SpecialUndelete: Check permissions on a per-page basis

This will allow for hooks related to Title::userCan to
grant or revoke permissions based on the specific page
or namespace.

Bug: 14801
Change-Id: I02d8eb91cc5daff6e70b0dea3d2f58ed5fbfcf81

diff --git a/includes/filerepo/file/ArchivedFile.php b/includes/filerepo/file/ArchivedFile.php
index effa3ee..5b0d8e2 100644 (file)
--- a/includes/filerepo/file/ArchivedFile.php
+++ b/includes/filerepo/file/ArchivedFile.php
@@ -578,6 +578,7 @@ class ArchivedFile {
        public function userCan( $field, User $user = null ) {
                $this->load();
 
-               return Revision::userCanBitfield( $this->deleted, $field, $user );
+               $title = $this->getTitle();
+               return Revision::userCanBitfield( $this->deleted, $field, $user, $title ? : null );
        }
 }

diff --git a/includes/specialpage/SpecialPage.php b/includes/specialpage/SpecialPage.php
index 8fc28f8..c0a94af 100644 (file)
--- a/includes/specialpage/SpecialPage.php
+++ b/includes/specialpage/SpecialPage.php
@@ -39,7 +39,7 @@ class SpecialPage {
 
        // Minimum user level required to access this page, or "" for anyone.
        // Also used to categorise the pages in Special:Specialpages
-       private $mRestriction;
+       protected $mRestriction;
 
        // Listed in Special:Specialpages?
        private $mListed;

diff --git a/includes/specials/SpecialUndelete.php b/includes/specials/SpecialUndelete.php
index 8acf8a2..cfadddb 100644 (file)
--- a/includes/specials/SpecialUndelete.php
+++ b/includes/specials/SpecialUndelete.php
@@ -720,10 +720,10 @@ class SpecialUndelete extends SpecialPage {
                $this->mUnsuppress = $request->getVal( 'wpUnsuppress' ) && $user->isAllowed( 'suppressrevision' );
                $this->mToken = $request->getVal( 'token' );
 
-               if ( $user->isAllowed( 'undelete' ) && !$user->isBlocked() ) {
+               if ( $this->isAllowed( 'undelete' ) && !$user->isBlocked() ) {
                        $this->mAllowed = true; // user can restore
                        $this->mCanView = true; // user can view content
-               } elseif ( $user->isAllowed( 'deletedtext' ) ) {
+               } elseif ( $this->isAllowed( 'deletedtext' ) ) {
                        $this->mAllowed = false; // user cannot restore
                        $this->mCanView = true; // user can view content
                        $this->mRestore = false;
@@ -752,14 +752,35 @@ class SpecialUndelete extends SpecialPage {
                }
        }
 
+       /**
+        * Checks whether a user is allowed the permission for the
+        * specific title if one is set.
+        *
+        * @param string $permission
+        * @param User $user
+        * @return bool
+        */
+       private function isAllowed( $permission, User $user = null ) {
+               $user = $user ? : $this->getUser();
+               if ( $this->mTargetObj !== null ) {
+                       return $this->mTargetObj->userCan( $permission, $user );
+               } else {
+                       return $user->isAllowed( $permission );
+               }
+       }
+
+       function userCanExecute( User $user ) {
+               return $this->isAllowed( $this->mRestriction, $user );
+       }
+
        function execute( $par ) {
-               $this->checkPermissions();
                $user = $this->getUser();
 
                $this->setHeaders();
                $this->outputHeader();
 
                $this->loadRequest( $par );
+               $this->checkPermissions(); // Needs to be after mTargetObj is set
 
                $out = $this->getOutput();
 
@@ -1458,12 +1479,14 @@ class SpecialUndelete extends SpecialPage {
                $ts = wfTimestamp( TS_MW, $row->fa_timestamp );
                $user = $this->getUser();
 
-               if ( $this->mAllowed && $row->fa_storage_key ) {
-                       $checkBox = Xml::check( 'fileid' . $row->fa_id );
+               $checkBox = '';
+               if ( $this->mCanView && $row->fa_storage_key ) {
+                       if ( $this->mAllowed ) {
+                               $checkBox = Xml::check( 'fileid' . $row->fa_id );
+                       }
                        $key = urlencode( $row->fa_storage_key );
                        $pageLink = $this->getFileLink( $file, $this->getPageTitle(), $ts, $key );
                } else {
-                       $checkBox = '';
                        $pageLink = $this->getLanguage()->userTimeAndDate( $ts, $user );
                }
                $userLink = $this->getFileUser( $file );
@@ -1475,8 +1498,8 @@ class SpecialUndelete extends SpecialPage {
                $comment = $this->getFileComment( $file );
 
                // Add show/hide deletion links if available
-               $canHide = $user->isAllowed( 'deleterevision' );
-               if ( $canHide || ( $file->getVisibility() && $user->isAllowed( 'deletedhistory' ) ) ) {
+               $canHide = $this->isAllowed( 'deleterevision' );
+               if ( $canHide || ( $file->getVisibility() && $this->isAllowed( 'deletedhistory' ) ) ) {
                        if ( !$file->userCan( File::DELETED_RESTRICTED, $user ) ) {
                                // Revision was hidden from sysops
                                $revdlink = Linker::revDeleteLinkDisabled( $canHide );