restrict-20060406.diff
Public
Actions

Authored By

	• bzimport
	Nov 21 2014, 8:20 PM

Size

29 KB

Referenced Files

None

Subscribers

None

restrict-20060406.diff
View Options

	Index: includes/SpecialAllpages.php
	===================================================================
	--- includes/SpecialAllpages.php (revision 13537)
	+++ includes/SpecialAllpages.php (working copy)
	@@ -19,7 +19,9 @@

	$indexPage = new SpecialAllpages();

	- if( !in_array($namespace, array_keys($namespaces)) )
	+ #If namespace does not exist or the user is not allowed to access it
	+ #return him to the main namespace.
	+ if( !in_array($namespace, array_keys($namespaces)) \|\| !$wgUser->canAccessNamespace( $namespace))
	$namespace = 0;

	$wgOut->setPagetitle( $namespace > 0 ?
	Index: includes/SpecialRecentchangeslinked.php
	===================================================================
	--- includes/SpecialRecentchangeslinked.php (revision 13537)
	+++ includes/SpecialRecentchangeslinked.php (working copy)
	@@ -62,6 +62,16 @@
	$cmq = 'AND rc_minor=0';
	} else { $cmq = ''; }

	+ # Exclude all namespaces that are restricted to this user
	+ global $wgRestrictedNamespaces;
	+ if( is_array( $wgRestrictedNamespaces )) {
	+ foreach( $wgRestrictedNamespaces as $key => $value ) {
	+ if( ! $wgUser->canAccessNamespace( $key )) {
	+ $cmq .= ' AND page_namespace <>' . $key;
	+ }
	+ }
	+ }
	+
	extract( $dbr->tableNames( 'recentchanges', 'categorylinks', 'pagelinks', 'revision', 'page' , "watchlist" ) );

	$uid = $wgUser->getID();
	Index: includes/CategoryPage.php
	===================================================================
	--- includes/CategoryPage.php (revision 13537)
	+++ includes/CategoryPage.php (working copy)
	@@ -115,6 +115,11 @@

	$title = Title::makeTitle( $x->page_namespace, $x->page_title );

	+ # If this page is inside a restricted namespace, skip the result...
	+ if(!$wgUser->canAccessNamespace($title->getNamespace())) {
	+ continue;
	+ }
	+
	if( $title->getNamespace() == NS_CATEGORY ) {
	// Subcategory; strip the 'Category' namespace from the link text.
	array_push( $children, $sk->makeKnownLinkObj( $title, $wgContLang->convertHtml( $title->getText() ) ) );
	Index: includes/User.php
	===================================================================
	--- includes/User.php (revision 13537)
	+++ includes/User.php (working copy)
	@@ -1171,18 +1171,159 @@
	/**
	* Check if user is allowed to access a feature / make an action
	* @param string $action Action to be checked (see $wgAvailableRights in Defines.php for possible actions).
	+ * @param string $title Title of the article (so we can check if it's namespace is restricted to the user).
	* @return boolean True: action is allowed, False: action should not be allowed
	*/
	- function isAllowed($action='') {
	+ function isAllowed($action='',$title=NULL) {
	+ global $wgRestrictedNamespaces, $wgReadOnlyNSes;
	if ( $action === '' )
	// In the spirit of DWIM
	return true;

