Hi!
I am trying to port my old user rights restriction extension (which is
not in SVN) to be used with 1.17. As I know, when
$wgGroupPermissions['*']['read'] is true (so-called "public read
wiki"),
since v1.12 there is so-called shortcut path when Title::userCanRead()
is performed. Once it was a hard-coded codepath, now there is method's
static property $useShortcut (unfortunately local and not externally
accessible).
I have public-read wiki, which should restrict 'read' anonymous access
to NS_MAIN but allow anonymous 'read' to NS_PROJECT. I've set up my
extension in such way (worked with very old MW years before). When I use
my extension unmodified with 1.17, it skips extensions checks.
Now, I am trying to fix it. In my extension I use the following hook
handler:
static function BeforeInitialize( &$title, &$article, &$output,
&$user, $request, $mediaWiki ) {
global $wgGroupPermissions;
global $wgUser;
$saveWgUser = $wgUser;
$wgUser = new User();
# begin of set evil Title::$useShortcut to false
$saveAnonRead = $wgGroupPermissions['*']['read'];
$wgGroupPermissions['*']['read'] = false;
$Title = Title::newFromText( 'Version', NS_SPECIAL );
$Title->userCanRead();
$wgUser->clearInstanceCache( 'defaults' );
unset( $Title );
$wgUser = $saveWgUser;
$wgGroupPermissions['*']['read'] = $saveAnonRead;
# end of set evil Title::$useShortcut to false
return true;
}
It initialized $useShortcut static property in Title::userCanRead() to
false value successfully. However, extension does not work anyway. My
expectation that is because I temporarily make
$wgGroupPermissions['*']['read'] = false; before performing
$Title->useCanRead() in 'BeforeInitialize' hook handler. Also this is a
kind of hacky and not safe code. Why cant there be a method of Title
class which would allow to set $useShortcut, so the user access
extensions may work normally? Also, I've noticed that Extension:Lockdown
does not use this method. Will it work with public wiki, or it cannot
restrict anonymous access to "public read wikis" as well?
Dmitriy