Page MenuHomePhabricator
Files F1965

mediawiki-1.8.2-restrictednamespaces.patch
Public
Actions

Authored By
bzimport
Nov 21 2014, 8:20 PM
Size
38 KB
Referenced Files
None
Subscribers
None

mediawiki-1.8.2-restrictednamespaces.patch
View Options

diff -iEbdu -r ./includes/Article.php ./includes/Article.php
--- ./includes/Article.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/Article.php 2006-12-07 15:30:54.340034100 +0100
@@ -644,7 +644,6 @@
# If we got diff and oldid in the query, we want to see a
# diff page instead of the article.
-
if ( !is_null( $diff ) ) {
$wgOut->setPageTitle( $this->mTitle->getPrefixedText() );
diff -iEbdu -r ./includes/CategoryPage.php ./includes/CategoryPage.php
--- ./includes/CategoryPage.php 2006-11-21 16:36:14.472026700 +0100
+++ ./includes/CategoryPage.php 2006-12-07 15:22:52.721070900 +0100
@@ -175,6 +175,7 @@
}
function doCategoryQuery() {
+ global $wgUser;
$dbr =& wfGetDB( DB_SLAVE );
if( $this->from != '' ) {
$pageCondition = 'cl_sortkey >= ' . $dbr->addQuotes( $this->from );
@@ -210,6 +211,11 @@
$title = Title::makeTitle( $x->page_namespace, $x->page_title );
+ # If this page is inside a restricted namespace, skip the result...
+ if(!$wgUser->canAccessNamespace($title->getNamespace())) {
+ continue;
+ }
+
if( $title->getNamespace() == NS_CATEGORY ) {
$this->addSubcategory( $title, $x->cl_sortkey, $x->page_len );
} elseif( $title->getNamespace() == NS_IMAGE ) {
diff -iEbdu -r ./includes/DefaultSettings.php ./includes/DefaultSettings.php
--- ./includes/DefaultSettings.php 2006-10-14 02:06:34.000000000 +0200
+++ ./includes/DefaultSettings.php 2006-12-07 15:30:58.121429300 +0100
@@ -914,6 +914,13 @@
$wgGroupPermissions['bot' ]['autoconfirmed'] = true;
// Most extra permission abilities go to this group
+$wgGroupPermissions['sysop']['createpage'] = true;
+$wgGroupPermissions['sysop']['createtalk'] = true;
+$wgGroupPermissions['sysop']['read'] = true;
+$wgGroupPermissions['sysop']['edit'] = true;
+$wgGroupPermissions['sysop']['minoredit'] = true;
+$wgGroupPermissions['sysop']['roread'] = true;
+$wgGroupPermissions['sysop']['roedit'] = true;
$wgGroupPermissions['sysop']['block'] = true;
$wgGroupPermissions['sysop']['createaccount'] = true;
$wgGroupPermissions['sysop']['delete'] = true;
@@ -1747,6 +1754,96 @@
$wgExtraNamespaces = NULL;
/**
+ * Hidden namespaces. If you include a namespace in this array, only users with
+ * the matching priviledges will be able to see and edit pages in this
+ * namespace.
+ *
+ * The form is " namespace => 'priviledge' " e.g.
+ *
+ * $wgRestrictedNamespaces =
+ * array(100 => 'coolguy',
+ * 101 => 'coolguy'
+ * );
+ *
+ * where 100 is the namespace id and 'coolguy' is the priviledge.
+ *
+ * Each priv. is a string in an array, you can add as many as you like
+ * in the $wgGroupPermitions array e.g.
+ *
+ *$wgGroupPermissions['allowed']['coolguy'] = true;
+ *
+ * In this example you asigned the 'coolguy' priviledge to the 'allowed' group.
+ *
+ */
+$wgRestrictedNamespaces = NULL;
+
+/**
+ * In case you want only to deny the edit right on a namespace, you may put it
+ * in this array. You also need to asign the 'roread' right to the usergroup you
+ * want to be able to read and the 'roedit' right to the usergroup you want to be
+ * able to edit. Read only namespaces are not hiden (nor their logs etc).