	$this->loadFromDatabase();
	+
	+ if( $title == NULL ) {
	+ global $wgTitle;
	+ $title = $wgTitle;
	+ }
	+
	+ $ns = $title->getNamespace();
	+ // If user wants to read a page, that page is in a read only namespace
	+ // and the user has the 'roread' right, allow him to read it. If it has
	+ // the 'roedit' right allow him to edit it.
	+ if( is_array($wgReadOnlyNSes)) {
	+ if( $action == 'read' && in_array($ns, $wgReadOnlyNSes) && in_array('roread', $this->mRights) && !$this->isBlocked() ) {
	+ return true;
	+ }
	+ if( $action == 'edit' && !$title->isProtected() && in_array($ns, $wgReadOnlyNSes) && in_array('roedit', $this->mRights) && !$this->isBlocked()) {
	+ return true;
	+ }
	+ }
	+
	+ // Prevent access to restricted namespaces if the user does not have all
	+ // required rights.
	+ if( !$this->canAccessNamespace($ns) ) {
	+ return false;
	+ }
	+
	+ // If we are in user's page, allow him to do everything...
	+ if ( $action == 'edit' && ($ns == NS_USER_TALK \|\| $ns == NS_USER) && $title->getText() == $this->getName() && !$this->isBlocked() && !$title->isProtected() ) {
	+ return true;
	+ }
	+
	+ if ( $action == 'protect' && ($ns == NS_USER_TALK \|\| $ns == NS_USER) && $title->getText() == $this->getName() && !$this->isBlocked() ){
	+ return true;
	+ }
	+
	+ // If user wants to edit a talk page and has the talk right, allow him to do so...
	+ if( $title->isTalkPage() && $action == 'edit' && in_array('talk', $this->mRights) && !$this->isBlocked() && !$title->isProtected() ){
	+ return true;
	+ }
	+
	+ // If user wants to leave a mesage on another's user talk page and that page is unprotected, allow him to do so...
	+ if( $action == 'edit' && $ns == NS_USER_TALK && !$this->isBlocked() && !$title->isProtected() ){
	+ return true;
	+ }
	+
	+ // If user has the sedit right, allow him to edit pages in the restricted namespaces
	+ // he has access.
	+ if( is_array($wgRestrictedNamespaces) && array_key_exists($ns, $wgRestrictedNamespaces)
	+ && $this->canAccessNamespace($ns) && !$this->isBlocked() ){
	+
	+ if( $action == 'edit' && in_array('sedit', $this->mRights) && !$title->isProtected() ) {
	+ return true;
	+ }
	+
	+ // If user has the sprotect right, allow him to edit pages in the in the restricted namespaces
	+ // he has access.
	+ if(($action == 'protect' \|\| $action == 'unprotect') && in_array('sprotect', $this->mRights)) {
	+ return true;
	+ }
	+
	+
	+ // If user has the sdelete right, allow him to edit pages in the in the restricted namespaces
	+ // he has access.
	+ if( !$title->isProtected() && ($action == 'delete' \|\| $action == 'undelete') && (in_array('sdelete', $this->mRights)) ) {
	+ return true;
	+ }
	+ }
	+
	+ //If the user wants to delete or undelete a page and it's blocked don't allow him to do so.
	+ if( ($action == 'delete' \|\| $action == 'undelete') && ($title->isProtected() \|\| $this->isBlocked()) ){
	+ return false;
	+ }
	+
	+
	+ //If the user wants to protect or unprotect a page and it's blocked don't allow him to do so.
	+ if( ($action == 'protect' \|\| $action == 'unprotect') && $this->isBlocked() ){
	+ return false;
	+ }
	return in_array( $action , $this->mRights );
	}

	/**
	+ * Check if user is allowed to access a given namespace
	+ * @param string $namespace ID of the namespace that needs to be checked.
	+ * @return boolean True: access is allowed, False: access is denied
	+ */
	+ function canAccessNamespace( $namespace='' ) {
	+ global $wgRestrictedNamespaces;
	+ $this->loadFromDatabase();
	+
	+ if( is_array( $wgRestrictedNamespaces )) {
	+ if( array_key_exists( $namespace, $wgRestrictedNamespaces ) ) {
	+ if( in_array($wgRestrictedNamespaces[$namespace], $this->mRights)){
	+ return true;
	+ }
	+ return false;
	+ }
	+ }
	+
	+ return true;
	+
	+ }
	+
	+ /**
	+ * Get the restricted namespaces the user has access to (talk namespaces not included).
	+ * @return string with the namespace names seperated by the "\n" character/
	+ */
	+ function getAllowedRNSes() {
	+ global $wgRestrictedNamespaces;
	+ $this->loadFromDatabase();
	+ $names = NULL;
	+
	+ if( is_array( $wgRestrictedNamespaces ) ) {
	+ foreach ($wgRestrictedNamespaces as $nsid => $ugroup) {
	+ if( $this->canAccessNamespace($nsid) && !($nsid %2) ) {
	+ $names .= Namespace::getCanonicalName($nsid)."\n";
	+ }
	+ }
	+ }
	+ return $names;
	+ }
	+
	+ /**
	+ * Get the main page title of each restricted namespace (talk namespaces not included)
	+ * the user has access to.
	+ * @return string: The titles seperated by the "\n" character.
	+ */
	+ function getRMainPages() {
	+ global $wgRestrictedNamespaces;
	+ $titles = NULL;
	+
	+ if( is_array( $wgRestrictedNamespaces ) ) {
	+ $namespaces = $this->getAllowedRNSes();
	+ $nsarray = explode("\n",$namespaces);
	+ foreach ($nsarray as $index => $nsname) {
	+ if($nsname != ""){
	+ $titles .= "[[".$nsname.":".wfMsgForContent( 'mainpage' )."\|".$nsname."]]"."<br/>\n";
	+ }
	+ }
	+ }
	+ return $titles;
	+ }
	+
	+ /**
	* Load a skin if it doesn't exist or return it
	* @todo FIXME : need to check the old failback system [AV]
	*/
	Index: includes/SpecialUserlogin.php
	===================================================================
	--- includes/SpecialUserlogin.php (revision 13537)
	+++ includes/SpecialUserlogin.php (working copy)
	@@ -411,6 +411,7 @@
	function successfulLogin( $msg, $auto = true ) {
	global $wgUser;
	global $wgOut;
	+ global $wgLinkWarn;

