dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d2d12dc) | patch
SECURITY: Make $wgBlockDisablesLogin also restrict logged in permissions
authorBrian Wolff <bawolff+wn@gmail.com>
Wed, 29 Jun 2016 14:45:25 +0000 (10:45 -0400)
committerChad Horohoe <chadh@wikimedia.org>
Tue, 23 Aug 2016 01:41:01 +0000 (18:41 -0700)
commitb675be20835d911a35ff9e6ce859095246b469c5
tree4bc025eddadc8e57193a4ec9ae63f79691bdbee9tree | snapshot
parentd2d12dc5785ea3ce7e2a8f1ead410cd866a17be7commit | diff
SECURITY: Make $wgBlockDisablesLogin also restrict logged in permissions

Does both Title and user related methods, so it catches things that only
call $wgUser->isAllowed( 'read' ), as well as giving a nicer error message
for things that use $title->userCan().

Otherwise, the user can still do stuff and read pages if they have an
ongoing session.

Issue reported by Multichill

Bug: T129738
Change-Id: Ic929a385fa81c27cbc6ac3a0862f51190d3ae993
includes/Block.php diff | blob | history
includes/Title.php diff | blob | history
includes/user/User.php diff | blob | history
Wiklou, le Wiki du Wiklou