[Mediawiki-l] Need to restrict areas of a wiki by user

[MHart]

I created a restriction extension that can prevent access using users or 
groups. You just do this:

<restrict>user1,user2,group1,group2</restrict>

When a user attempts to access the page who is not listed in the <restrict> 
tag, and is not a member of a listed group, then they are redirected to a 
page that tells them "its a restricted page, blah blah".

At Intuit, it is used in a few, select groups where they discuss policy, 
security, things that have SEC regulations regarding disclosure and 
employees who sell stock. In such cases, it isn't a matter of "trust" in an 
organization with more than 7,000 employees, rather it is a matter of 
company security (we also hire plenty of contractors who gain temporary 
access to our intranet for various reasons) as well as a matter of law (SEC 
regs for a public company).

The code is very simple. It renders the "<restrict>etc...</>" tag area in 
red as "Restricted page: user1, etc...". If the user/group isn't found, it 
redirects the user to a page titled "Restricted Page".

 $wgExtensionFunctions[] = "wfRestrictExtension";

 function wfRestrictExtension() {
     global $wgParser;
     $wgParser->setHook( "restrict", "renderRestrict" );
 }

# The callback function for converting the input text to HTML output
 function renderRestrict( $input ) {
 global $wgUser,$wgOut;

 $inputvars = explode(',', $input);
 $uName = $wgUser->getName();
 $rights = $wgUser->getRights();

 foreach ($inputvars as $val)
 {
  if ($val == $uName)
   return "<br><font color=red>Restricted Page: </font>" . $input . "<br>";
   // return;
  foreach ($rights as $r)
  {
   if ($r == $val)
    return "<br><font color=red>Restricted Page: </font>" . $input . "<br>";
    // return;
  }
 }

 $wgTitle = Title::newFromURL("Restricted_Page");
  $wgOut->redirect($wgTitle->getFullURL());

 return;
 }


- MHart