	# Run any hooks; ignore results

	@@ -420,7 +421,18 @@
	$wgOut->setRobotpolicy( 'noindex,nofollow' );
	$wgOut->setArticleRelated( false );
	$wgOut->addWikiText( $msg );
	- $wgOut->returnToMain( $auto );
	+
	+ if($wgUser->getRMainPages() != NULL) {
	+
	+ # We are going to put some links to restricted namespaces
	+ # that the user has access to, so we disable the warning.
	+ $wgLinkWarn = false;
	+
	+ $wgOut->addWikiText(wfMsg('RNSlist').str_replace( '_', ' ',$wgUser->getRMainPages()));
	+ $wgOut->returnToMain(false);
	+ }else{
	+ $wgOut->returnToMain( $auto );
	+ }
	}

	/** */
	Index: includes/SpecialWhatlinkshere.php
	===================================================================
	--- includes/SpecialWhatlinkshere.php (revision 13537)
	+++ includes/SpecialWhatlinkshere.php (working copy)
	@@ -199,6 +199,11 @@

	$wgOut->addHTML( '<ul>' );
	foreach ( $rows as $row ) {
	+ #If the linking page is located in a secured namespace, skip it.
	+ if(!$wgUser->canAccessNamespace($row->page_namespace)) {
	+ continue;
	+ }
	+
	$nt = Title::makeTitle( $row->page_namespace, $row->page_title );

	if ( $row->page_is_redirect ) {
	Index: includes/SpecialRecentchanges.php
	===================================================================
	--- includes/SpecialRecentchanges.php (revision 13537)
	+++ includes/SpecialRecentchanges.php (working copy)
	@@ -19,6 +19,7 @@
	global $wgUser, $wgOut, $wgRequest, $wgUseRCPatrol;
	global $wgRCShowWatchingUsers, $wgShowUpdatedMarker;
	global $wgAllowCategorizedRecentChanges ;
	+ global $wgRestrictedNamespaces, $wgHideCategoriesinRC, $wgHidenLogs, $wgHideLogs, $wgHideUtalk;
	$fname = 'wfSpecialRecentchanges';

	# Get query parameters
	@@ -126,8 +127,9 @@

	# Get last modified date, for client caching
	# Don't use this if we are using the patrol feature, patrol changes don't update the timestamp
	+ # Don't use it if there are hidden namespaces, as the feed must be different for the users
	$lastmod = $dbr->selectField( 'recentchanges', 'MAX(rc_timestamp)', false, $fname );
	- if ( $feedFormat \|\| !$wgUseRCPatrol ) {
	+ if ( !is_array( $wgRestrictedNamespaces ) && ($feedFormat \|\| !$wgUseRCPatrol) ) {
	if( $lastmod && $wgOut->checkLastModified( $lastmod ) ){
	# Client cache fresh and headers sent, nothing more to do.
	return;
	@@ -154,6 +156,32 @@
	}
	}