+ *
+ * Example: $wgReadOnlyNSes = array(100,101);
+ *
+ */
+$wgReadOnlyNSes = NULL;
+
+/**
+ * In case you have categories of pages located on a restricted namespaces
+ * those categories will appear empty and might be comfusing. Setting this
+ * var to true, (all) categories will be hidden in the Recent changes.
+ */
+$wgHideCategoriesinRC = false;
+
+/**
+ * Logs in Recent Changes are treated all the same, so normaly users will be able
+ * to see moves, protects and deletes of pages in restricted namespaces. Setting
+ * this var to true will hide all logs in Recent Changes and only those for restricted
+ * namespaces in Special:Log.
+ */
+$wgHideLogs = false;
+
+/**
+ * In case you want to customize what logs the user can see both in Recent Changes
+ * and Special:Log, modify this array to include the log types you want to hide. This is
+ * overriden by $wgHideLogs for Recent Changes and those logs for restricted
+ * namespaces in Special:Log. This feature lets you hide also the 'block' and 'rights'
+ * log types that are namespace independed in Special:Log, or show them in RC while
+ * hiding the rest.
+ *
+ * This example shows how to hide all log types in RC, and (block/rights) in Special:Log
+ * (the others in Special:Log are are filtered based on namespace access rights so they
+ * apply only for restricted namespaces).
+ *
+ *$wgHidenLogs = array('block','protect', 'rights', 'delete','upload', 'move');
+ */
+$wgHidenLogs = NULL;
+
+/**
+ * In case some user tries to create a link from some namespace to an other restricted
+ * namespace, while the page gets parsed, instead of the link, a warning message will appear
+ * ('restrlink') to let the user know. If the link is in the same namespace as the edited page,
+ * no check will be done.
+ */
+$wgLinkWarn = true;
+
+/**
+ * In case you want to hide logs about User Talk pages (namespace 3) fromnrecent changes
+ * set this to true.
+ *
+ */
+$wgHideUtalk = false;
+
+/**
+ * You can use this array to alter wiki's upper left logo depending on the namespace
+ * you are in.
+ *
+ * Example:
+ * $wgNamespaceLogos = array ( 100 => '/url_path_to/logo.gif');
+ **/
+$wgNamespaceLogos = NULL;
+
+/**
* Limit images on image description pages to a user-selectable limit. In order
* to reduce disk usage, limits can only be selected from a list. This is the
* list of settings the user can choose from:
diff -iEbdu -r ./includes/Export.php ./includes/Export.php
--- ./includes/Export.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/Export.php 2006-12-07 15:30:56.355736500 +0100
@@ -256,7 +256,13 @@
*/
function outputStream( $resultset ) {
$last = null;
+ global $wgUser;
while( $row = $resultset->fetchObject() ) {
+ #If page is in a secured namespace, skip the row.
