQueryLogEvents.php
+++ b/includes/api/ApiQueryLogEvents.php
@@ -36,7 +36,7 @@ class ApiQueryLogEvents extends ApiQueryBase {
        }
 
        private $fld_ids = false, $fld_title = false, $fld_type = false,
-               $fld_action = false, $fld_user = false, $fld_userid = false,
+               $fld_user = false, $fld_userid = false,
                $fld_timestamp = false, $fld_comment = false, $fld_parsedcomment = false,
                $fld_details = false, $fld_tags = false;
 
@@ -50,7 +50,6 @@ class ApiQueryLogEvents extends ApiQueryBase {
                $this->fld_ids = isset( $prop['ids'] );
                $this->fld_title = isset( $prop['title'] );
                $this->fld_type = isset( $prop['type'] );
-               $this->fld_action = isset( $prop['action'] );
                $this->fld_user = isset( $prop['user'] );
                $this->fld_userid = isset( $prop['userid'] );
                $this->fld_timestamp = isset( $prop['timestamp'] );
@@ -200,8 +199,7 @@ class ApiQueryLogEvents extends ApiQueryBase {
                }
 
                // Paranoia: avoid brute force searches (bug 17342)
-               $hideActions = $params['namespace'] !== null || !is_null( $title ) || !is_null( $params['action'] );
-               if ( $hideActions || !is_null( $user ) ) {
+               if ( $params['namespace'] !== null || !is_null( $title ) || !is_null( $user ) ) {
                        if ( !$this->getUser()->isAllowed( 'deletedhistory' ) ) {
                                $titleBits = LogPage::DELETED_ACTION;
                                $userBits = LogPage::DELETED_USER;
@@ -212,7 +210,7 @@ class ApiQueryLogEvents extends ApiQueryBase {
                                $titleBits = 0;
                                $userBits = 0;
                        }
-                       if ( $hideActions && $titleBits ) {
+                       if ( ( $params['namespace'] !== null || !is_null( $title ) ) && $titleBits ) {
                                $this->addWhere( $db->bitAnd( 'log_deleted', $titleBits ) . " != $titleBits" );
                        }
                        if ( !is_null( $user ) && $userBits ) {
@@ -373,18 +371,12 @@ class ApiQueryLogEvents extends ApiQueryBase {
                        $title = Title::makeTitle( $row->log_namespace, $row->log_title );
                }
 
-               if ( $this->fld_title || $this->fld_ids || $this->fld_type
-                       || $this->fld_details && $row->log_params !== ''
-               ) {
+               if ( $this->fld_title || $this->fld_ids || $this->fld_details && $row->log_params !== '' ) {
                        if ( LogEventsList::isDeleted( $row, LogPage::DELETED_ACTION ) ) {
                                $vals['actionhidden'] = '';
                                $anyHidden = true;
                        }
                        if ( LogEventsList::userCan( $row, LogPage::DELETED_ACTION, $user ) ) {
-
-                               if ( $this->fld_type ) {
-                                       $vals['action'] = $row->log_action;
-                               }
                                if ( $this->fld_title ) {
                                        ApiQueryBase::addTitleInfo( $vals, $title );
                                }
@@ -408,6 +400,7 @@ class ApiQueryLogEvents extends ApiQueryBase {
 
                if ( $this->fld_type ) {
                        $vals['type'] = $row->log_type;
+                       $vals['action'] = $row->log_action;
                }
 
                if ( $this->fld_user || $this->fld_userid ) {