Hi all!
About ACLs - do you know about our "IntraACL" extension? (based on
earlier one "HaloACL" by ontoprise company)
https://github.com/mediawiki4intranet/IntraACL/
It has full protection of pages for reading via core patches, in
listings and etc; ACLs can be configured on a page, category or
namespace basis.
"Stable" version consists of a totally rewritten UI and a modified
HaloACL backend (though not so heavily modified). Now we use it on our
corporate wikis.
But just like the UI was, HaloACL backend is also designed very poorly
(it's slow and it's written too verbosely), so now I'm doing a total
rewrite of it - it's in the "storage-rewrite" git branch. It's almost
ready, I should just test it and add some additional maintenance
features. Automated tests are also in development now.
Of course the extension isn't perfect - there are some ideological
problems, for example some combinations of page/category/namespace
rights are not always obvious for users (and there are 3 override
modes); page/category/namespace ACLs are a mess if you want to really
restrict editing of ACLs themselves; also, now there is a hardcode -
"sysop" and "bureaucrat" MW groups are always super-users.
But assuming you have no people that want to _really_ abuse your right
system - which is usually a correct assumption in corporate environment
- the extension is good enough for everyday use.
So! :)
Everyone is welcome to test it and tell us about good ideas if you have
some :) (my main question which I can't really solve by myself is - what
right system would be really convenient to use in MediaWiki's flat page
structure with categories?)
--
With best regards,
Vitaliy Filippov