[Mediawiki-l] UserRightsList 0.3 Announcement
Jim Hu
jimhu at tamu.edu
Sat May 17 00:29:36 UTC 2008
For version 0.4...
On May 16, 2008, at 12:56 PM, DanTMan wrote:
<extensive snipping below>
>>> The extension does not handle user rights permissions correctly.
>>> For 1.12> it won't work correctly because it does not handle
>>> $wgAddGroups, $wgRemoveGroups, $wgGroupsAddToSelf, and
>>> $wgGroupsRemoveFromSelf.
should be fixed via indirect use of changeableGroups()
>>>
>>> And for 1.11 it is a security issue, because for $wgAddGroups and
>>> $wgRemoveGroups to work a user needs the userrights permission...
should be fixed via per previous message
> Yup... Your setup of the special page is to. 'createuser' isn't a good
> permission to base on.
won't change due to Vampire considerations described previously,
unless there's an alternative solution.
>
>>> And there's some hardcoding of group names, and it's likely that
>>> checkboxes are not going to be rendered correctly when anything
>>> other
>>> than the default groups are used.
fixed, again taking advantage of changeableGroups
>>> The handling of time also appears to be done in a way which is not
>>> cross-database compatible,...
I think this is improved, but user_registration is in the schema as a
string, not a date
>>> and there is raw use of DISTINCT which I
>>> believe we have as a select option.
>>>
now moot
>>> ps: in_array('userrights',$wgUser->getRights()); would best be
>>> written
>>> as $wgUser->isAllowed('userrights');
fixed.
=====================================
Jim Hu
Associate Professor
Dept. of Biochemistry and Biophysics
2128 TAMU
Texas A&M Univ.
College Station, TX 77843-2128
979-862-4054
More information about the MediaWiki-l
mailing list