Add whether user is elevated to unsafe js load log

author Brian Wolff <bawolff+wn@gmail.com>

Tue, 15 May 2018 04:14:37 +0000 (04:14 +0000)

committer Brian Wolff <bawolff+wn@gmail.com>

Tue, 15 May 2018 04:38:48 +0000 (04:38 +0000)
author Brian Wolff <bawolff+wn@gmail.com>
Tue, 15 May 2018 04:14:37 +0000 (04:14 +0000)
committer Brian Wolff <bawolff+wn@gmail.com>
Tue, 15 May 2018 04:38:48 +0000 (04:38 +0000)
diff --git a/includes/actions/RawAction.php b/includes/actions/RawAction.php

index 159e708..50eb28a 100644 (file)
--- a/includes/actions/RawAction.php
+++ b/includes/actions/RawAction.php
@@ -109,13 +109,16 @@ class RawAction extends FormlessAction {
                         $rootPage = strtok( $title->getText(), '/' );
                         $userFromTitle = User::newFromName( $rootPage, 'usable' );
                         if ( !$userFromTitle || $userFromTitle->getId() === 0 ) {
+                               $elevated = $this->getUser()->isAllowed( 'editinterface' );
+                               $elevatedText = $elevated ? 'by elevated ' : '';
                                 $log = LoggerFactory::getInstance( "security" );
                                 $log->warning(
-                                       "Unsafe JS/CSS/Json load - {user} loaded {title} with {ctype}",
+                                       "Unsafe JS/CSS/Json $elevatedText" . "load - {user} loaded {title} with {ctype}",
                                         [
                                                 'user' => $this->getUser()->getName(),
                                                 'title' => $title->getPrefixedDBKey(),
                                                 'ctype' => $contentType,
+                                               'elevated' => $elevated
                                         ]
                                 );
                                 $msg = wfMessage( 'unregistered-user-config' );
author	Brian Wolff <bawolff+wn@gmail.com>
	Tue, 15 May 2018 04:14:37 +0000 (04:14 +0000)
committer	Brian Wolff <bawolff+wn@gmail.com>
	Tue, 15 May 2018 04:38:48 +0000 (04:38 +0000)