X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=thumb.php;h=4e5c2134d3111e9bb092bc5e6c4783490651f112;hp=cf9bd2cdfeae0010ea89bb2e6baa59036dacff6e;hb=54626e5ce172ea469942b01e0ea73f34fb5de07a;hpb=277293d2ca021f396777f64ddb63f76cd95df491

diff --git a/thumb.php b/thumb.php
index cf9bd2cdfe..4e5c2134d3 100644
--- a/thumb.php
+++ b/thumb.php
@@ -155,7 +155,11 @@ function wfStreamThumb( array $params ) {
 	// Check permissions if there are read restrictions
 	$varyHeader = [];
 	if ( !in_array( 'read', User::getGroupPermissions( [ '*' ] ), true ) ) {
-		if ( !$img->getTitle() || !$img->getTitle()->userCan( 'read' ) ) {
+		$user = RequestContext::getMain()->getUser();
+		$permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+		$imgTitle = $img->getTitle();
+
+		if ( !$imgTitle || !$permissionManager->userCan( 'read', $user, $imgTitle ) ) {
 			wfThumbError( 403, 'Access denied. You do not have permission to access ' .
 				'the source file.' );
 			return;