Am 16.08.2011 16:20, schrieb Casey Brown:
On Tue, Aug 16, 2011 at 6:52 AM, Bryan Tong Minh
<bryan.tongminh(a)gmail.com> wrote:
You should put Special:PasswordReset in
$wgWhiteListSomething.
Shouldn't that be there by default like Special:UserLogin? Svip has a
valid point. If they forgot their password, they wouldn't be able to
login to request a new one.
Another related solution (needs a tiny core code change
http://svn.wikimedia.org/viewvc/mediawiki/trunk/phase3/includes/specials/Sp…
)
Patch to make SpecialPasswordReset only available to groups
with a (new) minimum right "special-passwordreset-access"
It can be done in a small extension, but why not making it part of the
core ? -
# add a new user right
$wgAvailableRights[] = 'special-passwordreset-access';
# disallow all to access SpecialPasswordReset
$wgGroupPermissions['*']['special-passwordreset-access'] = false;
# but allow admins to access SpecialPasswordReset
$wgGroupPermissions['sysop']['special-passwordreset-access'] = true;
change in
http://svn.wikimedia.org/viewvc/mediawiki/trunk/phase3/includes/specials/Sp…
parent::__construct('PasswordReset');
to
parent::__construct('PasswordReset', 'special-passwordreset-access');