+ if(!$wgUser->canAccessNamespace($row->page_namespace) ){
+ continue;
+ }
+
if( is_null( $last ) ||
$last->page_namespace != $row->page_namespace ||
$last->page_title != $row->page_title ) {
@@ -349,11 +355,14 @@
}
function namespaces() {
- global $wgContLang;
- $spaces = " <namespaces>\n";
+ global $wgContLang, $wgUser;
+ $spaces = "<namespaces>\n";
foreach( $wgContLang->getFormattedNamespaces() as $ns => $title ) {
+ if($wgUser->canAccessNamespace($ns))
+ {
$spaces .= ' ' . wfElement( 'namespace', array( 'key' => $ns ), $title ) . "\n";
}
+ }
$spaces .= " </namespaces>";
return $spaces;
}
diff -iEbdu -r ./includes/OutputPage.php ./includes/OutputPage.php
--- ./includes/OutputPage.php 2006-10-14 02:06:34.000000000 +0200
+++ ./includes/OutputPage.php 2006-12-07 15:30:56.636997300 +0100
@@ -236,7 +236,7 @@
foreach ( $categories as $category => $arbitrary ) {
$title = Title::makeTitleSafe( NS_CATEGORY, $category );
$text = $wgContLang->convertHtml( $title->getText() );
- $this->mCategoryLinks[] = $sk->makeLinkObj( $title, $text );
+ $this->mCategoryLinks[] = $sk->makeKnownLinkObj( $title, $text );
}
}
@@ -723,6 +723,7 @@
$this->mBodytext = '';
$groups = array();
+
foreach( $wgGroupPermissions as $key => $value ) {
if( isset( $value[$permission] ) && $value[$permission] == true ) {
$groupName = User::getGroupName( $key );
@@ -777,6 +778,21 @@
$skin = $wgUser->getSkin();
+ if($wgTitle->getNamespace() >= 100){
+ $usersNamespaces = $wgUser->getAllowedRNSes();
+ $usersNamespacesArray = explode("\n", $usersNamespaces);
+ $currentNamespace = Namespace::getCanonicalName($wgTitle->getNamespace());
+
+ if (!in_array($currentNamespace, $usersNamespacesArray)) {
+ $this->setPageTitle( wfMsg( 'noaccesstitle' ) );
+ $this->setHtmlTitle( wfMsg( 'errorpagetitle' ) );
+ $this->setRobotPolicy( 'noindex,nofollow' );
+ $this->setArticleFlag( false );
+ $this->addHTML( wfMsgHtml( 'noaccesstext') );
+ } else {
+ // Should never reach here.
+ }
+ } else {
$this->setPageTitle( wfMsg( 'loginreqtitle' ) );
$this->setHtmlTitle( wfMsg( 'errorpagetitle' ) );
$this->setRobotPolicy( 'noindex,nofollow' );
@@ -793,6 +809,7 @@
if( $mainPage->userCanRead() )
$this->returnToMain( true, $mainPage );
}
+ }
/** @obsolete */
function databaseError( $fname, $sql, $error, $errno ) {
diff -iEbdu -r ./includes/Parser.php ./includes/Parser.php
--- ./includes/Parser.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/Parser.php 2006-12-07 16:39:15.760002900 +0100
@@ -1463,6 +1463,7 @@
*/
function replaceInternalLinks( $s ) {
global $wgContLang;
+ global $wgUser;
static $fname = 'Parser::replaceInternalLinks' ;
wfProfileIn( $fname );
@@ -1604,6 +1605,17 @@
$ns = $nt->getNamespace();
$iw = $nt->getInterWiki();
+
+ #If the link points to a restricted namespace outside the
+ #parent namespace warn the user.
+ global $wgRestrictedNamespaces, $wgLinkWarn ;
+ if( $wgLinkWarn && is_array( $wgRestrictedNamespaces )) {
+ if( array_key_exists( $ns, $wgRestrictedNamespaces ) && !$wgUser->canAccessNamespace( $ns )) {/*($this->mTitle->getNamespace() != $ns)) {*/
+ $s .=wfMsg( 'restrlink' ). $trail;
+ continue;
+ }
+ }
+
wfProfileOut( "$fname-title" );
if ($might_be_img) { # if this is actually an invalid link
@@ -2826,7 +2838,7 @@
* @private
*/
function braceSubstitution( $piece ) {
- global $wgContLang, $wgLang, $wgAllowDisplayTitle, $action;
+ global $wgContLang, $wgLang, $wgAllowDisplayTitle, $action, $wgRestrictedNamespaces;
$fname = __METHOD__ /*. '-L' . count( $this->mArgStack )*/;
wfProfileIn( $fname );
wfProfileIn( __METHOD__.'-setup' );
@@ -2994,6 +3006,15 @@
}
if ( !$title->isExternal() ) {
+ # Articles from restricted namespaces can't be used in templates.
+ # They would appear or disappear based on the rights of the user
+ # that refreshes the cache...
