Gave Aaron Parecki access to extensions. He's been working on extensions such as:
* MediaWiki-SEO-Title-Tag * MediaWiki-Changelog-Graphs * MediaWiki-Glossary-Extension
- Ryan
On 07/15/2011 02:33 PM, Ryan Lane wrote:
Gave Aaron Parecki access to extensions. He's been working on extensions such as:
- MediaWiki-SEO-Title-Tag
- MediaWiki-Changelog-Graphs
- MediaWiki-Glossary-Extension
- Ryan
Pretty screenshot from the changelog graphs extension:
http://aaronparecki.com/MediaWiki#MediaWiki_Changelog_Graphs
On Fri, Jul 15, 2011 at 2:33 PM, Ryan Lane rlane32@gmail.com wrote:
Gave Aaron Parecki access to extensions. He's been working on extensions such as:
- MediaWiki-SEO-Title-Tag
- MediaWiki-Changelog-Graphs
- MediaWiki-Glossary-Extension
Got a bunch of new ones created this week:
* Matthew April - Matthew.JA - UserMergeAndDelete extension * Jeremy - jlemley - New "Favorites" extension * Justin Ryan - justizin - Wikia developer * Owen Davis - owen - Wikia developer * Maciej Brencz - macbre - Wikia developer * Maciej - marooned - Wikia developer (not the same guy) * Sven Heinemann - Bachsau - ConfirmEdit extension
Welcome :)
-Chad
Tip, especially for the new contributors:
MediaWiki Virtual Library http://www.mediawiki.org/wiki/MVL has currently three books
most important the MediaWiki Developer's Guide http://www.mediawiki.org/wiki/MDG
Using the Extension:Collection ("book") function, you can always generate your own up-to-date copy of the essentials, or even let a book be printed.
Tom
On 15/07/11 21:06, Chad wrote: <snip>
Got a bunch of new ones created this week:
- Matthew April - Matthew.JA - UserMergeAndDelete extension
- Jeremy - jlemley - New "Favorites" extension
- Justin Ryan - justizin - Wikia developer
- Owen Davis - owen - Wikia developer
- Maciej Brencz - macbre - Wikia developer
- Maciej - marooned - Wikia developer (not the same guy)
- Sven Heinemann - Bachsau - ConfirmEdit extension
It is great to see Wikia developers coming in :-) Welcome!
Ashar Voultoiz wrote:
On 15/07/11 21:06, Chad wrote:
<snip> > Got a bunch of new ones created this week: > > * Matthew April - Matthew.JA - UserMergeAndDelete extension > * Jeremy - jlemley - New "Favorites" extension > * Justin Ryan - justizin - Wikia developer > * Owen Davis - owen - Wikia developer > * Maciej Brencz - macbre - Wikia developer > * Maciej - marooned - Wikia developer (not the same guy) > * Sven Heinemann - Bachsau - ConfirmEdit extension
It is great to see Wikia developers coming in :-) Welcome!
Indeed. Although they seem to have some collisions in their Polish pool. :)
Welcome all!
Hi! I am trying to port my old user rights restriction extension (which is not in SVN) to be used with 1.17. As I know, when $wgGroupPermissions['*']['read'] is true (so-called "public read wiki"), since v1.12 there is so-called shortcut path when Title::userCanRead() is performed. Once it was a hard-coded codepath, now there is method's static property $useShortcut (unfortunately local and not externally accessible).
I have public-read wiki, which should restrict 'read' anonymous access to NS_MAIN but allow anonymous 'read' to NS_PROJECT. I've set up my extension in such way (worked with very old MW years before). When I use my extension unmodified with 1.17, it skips extensions checks.
Now, I am trying to fix it. In my extension I use the following hook handler:
static function BeforeInitialize( &$title, &$article, &$output, &$user, $request, $mediaWiki ) { global $wgGroupPermissions; global $wgUser; $saveWgUser = $wgUser; $wgUser = new User(); # begin of set evil Title::$useShortcut to false $saveAnonRead = $wgGroupPermissions['*']['read']; $wgGroupPermissions['*']['read'] = false; $Title = Title::newFromText( 'Version', NS_SPECIAL ); $Title->userCanRead(); $wgUser->clearInstanceCache( 'defaults' ); unset( $Title ); $wgUser = $saveWgUser; $wgGroupPermissions['*']['read'] = $saveAnonRead; # end of set evil Title::$useShortcut to false return true; }
It initialized $useShortcut static property in Title::userCanRead() to false value successfully. However, extension does not work anyway. My expectation that is because I temporarily make $wgGroupPermissions['*']['read'] = false; before performing $Title->useCanRead() in 'BeforeInitialize' hook handler. Also this is a kind of hacky and not safe code. Why cant there be a method of Title class which would allow to set $useShortcut, so the user access extensions may work normally? Also, I've noticed that Extension:Lockdown does not use this method. Will it work with public wiki, or it cannot restrict anonymous access to "public read wikis" as well?
