AuthManager: Always whitelist some special pages

Special:UserLogout should be whitelisted, if Special:UserLogin is whitelisted,
as otherwise the user is able to login, but not able to logout anymore (given,
that the sys-admin hasn't change the $wgWhitelistRead config variable).

Special:ChangePassword redirects to Special:ChangeCredentials. Instead of
adding this special page, it should be done explicitly in the
wiki configuration (LocalSettings.php). For this reason, the whitelist is
removed, too.

Change-Id: I271efb517bf0ec0022e6fe29673570ca08e8fe1a

diff --git a/includes/Title.php b/includes/Title.php
index ea42768..ed445cc 100644 (file)
--- a/includes/Title.php
+++ b/includes/Title.php
@@ -2319,8 +2319,8 @@ class Title implements LinkTarget {
                        # If the user is allowed to read pages, he is allowed to read all pages
                        $whitelisted = true;
                } elseif ( $this->isSpecial( 'Userlogin' )
-                       || $this->isSpecial( 'ChangePassword' )
                        || $this->isSpecial( 'PasswordReset' )
+                       || $this->isSpecial( 'Userlogout' )
                ) {
                        # Always grant access to the login page.
                        # Even anons need to be able to log in.