	+ # Hide all categories if $wgHideCategoriesinRC is set
	+ $hidem .= $wgHideCategoriesinRC ? ' AND rc_namespace <> 14':'';
	+ # Hide all User_talk pages if $wgHideUtalk is set
	+ $hidem .= $wgHideUtalk ? ' AND rc_namespace <> 3':'';
	+ # Hide all logs if $wgHideRCLogs is set
	+ $hidem .= $wgHideLogs ? ' AND rc_type <> 3':'';
	+ # Hide all logs or the log types in $wgHidenLogs.
	+ if(!$wgHideLogs && is_array($wgHidenLogs)){
	+ # Block and rights are namespace independed.
	+ $hidem .= in_array('block', $wgHidenLogs) ? ' AND rc_title <> "Log/block"':'';
	+ $hidem .= in_array('rights', $wgHidenLogs) ? ' AND rc_title <> "Log/rights"':'';
	+ # Hide the log types set in $wgHidenLogs
	+ $hidem .= in_array('protect', $wgHidenLogs) ? ' AND rc_title <> "Log/protect"':'';
	+ $hidem .= in_array('delete', $wgHidenLogs) ? ' AND rc_title <> "Log/delete"':'';
	+ $hidem .= in_array('upload', $wgHidenLogs) ? ' AND rc_title <> "Log/upload"':'';
	+ $hidem .= in_array('move', $wgHidenLogs) ? ' AND rc_title <> "Log/move"':'';
	+ }
	+ # Exclude all namespaces that are restricted to this user
	+ if( is_array( $wgRestrictedNamespaces )) {
	+ foreach( $wgRestrictedNamespaces as $key => $value ) {
	+ if( ! $wgUser->canAccessNamespace( $key )) {
	+ $hidem .= ' AND rc_namespace <>' . $key;
	+ }
	+ }
	+ }
	+
	# Namespace filtering
	$hidem .= is_null( $namespace ) ? '' : ' AND rc_namespace' . ($invert ? '!=' : '=') . $namespace;

	@@ -350,11 +378,18 @@
	* go ahead and use it even if there have been edits made
	* since it was rendered. This keeps a swarm of requests
	* from being too bad on a super-frequently edited wiki.
	+ *
	+ * Using restricted namespaces forbids caching the feed,
	+ * however, since it must be rendered according to user
	+ * rights.
	+ *
	*/
	- if( time() - wfTimestamp( TS_UNIX, $feedLastmod )
	+
	+ if( !is_array( $wgRestrictedNamespaces )
	+ && (time() - wfTimestamp( TS_UNIX, $feedLastmod )
	< $wgFeedCacheTimeout
	\|\| wfTimestamp( TS_UNIX, $feedLastmod )
	- > wfTimestamp( TS_UNIX, $lastmod ) ) {
	+ > wfTimestamp( TS_UNIX, $lastmod ) ) ) {
	wfDebug( "RC: loading feed from cache ($key; $feedLastmod; $lastmod)...\n" );
	$cachedFeed = $messageMemc->get( $key );
	} else {
	Index: includes/SearchEngine.php
	===================================================================
	--- includes/SearchEngine.php (revision 13537)
	+++ includes/SearchEngine.php (working copy)
	@@ -162,10 +162,10 @@
	* @access public
	*/
	function searchableNamespaces() {
	- global $wgContLang;
	+ global $wgContLang, $wgUser;
	$arr = array();
	foreach( $wgContLang->getNamespaces() as $ns => $name ) {
	- if( $ns >= NS_MAIN ) {
	+ if( $ns >= NS_MAIN && $wgUser->canAccessNamespace( $ns )) {
	$arr[$ns] = $name;
	}
	}
	Index: includes/Parser.php
	===================================================================
	--- includes/Parser.php (revision 13537)
	+++ includes/Parser.php (working copy)
	@@ -1482,6 +1482,16 @@
	$ns = $nt->getNamespace();
	$iw = $nt->getInterWiki();

	+ #If the link points to a restricted namespace outside the
	+ #parent namespace warn the user.
	+ global $wgRestrictedNamespaces, $wgLinkWarn ;
	+ if( $wgLinkWarn && is_array( $wgRestrictedNamespaces )) {
	+ if( array_key_exists( $ns, $wgRestrictedNamespaces ) && ($this->mTitle->getNamespace() != $ns)) {
	+ $s .=wfMsg( 'restrlink' ). $trail;
	+ continue;
	+ }
	+ }
	+
	if ($might_be_img) { # if this is actually an invalid link
	if ($ns == NS_IMAGE && $noforce) { #but might be an image
	$found = false;
	@@ -2520,6 +2530,10 @@
	if ( !$found ) {
	# Check for NS: (namespace expansion)
	$mwNs = MagicWord::get( MAG_NS );
	+ if ( $part1 == 'ns' ) {
	+ $text = $linestart . $wgContLang->getNsText( $this->mTitle->getNamespace() );
	+ $found = true;
	+ }
	if ( $mwNs->matchStartAndRemove( $part1 ) ) {
	if ( intval( $part1 ) \|\| $part1 == "0" ) {
	$text = $linestart . $wgContLang->getNsText( intval( $part1 ) );
	@@ -2671,6 +2685,16 @@
	# Check for excessive inclusion
	$dbk = $title->getPrefixedDBkey();
	if ( $this->incrementIncludeCount( $dbk ) ) {
	+ # Articles from restricted namespaces can't be used in templates.
	+ # They would appear or disappear based on the rights of the user
	+ # that refreshes the cache...
	+ if( is_array( $wgRestrictedNamespaces ) ) {
	+ if( array_key_exists( $title->getNamespace(), $wgRestrictedNamespaces ) ) {
	+ $found = true;
	+ $text = $linestart . wfMsg( 'templatenotincluded' );
	+ }
	+ }
	+
	if ( $title->getNamespace() == NS_SPECIAL && $this->mOptions->getAllowSpecialInclusion() ) {
	# Capture special page output
	$text = SpecialPage::capturePath( $title );
	Index: includes/SpecialContributions.php
	===================================================================
	--- includes/SpecialContributions.php (revision 13537)
	+++ includes/SpecialContributions.php (working copy)
	@@ -16,7 +16,14 @@
	}