Dmitriy
On 7/17/2011 6:15 AM, Dmitriy Sintsov wrote:
Hi! I am trying to port my old user rights restriction extension (which is not in SVN) to be used with 1.17. As I know, when $wgGroupPermissions['*']['read'] is true (so-called "public read wiki"), since v1.12 there is so-called shortcut path when Title::userCanRead() is performed. Once it was a hard-coded codepath, now there is method's static property $useShortcut (unfortunately local and not externally accessible).
I have public-read wiki, which should restrict 'read' anonymous access to NS_MAIN but allow anonymous 'read' to NS_PROJECT. I've set up my extension in such way (worked with very old MW years before). When I use my extension unmodified with 1.17, it skips extensions checks.
Now, I am trying to fix it. In my extension I use the following hook handler:
static function BeforeInitialize(&$title,&$article,&$output,&$user, $request, $mediaWiki ) { global $wgGroupPermissions; global $wgUser; $saveWgUser = $wgUser; $wgUser = new User(); # begin of set evil Title::$useShortcut to false $saveAnonRead = $wgGroupPermissions['*']['read']; $wgGroupPermissions['*']['read'] = false; $Title = Title::newFromText( 'Version', NS_SPECIAL ); $Title->userCanRead(); $wgUser->clearInstanceCache( 'defaults' ); unset( $Title ); $wgUser = $saveWgUser; $wgGroupPermissions['*']['read'] = $saveAnonRead; # end of set evil Title::$useShortcut to false return true; }
It initialized $useShortcut static property in Title::userCanRead() to false value successfully. However, extension does not work anyway. My expectation that is because I temporarily make $wgGroupPermissions['*']['read'] = false; before performing $Title->useCanRead() in 'BeforeInitialize' hook handler. Also this is a kind of hacky and not safe code. Why cant there be a method of Title class which would allow to set $useShortcut, so the user access extensions may work normally? Also, I've noticed that Extension:Lockdown does not use this method. Will it work with public wiki, or it cannot restrict anonymous access to "public read wikis" as well?
Dmitriy
The userCan hook fires off before the shortcut, so you should be using that $result = null; wfRunHooks( 'userCan', array( &$this, &$wgUser, 'read', &$result ) ); if ( $result !== null ) { return $result; }
# Shortcut for public wikis, allows skipping quite a bit of code if ( $useShortcut ) { return true; } By setting $result in userCan, you can basically do whatever you want (Extension:Lockdown uses userCan, I believe, which is why it works properly). If for some reason you really can't or don't want to use the userCan hook, set something like $wgRevokePermissions['invalid']['read'] = true; and $wgImplicitGroups[] = 'invalid'; (so that it won't show up in group name dropdowns), but this is a really hacky workaround that abuses an implementation detail, so it might change in the future.
Ryan
On 17.07.2011 18:09, Ryan Schmidt wrote:
The userCan hook fires off before the shortcut, so you should be using that $result = null; wfRunHooks( 'userCan', array(&$this,&$wgUser, 'read', &$result ) ); if ( $result !== null ) { return $result; }
# Shortcut for public wikis, allows skipping quite a bit of code if ( $useShortcut ) { return true; }By setting $result in userCan, you can basically do whatever you want (Extension:Lockdown uses userCan, I believe, which is why it works properly). If for some reason you really can't or don't want to use the userCan hook, set something like $wgRevokePermissions['invalid']['read'] = true; and $wgImplicitGroups[] = 'invalid'; (so that it won't show up in group name dropdowns), but this is a really hacky workaround that abuses an implementation detail, so it might change in the future.
Thanks for the good tip. Of course I use userCan hook, however it's too large to be pasted here and a bit unpolished. In the end of my hook I have the following code:
if ($result==true) { $result=NULL; // continue further checks return true; // continue hook chain } else { return false; // deny access, no further checks }
I guess it is my mistake that I respect the chain and nullify the result? In case my extension "allows" access I honour further handlers of the same hook, which still may set $result to false. However, changing to:
if ($result==true) { return false; // allow access, no further checks } else { return false; // deny access, no further checks }
didn't help :-(.
I will debug my extension further (later). Maybe there is some mistake in my own code. Thanks for the tips, anyway. Dmitriy
wikitech-l@lists.wikimedia.org