Sebastien BARRE <sebastien.barre <at> kitware.com> writes:
Hi,
OK, I know one of key feature of a Wiki is "unrestricted access to
everyone", but there are some times when you definitely want to have a
subpart of a Wiki to be more "private", or "read only", using a more
sophisticated scheme than white-lists (no, I don't want to create a
separate wiki).
I also am interested in developing ACL. We can collaborate together. You can
send the information to me that you have on ACL in mediawiki.
Thank you very much
Actually I just checked 1.4 and it seems there is a new
Title::userCan($action) that seem to be called by
userCanRead/userCanEdit... A hook near the end maybe, before 'return true'
? It uses getRestrictions(), which seems to pull something out of the
cur_restrictions field, but this is not really documented, what's the
format of that column in 'cur', something like
edit:user1,user2;move:user3,user2, etc ?
I think that the format of that column in 'cur' is
action1:group1,group2;action2:group3,group2
better than
edit:user1,user2;move:user3,user2
I have done a modification that just work. I have changed the function protect
to prevent not just from edit, but also it allows to hide an article. In the
file article.php
FILE --- includes/Article.php
@@ -745,6 +745,12 @@
exit;
}
+ if ( !$this->mTitle->userCanHide () ) {
+ $wgOut->loginToUse ();
+ $wgOut->output ();
+ exit;
+ }
+
# We're looking at an old revision
@@ -1330,6 +1336,7 @@
$restrictions = "move=" . $limit;
if( !$moveonly ) {
$restrictions .= ":edit=" . $limit;
+ $restrictions .= ":view=" . $limit;
}
if (wfRunHooks('ArticleProtect', $this, $wgUser, $limit == 'sysop',
$reason,
$moveonly)) {
FILE --- includes/Title.php
@@ -745,6 +745,13 @@
return false;
}
+ function isHidden () {
+ $a = $this->getRestrictions ("view");
+ $result = in_array ('sysop', $a);
+
+ return $result;
+ }
+
/**
* Is $wgUser is watching this page?
* @return boolean
@@ -815,6 +822,16 @@
}
/**
+ * Can $wgUser hide this page
+ *
+ * @return boolean
+ * @access public
+ */
+ function userCanHide () {
+ return $this->userCan ('hide');
+ }
+
+ /**
* Can $wgUser edit this page?
* @return boolean
* @access public
@@ -840,11 +857,20 @@
function userCanRead() {
global $wgUser;
+ if ($this->isHidden())
+ {
+ if ($wgUser->isAllowed ('hide'))
+ return true;
+ else
+ return false;
+ }
+
if( $wgUser->isAllowed('read') ) {
return true;
} else {
global $wgWhitelistRead;
+
/** If anon users can create an account,
they need to reach the login page first! */
if( $wgUser->isAllowed( 'createaccount'
FILE --- includes/User.php
@@ -653,6 +653,7 @@
'rollback' => 'sysop',
'block' => 'sysop',
'editinterface' => 'sysop',
+ 'hide' => 'sysop',
'move' => 'user',
'read' => empty( $wgWhitelistRead ) ? '*' :
'user',
'createaccount' => '*' );