+ if( is_array( $wgRestrictedNamespaces ) ) {
+ if( array_key_exists( $title->getNamespace(), $wgRestrictedNamespaces ) ) {
+ $found = true;
+ $text = $linestart . wfMsg( 'templatenotincluded' );
+ }
+ }
if ( $title->getNamespace() == NS_SPECIAL && $this->mOptions->getAllowSpecialInclusion() && $this->ot['html'] ) {
$text = SpecialPage::capturePath( $title );
if ( is_string( $text ) ) {
diff -iEbdu -r ./includes/QueryPage.php ./includes/QueryPage.php
--- ./includes/QueryPage.php 2006-10-14 02:06:34.000000000 +0200
+++ ./includes/QueryPage.php 2006-12-07 15:30:58.355813300 +0100
@@ -474,8 +474,14 @@
class PageQueryPage extends QueryPage {
function formatResult( $skin, $result ) {
- global $wgContLang;
+ global $wgContLang, $wgUser;
$nt = Title::makeTitle( $result->namespace, $result->title );
+
+ # Don't show wanted pages in restricted namespaces
+ if( !$wgUser->canAccessNamespace( $nt->getNamespace() ) ) {
+ return "";
+ }
+
return $skin->makeKnownLinkObj( $nt, htmlspecialchars( $wgContLang->convert( $nt->getPrefixedText() ) ) );
}
}
diff -iEbdu -r ./includes/SearchEngine.php ./includes/SearchEngine.php
--- ./includes/SearchEngine.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/SearchEngine.php 2006-12-07 16:12:19.098684900 +0100
@@ -167,10 +167,10 @@
* @access public
*/
function searchableNamespaces() {
- global $wgContLang;
+ global $wgContLang, $wgUser;
$arr = array();
foreach( $wgContLang->getNamespaces() as $ns => $name ) {
- if( $ns >= NS_MAIN ) {
+ if( $ns >= NS_MAIN && $wgUser->canAccessNamespace($ns)) {
$arr[$ns] = $name;
}
}
diff -iEbdu -r ./includes/Skin.php ./includes/Skin.php
--- ./includes/Skin.php 2006-10-14 02:06:34.000000000 +0200
+++ ./includes/Skin.php 2006-12-07 15:41:43.918198000 +0100
@@ -121,7 +121,6 @@
include_once( "{$wgStyleDirectory}/{$skinName}.deps.php" );
wfRestoreWarnings();
require_once( "{$wgStyleDirectory}/{$skinName}.php" );
-
# Check if we got if not failback to default skin
$className = 'Skin'.$skinName;
if( !class_exists( $className ) ) {
@@ -1511,11 +1510,22 @@
*/
function buildSidebar() {
global $parserMemc, $wgEnableSidebarCache;
- global $wgLang, $wgContLang;
+ global $wgLang, $wgContLang, $wgUser, $wgTitle;
+ global $wgExtraNamespaces, $wgRestrictedNamespaces;
$fname = 'SkinTemplate::buildSidebar';
wfProfileIn( $fname );
+ $nsname = '';
+ if(is_object($wgTitle))
+ {
+ $nsid = $wgTitle->getNamespace();
+ if(in_array($nsid, array_keys($wgExtraNamespaces)) &&
+ in_array($nsid, array_keys($wgRestrictedNamespaces)))
+ {
+ $nsname = $wgExtraNamespaces[$nsid].":";
+ }
+ }
$key = wfMemcKey( 'sidebar' );
$cacheSidebar = $wgEnableSidebarCache &&
@@ -1550,13 +1560,28 @@
$href = self::makeInternalOrExternalUrl( $link );
$bar[$heading][] = array(
'text' => $text,
- 'href' => $href,
+ 'href' => preg_replace('/Main_Page$/', $nsname."Main_Page", $href),
'id' => 'n-' . strtr($line[1], ' ', '-'),
'active' => false
);
} else { continue; }
}
}
+ $heading = 'your namespaces';
+ $lines = explode( "\n", $wgUser->getAllowedRNSes() );
+ if (count($lines) > 0 && $lines[0] != '') {
+ foreach ($lines as $line) {
+ $bar[$heading][] = array(
+ 'text' => $line,
+ 'href' => $this->makeInternalOrExternalUrl( $line . ':' . wfMsgForContent( 'mainpage' ) ),
+ 'id' => 'n-' . strtr($line, ' ', '-'),
+ 'active' => false
+ );
+ }
+ }
+
if ($cacheSidebar)
$cachednotice = $parserMemc->set( $key, $bar, 86400 );
wfProfileOut( $fname );
diff -iEbdu -r ./includes/SpecialAllpages.php ./includes/SpecialAllpages.php
--- ./includes/SpecialAllpages.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/SpecialAllpages.php 2006-12-07 15:21:46.970229300 +0100
@@ -10,17 +10,24 @@
* @param $specialPage @see SpecialPage object.