	function set_namespace($ns) {
	- $this->namespace = $ns;
	+ global $wgUser;
	+ # If the namespace asked is restricted return
	+ # to the main namespace.
	+ if($wgUser->canAccessNamespace($ns)) {
	+ $this->namespace = $ns;
	+ }else{
	+ $this->namespace = 0;
	+ }
	}

	function set_limit($limit) {
	@@ -69,15 +76,30 @@
	}

	function get_namespace_cond() {
	- if ($this->namespace !== false)
	+ global $wgUser;
	+ # Include the namespace in the querry only if it's not restricted to the user.
	+ if (($this->namespace !== false) && ($wgUser->canAccessNamespace($this->namespace))) {
	return ' AND page_namespace = ' . (int)$this->namespace;
	- return '';
	+ }else {
	+ return '';
	+ }
	}

	function get_previous_offset_for_paging() {
	list($index, $usercond) = $this->get_user_cond();
	$nscond = $this->get_namespace_cond();

	+ # Exclude all namespaces that are restricted to this user
	+ global $wgRestrictedNamespaces;
	+ global $wgUser;
	+ if( is_array( $wgRestrictedNamespaces )) {
	+ foreach( $wgRestrictedNamespaces as $key => $value ) {
	+ if( ! $wgUser->canAccessNamespace( $key )) {
	+ $nscond .= ' AND page_namespace <>' . $key;
	+ }
	+ }
	+ }
	+
	$use_index = $this->dbr->useIndexClause($index);
	extract($this->dbr->tableNames('page', 'revision'));

	@@ -123,6 +145,16 @@
	$offsetQuery = "AND rev_timestamp <= '{$this->offset}'";

	$nscond = $this->get_namespace_cond();
	+ # Exclude all namespaces that are restricted to this user
	+ global $wgRestrictedNamespaces;
	+ global $wgUser;
	+ if( is_array( $wgRestrictedNamespaces )) {
	+ foreach( $wgRestrictedNamespaces as $key => $value ) {
	+ if( ! $wgUser->canAccessNamespace( $key )) {
	+ $nscond .= ' AND page_namespace <>' . $key;
	+ }
	+ }
	+ }
	$use_index = $this->dbr->useIndexClause($index);
	$sql = "SELECT
	page_namespace,page_title,page_is_new,page_latest,
	Index: includes/Export.php
	===================================================================
	--- includes/Export.php (revision 13537)
	+++ includes/Export.php (working copy)
	@@ -239,7 +239,13 @@
	*/
	function outputStream( $resultset ) {
	$last = null;
	+ global $wgUser;
	while( $row = $resultset->fetchObject() ) {
	+ #If page is in a secured namespace, skip the row.
	+ if(!$wgUser->canAccessNamespace($row->page_namespace) ){
	+ continue;
	+ }
	+
	if( is_null( $last ) \|\|
	$last->page_namespace != $row->page_namespace \|\|
	$last->page_title != $row->page_title ) {
	@@ -332,9 +338,13 @@
	}

