At 3/7/2005 01:11 AM, Brion Vibber wrote:
Your private information *will* be compromised, and you
will
kick yourself.
There is no such thing as "secure" anyway, anything can be compromised. Now
just how bad can it be compromised on a Wiki I dunno, but I'm not talking
credit card numbers here anyway, I'm not even talking putting that in any
official release of course, but at least hooks would help. In any case, I'm
not sure I need a 30 lines disclaimer, I can take that responsibility :)
On the other end, here is a simple question then: what are functions like
userCanRead() and userCanEdit() for, if, at the end of the day, they don't
guarantee what they are supposed to do ? Either those 2 functions work,
either they don't. They are used already, after all. If they don't, it does
not look to me as a deliberate "lack of feature", or "indent not to do it
in MediaWiki", but it looks to me like one or more bug(s). Excuse my
french, but don't you want that part to be addressed, or at least made more
robust ? Now if you are telling me that you don't want more help or more
eyes to check the code, then fair enough.
In any case, I should not have used "ACL" in the subject, it is way beyond
what I would like to do. What I'm talking about here is nothing more than a
small layer on top of the ::userCan() functionality to allow users to be in
group(s). The idea is, when ::userCan($action) is called, the restrictions
for a user are checked as usual, but an additional check is done (as a
hook) to see if he is part of a group, and the restrictions for that group
are checked too. I guess a proof of concept could be as simplistic as
having that group be a regular user (so that you can set the restrictions
of a group just like you set it for a user), and add an extra file/database
to link users to that "special user = group". Now that does not look like
rocket science to me as an extension, I just need to leverage
::userCan($action), and again, either it works, either it does not, in the
later case I'm willing to take a look at it.
--
Sebastien Barre