summaryrefslogtreecommitdiff
path: root/includes/WatchedItem.php
diff options
context:
space:
mode:
authorPierre Schmitz <pierre@archlinux.de>2013-12-08 09:55:49 +0100
committerPierre Schmitz <pierre@archlinux.de>2013-12-08 09:55:49 +0100
commit4ac9fa081a7c045f6a9f1cfc529d82423f485b2e (patch)
treeaf68743f2f4a47d13f2b0eb05f5c4aaf86d8ea37 /includes/WatchedItem.php
parentaf4da56f1ad4d3ef7b06557bae365da2ea27a897 (diff)
Update to MediaWiki 1.22.0
Diffstat (limited to 'includes/WatchedItem.php')
-rw-r--r--includes/WatchedItem.php65
1 files changed, 61 insertions, 4 deletions
diff --git a/includes/WatchedItem.php b/includes/WatchedItem.php
index 5ac92f73..1e07e7c7 100644
--- a/includes/WatchedItem.php
+++ b/includes/WatchedItem.php
@@ -27,19 +27,37 @@
* @ingroup Watchlist
*/
class WatchedItem {
- var $mTitle, $mUser;
+ /**
+ * Constant to specify that user rights 'editmywatchlist' and
+ * 'viewmywatchlist' should not be checked.
+ * @since 1.22
+ */
+ const IGNORE_USER_RIGHTS = 0;
+
+ /**
+ * Constant to specify that user rights 'editmywatchlist' and
+ * 'viewmywatchlist' should be checked.
+ * @since 1.22
+ */
+ const CHECK_USER_RIGHTS = 1;
+
+ var $mTitle, $mUser, $mCheckRights;
private $loaded = false, $watched, $timestamp;
/**
* Create a WatchedItem object with the given user and title
+ * @since 1.22 $checkRights parameter added
* @param $user User: the user to use for (un)watching
* @param $title Title: the title we're going to (un)watch
+ * @param $checkRights int: Whether to check the 'viewmywatchlist' and 'editmywatchlist' rights.
+ * Pass either WatchedItem::IGNORE_USER_RIGHTS or WatchedItem::CHECK_USER_RIGHTS.
* @return WatchedItem object
*/
- public static function fromUserTitle( $user, $title ) {
+ public static function fromUserTitle( $user, $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
$wl = new WatchedItem;
$wl->mUser = $user;
$wl->mTitle = $title;
+ $wl->mCheckRights = $checkRights;
return $wl;
}
@@ -89,6 +107,12 @@ class WatchedItem {
}
$this->loaded = true;
+ // Only loggedin user can have a watchlist
+ if ( $this->mUser->isAnon() ) {
+ $this->watched = false;
+ return;
+ }
+
# Pages and their talk pages are considered equivalent for watching;
# remember that talk namespaces are numbered as page namespace+1.
@@ -105,10 +129,22 @@ class WatchedItem {
}
/**
+ * Check permissions
+ * @param $what string: 'viewmywatchlist' or 'editmywatchlist'
+ */
+ private function isAllowed( $what ) {
+ return !$this->mCheckRights || $this->mUser->isAllowed( $what );
+ }
+
+ /**
* Is mTitle being watched by mUser?
* @return bool
*/
public function isWatched() {
+ if ( !$this->isAllowed( 'viewmywatchlist' ) ) {
+ return false;
+ }
+
$this->load();
return $this->watched;
}
@@ -120,6 +156,10 @@ class WatchedItem {
* the wl_notificationtimestamp field otherwise
*/
public function getNotificationTimestamp() {
+ if ( !$this->isAllowed( 'viewmywatchlist' ) ) {
+ return false;
+ }
+
$this->load();
if ( $this->watched ) {
return $this->timestamp;
@@ -135,6 +175,11 @@ class WatchedItem {
* page is not watched or the notification timestamp is already NULL.
*/
public function resetNotificationTimestamp( $force = '' ) {
+ // Only loggedin user can have a watchlist
+ if ( wfReadOnly() || $this->mUser->isAnon() || !$this->isAllowed( 'editmywatchlist' ) ) {
+ return;
+ }
+
if ( $force != 'force' ) {
$this->load();
if ( !$this->watched || $this->timestamp === null ) {
@@ -153,11 +198,17 @@ class WatchedItem {
/**
* Given a title and user (assumes the object is setup), add the watch to the
* database.
- * @return bool (always true)
+ * @return bool
*/
public function addWatch() {
wfProfileIn( __METHOD__ );
+ // Only loggedin user can have a watchlist
+ if ( wfReadOnly() || $this->mUser->isAnon() || !$this->isAllowed( 'editmywatchlist' ) ) {
+ wfProfileOut( __METHOD__ );
+ return false;
+ }
+
// Use INSERT IGNORE to avoid overwriting the notification timestamp
// if there's already an entry for this page
$dbw = wfGetDB( DB_MASTER );
@@ -192,6 +243,12 @@ class WatchedItem {
public function removeWatch() {
wfProfileIn( __METHOD__ );
+ // Only loggedin user can have a watchlist
+ if ( wfReadOnly() || $this->mUser->isAnon() || !$this->isAllowed( 'editmywatchlist' ) ) {
+ wfProfileOut( __METHOD__ );
+ return false;
+ }
+
$success = false;
$dbw = wfGetDB( DB_MASTER );
$dbw->delete( 'watchlist',
@@ -268,7 +325,7 @@ class WatchedItem {
);
}
- if( empty( $values ) ) {
+ if ( empty( $values ) ) {
// Nothing to do
return true;
}