	function namespaces() {
	- global $wgContLang;
	- $spaces = " <namespaces>\n";
	- foreach( $wgContLang->getFormattedNamespaces() as $ns => $title ) {
	+ global $wgContLang, $wgUser;
	+ $spaces = "<namespaces>\n";
	+ # Don't display restricted namespaces.
	+ foreach( $wgContLang->getNamespaces() as $ns => $title ) {
	+ if(!$wgUser->canAccessNamespace($ns) ){
	+ continue;
	+ }
	$spaces .= ' ' . wfElement( 'namespace', array( 'key' => $ns ), $title ) . "\n";
	}
	$spaces .= " </namespaces>";
	Index: includes/Title.php
	===================================================================
	--- includes/Title.php (revision 13537)
	+++ includes/Title.php (working copy)
	@@ -977,6 +977,12 @@
	wfProfileOut( $fname );
	return false;
	}
	+
	+ if( !$wgUser->canAccessNamespace( $this->mNamespace )) {
	+ wfProfileOut( $fname );
	+ return false;
	+ }
	+
	// XXX: This is the code that prevents unprotecting a page in NS_MEDIAWIKI
	// from taking effect -ævar
	if( NS_MEDIAWIKI == $this->mNamespace &&
	@@ -1082,7 +1088,7 @@
	return $result;
	}

	- if( $wgUser->isAllowed('read') ) {
	+ if( $wgUser->isAllowed('read',$this )){
	return true;
	} else {
	global $wgWhitelistRead;
	@@ -1096,17 +1102,19 @@
	}

	/** some pages are explicitly allowed */
	+ if( is_array( $wgWhitelistRead )) {
	$name = $this->getPrefixedText();
	- if( $wgWhitelistRead && in_array( $name, $wgWhitelistRead ) ) {
	+ if( in_array( $name, $wgWhitelistRead ) ) {
	return true;
	}

	# Compatibility with old settings
	- if( $wgWhitelistRead && $this->getNamespace() == NS_MAIN ) {
	+ if( $this->getNamespace() == NS_MAIN ) {
	if( in_array( ':' . $name, $wgWhitelistRead ) ) {
	return true;
	}
	}
	+ }
	}
	return false;
	}
	Index: includes/SpecialLog.php
	===================================================================
	--- includes/SpecialLog.php (revision 13537)
	+++ includes/SpecialLog.php (working copy)
	@@ -297,11 +297,41 @@
	* @access private
	*/
	function logLine( $s ) {
	- global $wgLang;
	+ global $wgLang, $wgUser;
	+ global $wgHideLogs, $wgHidenLogs;
	$title = Title::makeTitle( $s->log_namespace, $s->log_title );
	$user = Title::makeTitleSafe( NS_USER, $s->user_name );
	$time = $wgLang->timeanddate( wfTimestamp(TS_MW, $s->log_timestamp), true );

	+ # Hide all logs or the log types in $wgHidenLogs.
	+
	+ # Block and rights are namespace independed.
	+ if((is_array($wgHidenLogs) &&
	+ ((in_array('block', $wgHidenLogs) && $s->log_type =='block' )
	+ \|\|(in_array('rights', $wgHidenLogs) && $s->log_type=='rights'))
	+ \|\|($wgHideLogs && ($s->log_type=='block' \|\|$s->log_type=='rights')))){
	+ return;
	+ }
	+
	+ # Upload namespaces are public.
	+ if(is_array($wgHidenLogs) && (in_array('upload', $wgHidenLogs) && $s->log_type=='upload') \|\| ($wgHideLogs && $s->log_type=='upload')) {
	+ return;
	+ }
	+
	+ # We hide the rest only for the restricted namespaces.
	+ if(!$wgUser->canAccessNamespace($s->log_namespace)){
	+ if($wgHideLogs){
	+ return;
	+ }
	+ if(is_array($wgHidenLogs)){
	+ if((in_array('protect', $wgHidenLogs) && $s->log_type=='protect')
	+ \|\|(in_array('delete', $wgHidenLogs) && $s->log_type=='delete')
	+ \|\|(in_array('move', $wgHidenLogs) && $s->log_type=='move')){
	+ return;
	+ }
	+ }
	+ }
	+
	// Enter the existence or non-existence of this page into the link cache,
	// for faster makeLinkObj() in LogPage::actionText()
	$linkCache =& LinkCache::singleton();
	Index: includes/SpecialPreferences.php
	===================================================================
	--- includes/SpecialPreferences.php (revision 13537)
	+++ includes/SpecialPreferences.php (working copy)
	@@ -86,7 +86,7 @@
	if ( $this->mPosted ) {
	$namespaces = $wgContLang->getNamespaces();
	foreach ( $namespaces as $i => $namespace ) {
	- if ( $i >= 0 ) {
	+ if ( $i >= 0 && $wgUser->canAccessNamespace( $i) ) {
	$this->mSearchNs[$i] = $request->getCheck( "wpNs$i" ) ? 1 : 0;
	}
	}
	@@ -360,7 +360,7 @@

	$namespaces = $wgContLang->getNamespaces();
	foreach ( $namespaces as $i => $namespace ) {
	- if ( $i >= NS_MAIN ) {
	+ if ( $i >= NS_MAIN && $wgUser->canAccessNamespace( $i)) {
	$this->mSearchNs[$i] = $wgUser->getOption( 'searchNs'.$i );
	}
	}
	@@ -377,7 +377,7 @@
	$r1 = null;

	foreach ( $namespaces as $i => $name ) {
	- if ($i < 0)
	+ if ($i < 0 \|\| !$wgUser->canAccessNamespace( $i))
	continue;
	$checked = $this->mSearchNs[$i] ? "checked='checked'" : '';
	$name = str_replace( '_', ' ', $namespaces[$i] );
	Index: includes/DefaultSettings.php
	===================================================================
	--- includes/DefaultSettings.php (revision 13537)
	+++ includes/DefaultSettings.php (working copy)
	@@ -1554,7 +1554,97 @@
	# );
	$wgExtraNamespaces = NULL;

	+ /**
	+ * Hidden namespaces. If you include a namespace in this array, only users with
	+ * the matching priviledges will be able to see and edit pages in this
	+ * namespace.
	+ *
	+ * The form is " namespace => 'priviledge' " e.g.
	+ *
	+ * $wgRestrictedNamespaces =
	+ * array(100 => 'coolguy',
	+ * 101 => 'coolguy'
	+ * );
	+ *
	+ * where 100 is the namespace id and 'coolguy' is the priviledge.
	+ *
	+ * Each priv. is a string in an array, you can add as many as you like
	+ * in the $wgGroupPermitions array e.g.
	+ *
	+ *$wgGroupPermissions['allowed']['coolguy'] = true;
	+ *
	+ * In this example you asigned the 'coolguy' priviledge to the 'allowed' group.
	+ *
	+ */
	+$wgRestrictedNamespaces = NULL;
	+
	/**
	+ * In case you want only to deny the edit right on a namespace, you may put it
	+ * in this array. You also need to asign the 'roread' right to the usergroup you
	+ * want to be able to read and the 'roedit' right to the usergroup you want to be
	+ * able to edit. Read only namespaces are not hiden (nor their logs etc).
	+ *
	+ * Example: $wgReadOnlyNSes = array(100,101);
	+ *
	+ */
	+$wgReadOnlyNSes = NULL;
	+
	+/**
	+ * In case you have categories of pages located on a restricted namespaces
	+ * those categories will appear empty and might be comfusing. Setting this
	+ * var to true, (all) categories will be hidden in the Recent changes.
	+ */
	+$wgHideCategoriesinRC = false;
	+
	+/**
	+ * Logs in Recent Changes are treated all the same, so normaly users will be able
	+ * to see moves, protects and deletes of pages in restricted namespaces. Setting
	+ * this var to true will hide all logs in Recent Changes and only those for restricted
	+ * namespaces in Special:Log.
	+ */
	+$wgHideLogs = false;
	+
	+/**
	+ * In case you want to customize what logs the user can see both in Recent Changes
	+ * and Special:Log, modify this array to include the log types you want to hide. This is
	+ * overriden by $wgHideLogs for Recent Changes and those logs for restricted
	+ * namespaces in Special:Log. This feature lets you hide also the 'block' and 'rights'
	+ * log types that are namespace independed in Special:Log, or show them in RC while
	+ * hiding the rest.
	+ *
	+ * This example shows how to hide all log types in RC, and (block/rights) in Special:Log
	+ * (the others in Special:Log are are filtered based on namespace access rights so they
	+ * apply only for restricted namespaces).
	+ *
	+ *$wgHidenLogs = array('block','protect', 'rights', 'delete','upload', 'move');
	+ */
	+$wgHidenLogs = NULL;
	+
	+/**
	+ * In case some user tries to create a link from some namespace to an other restricted
	+ * namespace, while the page gets parsed, instead of the link, a warning message will appear
	+ * ('restrlink') to let the user know. If the link is in the same namespace as the edited page,
	+ * no check will be done.
	+ */
	+$wgLinkWarn = true;
	+
	+/**
	+ * In case you want to hide logs about User Talk pages (namespace 3) fromnrecent changes
	+ * set this to true.
	+ *
	+ */
	+$wgHideUtalk = false;
	+
	+/**
	+ * You can use this array to alter wiki's upper left logo depending on the namespace
	+ * you are in.
	+ *
	+ * Example:
	+ * $wgNamespaceLogos = array ( 100 => '/url_path_to/logo.gif');
	+**/
	+$wgNamespaceLogos = NULL;
	+
	+/**
	* Limit images on image description pages to a user-selectable limit. In order
	* to reduce disk usage, limits can only be selected from a list. This is the
	* list of settings the user can choose from:
	Index: includes/QueryPage.php
	===================================================================
	--- includes/QueryPage.php (revision 13537)
	+++ includes/QueryPage.php (working copy)
	@@ -435,8 +435,14 @@
	class PageQueryPage extends QueryPage {

