| Index: trunk/phase3/includes/SpecialImport.php |
| — | — | @@ -29,7 +29,7 @@ |
| 30 | 30 | * Constructor |
| 31 | 31 | */ |
| 32 | 32 | function wfSpecialImport( $page = '' ) { |
| 33 | | - global $wgOut, $wgLang, $wgRequest, $wgTitle; |
| | 33 | + global $wgUser, $wgOut, $wgLang, $wgRequest, $wgTitle; |
| 34 | 34 | global $wgImportSources; |
| 35 | 35 | |
| 36 | 36 | ### |
| — | — | @@ -42,7 +42,11 @@ |
| 43 | 43 | |
| 44 | 44 | switch( $wgRequest->getVal( "source" ) ) { |
| 45 | 45 | case "upload": |
| 46 | | - $result = $importer->setupFromUpload( "xmlimport" ); |
| | 46 | + if( $wgUser->isAllowed( 'importupload' ) ) { |
| | 47 | + $result = $importer->setupFromUpload( "xmlimport" ); |
| | 48 | + } else { |
| | 49 | + return $wgOut->permissionRequired( 'importupload' ); |
| | 50 | + } |
| 47 | 51 | break; |
| 48 | 52 | case "interwiki": |
| 49 | 53 | $result = $importer->setupFromInterwiki( |
| — | — | @@ -68,9 +72,11 @@ |
| 69 | 73 | } |
| 70 | 74 | } |
| 71 | 75 | |
| 72 | | - $wgOut->addWikiText( "<p>" . wfMsg( "importtext" ) . "</p>" ); |
| 73 | 76 | $action = $wgTitle->escapeLocalUrl( 'action=submit' ); |
| 74 | | - $wgOut->addHTML( " |
| | 77 | + |
| | 78 | + if( $wgUser->isAllowed( 'importupload' ) ) { |
| | 79 | + $wgOut->addWikiText( "<p>" . wfMsg( "importtext" ) . "</p>" ); |
| | 80 | + $wgOut->addHTML( " |
| 75 | 81 | <fieldset> |
| 76 | 82 | <legend>Upload XML</legend> |
| 77 | 83 | <form enctype='multipart/form-data' method='post' action=\"$action\"> |
| — | — | @@ -82,7 +88,12 @@ |
| 83 | 89 | </form> |
| 84 | 90 | </fieldset> |
| 85 | 91 | " ); |
| 86 | | - |
| | 92 | + } else { |
| | 93 | + if( empty( $wgImportSources ) ) { |
| | 94 | + $wgOut->addWikiText( wfMsg( 'importnosources' ) ); |
| | 95 | + } |
| | 96 | + } |
| | 97 | + |
| 87 | 98 | if( !empty( $wgImportSources ) ) { |
| 88 | 99 | $wgOut->addHTML( " |
| 89 | 100 | <fieldset> |
| Index: trunk/phase3/includes/SpecialUpload.php |
| — | — | @@ -99,8 +99,7 @@ |
| 100 | 100 | } |
| 101 | 101 | |
| 102 | 102 | /** Various rights checks */ |
| 103 | | - if( ( $wgUser->isAnon() ) |
| 104 | | - OR $wgUser->isBlocked() ) { |
| | 103 | + if( !$wgUser->isAllowed( 'upload' ) || $wgUser->isBlocked() ) { |
| 105 | 104 | $wgOut->errorpage( 'uploadnologin', 'uploadnologintext' ); |
| 106 | 105 | return; |
| 107 | 106 | } |
| Index: trunk/phase3/includes/DefaultSettings.php |
| — | — | @@ -686,6 +686,7 @@ |
| 687 | 687 | |
| 688 | 688 | $wgGroupPermissions['user' ]['move'] = true; |
| 689 | 689 | $wgGroupPermissions['user' ]['read'] = true; |
| | 690 | +$wgGroupPermissions['user' ]['upload'] = true; |
| 690 | 691 | |
| 691 | 692 | $wgGroupPermissions['bot' ]['bot'] = true; |
| 692 | 693 | |
| — | — | @@ -694,10 +695,12 @@ |
| 695 | 696 | $wgGroupPermissions['sysop']['delete'] = true; |
| 696 | 697 | $wgGroupPermissions['sysop']['editinterface'] = true; |
| 697 | 698 | $wgGroupPermissions['sysop']['import'] = true; |
| 698 | | -$wgGroupPermissions['sysop']['importraw'] = true; |
| | 699 | +$wgGroupPermissions['sysop']['importupload'] = true; |
| | 700 | +$wgGroupPermissions['user' ]['move'] = true; |
| 699 | 701 | $wgGroupPermissions['sysop']['patrol'] = true; |
| 700 | 702 | $wgGroupPermissions['sysop']['protect'] = true; |
| 701 | 703 | $wgGroupPermissions['sysop']['rollback'] = true; |
| | 704 | +$wgGroupPermissions['user' ]['upload'] = true; |
| 702 | 705 | |
| 703 | 706 | $wgGroupPermissions['bureaucrat']['userrights'] = true; |
| 704 | 707 | |
| — | — | @@ -1130,8 +1133,11 @@ |
| 1131 | 1134 | |
| 1132 | 1135 | /** |
| 1133 | 1136 | * List of interwiki prefixes for wikis we'll accept as sources for |
| 1134 | | - * Special:Import (for sysops). Since complete page history# can be imported, |
| | 1137 | + * Special:Import (for sysops). Since complete page history can be imported, |
| 1135 | 1138 | * these should be 'trusted'. |
| | 1139 | + * |
| | 1140 | + * If a user has the 'import' permission but not the 'importupload' permission, |
| | 1141 | + * they will only be able to run imports through this transwiki interface. |
| 1136 | 1142 | */ |
| 1137 | 1143 | $wgImportSources = array(); |
| 1138 | 1144 | |
| Index: trunk/phase3/RELEASE-NOTES |
| — | — | @@ -300,6 +300,8 @@ |
| 301 | 301 | * badaccess/badaccesstext to supercede sysop*, developer* messages |
| 302 | 302 | * Changed $wgGroupPermissions to more cut-n-paste-friendly format |
| 303 | 303 | * 'developer' group deprecated by default |
| | 304 | +* Special:Upload now uses 'upload' permission instead of hardcoding login check |
| | 305 | +* Add 'importupload' permission to disable direct uploads to Special:Import |
| 304 | 306 | |
| 305 | 307 | |
| 306 | 308 | === Caveats === |
| Index: trunk/phase3/languages/Language.php |
| — | — | @@ -1656,6 +1656,7 @@ |
| 1657 | 1657 | 'importnotext' => 'Empty or no text', |
| 1658 | 1658 | 'importsuccess' => 'Import succeeded!', |
| 1659 | 1659 | 'importhistoryconflict' => 'Conflicting history revision exists (may have imported this page before)', |
| | 1660 | +'importnosources' => 'No transwiki import sources have been defined and direct history uploads are disabled.', |
| 1660 | 1661 | |
| 1661 | 1662 | # Keyboard access keys for power users |
| 1662 | 1663 | 'accesskey-search' => 'f', |