Page MenuHomePhabricator
Create Task
Maniphest T16155

Rollback has link to rollback in diff when not editrights to page
Closed, ResolvedPublic
Actions

Description

Author: laaknor-wmfbugzilla

Description:
User with rollback-access has "rollback"-link to administrator-only pages when viewing diff. In history, the link is not displayed.

Tested on no.wikipedia, with MediaWiki:, User:xxx/monobook.js and protected pages for administrators only.

Clicking the link only gives error, but the link should not be displayed when the user does not have access to it.

Version: 1.13.x
Severity: normal

Details

Reference
bz14155

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:11 PM
bzimport added a project: MediaWiki-Page-protection.
bzimport set Reference to bz14155.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.May 16 2008, 7:44 PM
Nakon added a comment.May 22 2008, 3:57 PM

Checks to see if a user can edit an article before generating a rollback link

I added getUserPermissionsErrors() from PageHistory.php

Attached:

diff.txt567 BDownload

aaron added a comment.May 29 2008, 9:19 PM

Done in r35571

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL