* @file
* @ingroup Upload
*/
+
+use MediaWiki\MediaWikiServices;
use MediaWiki\Shell\Shell;
+use MediaWiki\User\UserIdentity;
/**
* @defgroup Upload Upload related
* identifying the missing permission.
* Can be overridden by subclasses.
*
- * @param User $user
+ * @param UserIdentity $user
* @return bool|string
*/
- public static function isAllowed( $user ) {
+ public static function isAllowed( UserIdentity $user ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
foreach ( [ 'upload', 'edit' ] as $permission ) {
- if ( !$user->isAllowed( $permission ) ) {
+ if ( !$permissionManager->userHasRight( $user, $permission ) ) {
return $permission;
}
}
return $warnings;
}
+ /**
+ * Convert the warnings array returned by checkWarnings() to something that
+ * can be serialized. File objects will be converted to an associative array
+ * with the following keys:
+ *
+ * - fileName: The name of the file
+ * - timestamp: The upload timestamp
+ *
+ * @param mixed[] $warnings
+ * @return mixed[]
+ */
+ public static function makeWarningsSerializable( $warnings ) {
+ array_walk_recursive( $warnings, function ( &$param, $key ) {
+ if ( $param instanceof File ) {
+ $param = [
+ 'fileName' => $param->getName(),
+ 'timestamp' => $param->getTimestamp()
+ ];
+ } elseif ( is_object( $param ) ) {
+ throw new InvalidArgumentException(
+ 'UploadBase::makeWarningsSerializable: ' .
+ 'Unexpected object of class ' . get_class( $param ) );
+ }
+ } );
+ return $warnings;
+ }
+
/**
* Check whether the resulting filename is different from the desired one,
* but ignore things like ucfirst() and spaces/underscore things
* Check a block of CSS or CSS fragment for anything that looks like
* it is bringing in remote code.
* @param string $value a string of CSS
- * @param bool $propOnly only check css properties (start regex with :)
* @return bool true if the CSS contains an illegal string, false if otherwise
*/
private static function checkCssFragment( $value ) {
* wfFindFile finds a file, it exists in a shared repository.
*/
$file = wfFindFile( $this->getTitle(), [ 'latest' => true ] );
- if ( $file && !$user->isAllowed( 'reupload-shared' ) ) {
+ if ( $file && !MediaWikiServices::getInstance()
+ ->getPermissionManager()
+ ->userHasRight( $user, 'reupload-shared' )
+ ) {
return [ 'fileexists-shared-forbidden', $file->getName() ];
}
* @return bool
*/
public static function userCanReUpload( User $user, File $img ) {
- if ( $user->isAllowed( 'reupload' ) ) {
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( $permissionManager->userHasRight( $user, 'reupload' ) ) {
return true; // non-conditional
- } elseif ( !$user->isAllowed( 'reupload-own' ) ) {
+ } elseif ( !$permissionManager->userHasRight( $user, 'reupload-own' ) ) {
return false;
}