Sebastien BARRE <sebastien.barre <at> kitware.com> writes:
Hi,
OK, I know one of key feature of a Wiki is "unrestricted access to everyone", but there are some times when you definitely want to have a subpart of a Wiki to be more "private", or "read only", using a more sophisticated scheme than white-lists (no, I don't want to create a separate wiki).
I also am interested in developing ACL. We can collaborate together. You can send the information to me that you have on ACL in mediawiki.
Thank you very much
Actually I just checked 1.4 and it seems there is a new Title::userCan($action) that seem to be called by userCanRead/userCanEdit... A hook near the end maybe, before 'return true' ? It uses getRestrictions(), which seems to pull something out of the cur_restrictions field, but this is not really documented, what's the format of that column in 'cur', something like edit:user1,user2;move:user3,user2, etc ?
I think that the format of that column in 'cur' is
action1:group1,group2;action2:group3,group2
better than
edit:user1,user2;move:user3,user2
I have done a modification that just work. I have changed the function protect to prevent not just from edit, but also it allows to hide an article. In the file article.php
FILE --- includes/Article.php
@@ -745,6 +745,12 @@ exit; }
+ if ( !$this->mTitle->userCanHide () ) { + $wgOut->loginToUse (); + $wgOut->output (); + exit; + } +
# We're looking at an old revision
@@ -1330,6 +1336,7 @@ $restrictions = "move=" . $limit; if( !$moveonly ) { $restrictions .= ":edit=" . $limit; + $restrictions .= ":view=" . $limit; } if (wfRunHooks('ArticleProtect', $this, $wgUser, $limit == 'sysop', $reason, $moveonly)) {
FILE --- includes/Title.php
@@ -745,6 +745,13 @@ return false; }
+ function isHidden () { + $a = $this->getRestrictions ("view"); + $result = in_array ('sysop', $a); + + return $result; + } + /** * Is $wgUser is watching this page? * @return boolean @@ -815,6 +822,16 @@ }
/** + * Can $wgUser hide this page + * + * @return boolean + * @access public + */ + function userCanHide () { + return $this->userCan ('hide'); + } + + /** * Can $wgUser edit this page? * @return boolean * @access public @@ -840,11 +857,20 @@ function userCanRead() { global $wgUser; + if ($this->isHidden()) + { + if ($wgUser->isAllowed ('hide')) + return true; + else + return false; + } + if( $wgUser->isAllowed('read') ) { return true; } else { global $wgWhitelistRead; + /** If anon users can create an account, they need to reach the login page first! */ if( $wgUser->isAllowed( 'createaccount'
FILE --- includes/User.php
@@ -653,6 +653,7 @@ 'rollback' => 'sysop', 'block' => 'sysop', 'editinterface' => 'sysop', + 'hide' => 'sysop', 'move' => 'user', 'read' => empty( $wgWhitelistRead ) ? '*' : 'user', 'createaccount' => '*' );