	function formatResult( $skin, $result ) {
	- global $wgContLang;
	+ global $wgContLang, $wgUser;
	$nt = Title::makeTitle( $result->namespace, $result->title );
	+
	+ # Don't show wanted pages in restricted namespaces
	+ if( !$wgUser->canAccessNamespace( $nt->getNamespace() ) ) {
	+ return "";
	+ }
	+
	return $skin->makeKnownLinkObj( $nt, htmlspecialchars( $wgContLang->convert( $nt->getPrefixedText() ) ) );
	}
	}
	Index: includes/SpecialListusers.php
	===================================================================
	--- includes/SpecialListusers.php (revision 13537)
	+++ includes/SpecialListusers.php (working copy)
	@@ -76,7 +76,7 @@
	* @todo localize
	*/
	function getPageHeader( ) {
	- global $wgScript;
	+ global $wgScript, $wgUser;

	// Various variables used for the form
	$action = htmlspecialchars( $wgScript );
	@@ -89,7 +89,8 @@
	wfMsgHtml( 'groups-editgroup-name' ) . '<select name="group">';

	// get group names
	- $groups = User::getAllGroups();
	+ //$groups = User::getAllGroups();
	+ $groups = $wgUser->getGroups();

	// we want a default empty group
	$out.= '<option value=""></option>';
	@@ -174,6 +175,7 @@
	}

	function formatResult( $skin, $result ) {
	+ global $wgUser;
	$userPage = Title::makeTitle( $result->namespace, $result->title );
	$name = $skin->makeLinkObj( $userPage, htmlspecialchars( $userPage->getText() ) );

	Index: includes/SpecialWantedpages.php
	===================================================================
	--- includes/SpecialWantedpages.php (revision 13537)
	+++ includes/SpecialWantedpages.php (working copy)
	@@ -68,9 +68,15 @@


	function formatResult( $skin, $result ) {
	- global $wgContLang;
	+ global $wgContLang, $wgUser;

	$nt = Title::makeTitle( $result->namespace, $result->title );
	+
	+ # Don't show wanted pages in restricted namespaces
	+ if( !$wgUser->canAccessNamespace( $nt->getNamespace() ) ) {
	+ return "";
	+ }
	+
	$text = $wgContLang->convert( $nt->getPrefixedText() );
	$plink = $this->isCached() ?
	$skin->makeLinkObj( $nt, $text ) :
	Index: includes/SpecialRandompage.php
	===================================================================
	--- includes/SpecialRandompage.php (revision 13537)
	+++ includes/SpecialRandompage.php (working copy)
	@@ -11,12 +11,12 @@
	* used as e.g. Special:Randompage/Category
	*/
	function wfSpecialRandompage( $par = NS_MAIN ) {
	- global $wgOut, $wgExtraRandompageSQL, $wgContLang;
	+ global $wgOut, $wgExtraRandompageSQL, $wgContLang, $wgUser;
	$fname = 'wfSpecialRandompage';

	# Determine the namespace to get a random page from.
	$namespace = $wgContLang->getNsIndex($par);
	- if ($namespace === false \|\| $namespace < NS_MAIN) {
	+ if ($namespace === false \|\| $namespace < NS_MAIN \|\| !$wgUser->canAccessNamespace($namespace)) {
	$namespace = NS_MAIN;
	}

File Metadata

Mime Type: text/x-diff
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 1464
Default Alt Text: restrict-20060406.diff (29 KB)

restrict-20060406.diffPublicActions

restrict-20060406.diffView Options

File Metadata

Event Timeline

restrict-20060406.diff
Public
Actions

restrict-20060406.diff
View Options