From cdd46ac98e36b1be722a89c65906d3729997e366 Mon Sep 17 00:00:00 2001 From: Brad Jorsch Date: Fri, 26 Jul 2013 10:58:02 -0400 Subject: [PATCH] Followup Idfee1b4d per Tim OAuth was going to return different values for UserIsEveryoneAllowed depending on whether OAuth headers were provided, so the bolding on Special:SpecialPages wouldn't be odd. That wasn't liked, so instead we'll only mark special pages as restricted based on $wgGroupPermissions and not what extensions might do. Also, it was suggested that if an extension can remove 'read' then the cache headers set by RawAction and the API should reflect that. Change-Id: I381553e79c5320083c6d6d9ddd5bc0b146600f9e --- includes/SpecialPage.php | 4 ++-- includes/actions/RawAction.php | 2 +- includes/api/ApiMain.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/includes/SpecialPage.php b/includes/SpecialPage.php index ad9618f735e..d87f9107ac0 100644 --- a/includes/SpecialPage.php +++ b/includes/SpecialPage.php @@ -553,8 +553,8 @@ class SpecialPage { * pages? */ public function isRestricted() { - // DWIM: If everyone can do something, then it is not restricted - return $this->mRestriction != '' && !User::isEveryoneAllowed( $this->mRestriction ); + // DWIM: If anons can do something, then it is not restricted + return $this->mRestriction != '' && !User::groupHasPermission( '*', $this->mRestriction ); } /** diff --git a/includes/actions/RawAction.php b/includes/actions/RawAction.php index dd143119747..32751e45122 100644 --- a/includes/actions/RawAction.php +++ b/includes/actions/RawAction.php @@ -93,7 +93,7 @@ class RawAction extends FormlessAction { $response->header( 'Content-type: ' . $contentType . '; charset=UTF-8' ); # Output may contain user-specific data; # vary generated content for open sessions on private wikis - $privateCache = !User::groupHasPermission( '*', 'read' ) && ( $smaxage == 0 || session_id() != '' ); + $privateCache = !User::isEveryoneAllowed( 'read' ) && ( $smaxage == 0 || session_id() != '' ); # allow the client to cache this for 24 hours $mode = $privateCache ? 'private' : 'public'; $response->header( 'Cache-Control: ' . $mode . ', s-maxage=' . $smaxage . ', max-age=' . $maxage ); diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php index 49a0b3c2842..6dd6d596db3 100644 --- a/includes/api/ApiMain.php +++ b/includes/api/ApiMain.php @@ -274,7 +274,7 @@ class ApiMain extends ApiBase { return; } - if ( !User::groupHasPermission( '*', 'read' ) ) { + if ( !User::isEveryoneAllowed( 'read' ) ) { // Private wiki, only private headers if ( $mode !== 'private' ) { wfDebug( __METHOD__ . ": ignoring request for $mode cache mode, private wiki\n" ); -- 2.11.4.GIT