*/
function wfSpecialAllpages( $par=NULL, $specialPage ) {
- global $wgRequest, $wgOut, $wgContLang;
+ global $wgRequest, $wgOut, $wgContLang, $wgUser;
# GET values
$from = $wgRequest->getVal( 'from' );
$namespace = $wgRequest->getInt( 'namespace' );
$namespaces = $wgContLang->getNamespaces();
+ if ( isset($par) ) {
+ foreach ($namespaces as $ns_id => $ns_name) {
+ if ($par == $ns_name) {
+ $namespace = $ns_id;
+ }
+ }
+ }
$indexPage = new SpecialAllpages();
- if( !in_array($namespace, array_keys($namespaces)) )
+ if( !in_array($namespace, array_keys($namespaces)) || !$wgUser->canAccessNamespace( $namespace))
$namespace = 0;
$wgOut->setPagetitle( $namespace > 0 ?
@@ -28,9 +35,7 @@
wfMsg( 'allarticles' )
);
- if ( isset($par) ) {
- $indexPage->showChunk( $namespace, $par, $specialPage->including() );
- } elseif ( isset($from) ) {
+ if ( isset($from) ) {
$indexPage->showChunk( $namespace, $from, $specialPage->including() );
} else {
$indexPage->showToplevel ( $namespace, $specialPage->including() );
diff -iEbdu -r ./includes/SpecialContributions.php ./includes/SpecialContributions.php
--- ./includes/SpecialContributions.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/SpecialContributions.php 2006-12-07 15:30:56.136978100 +0100
@@ -16,7 +16,14 @@
}
function setNamespace( $ns ) {
+ global $wgUser;
+ # If the namespace asked is restricted return
+ # to the main namespace.
+ if($wgUser->canAccessNamespace($ns)) {
$this->namespace = $ns;
+ }else{
+ $this->namespace = 0;
+ }
}
function setLimit( $limit ) {
@@ -72,15 +79,30 @@
}
function getNamespaceCond() {
- if ( $this->namespace !== false )
+ global $wgUser;
+ # Include the namespace in the querry only if it's not restricted to the user.
+ if (($this->namespace !== false) && ($wgUser->canAccessNamespace($this->namespace))) {
return ' AND page_namespace = ' . (int)$this->namespace;
+ } else {
return '';
}
+ }
function getPreviousOffsetForPaging() {
list( $index, $usercond ) = $this->getUserCond();
$nscond = $this->getNamespaceCond();
+ # Exclude all namespaces that are restricted to this user
+ global $wgRestrictedNamespaces;
+ global $wgUser;
+ if( is_array( $wgRestrictedNamespaces )) {
+ foreach( $wgRestrictedNamespaces as $key => $value ) {
+ if( ! $wgUser->canAccessNamespace( $key )) {
+ $nscond .= ' AND page_namespace <>' . $key;
+ }
+ }
+ }
+
$use_index = $this->dbr->useIndexClause( $index );
extract( $this->dbr->tableNames( 'page', 'revision' ) );
@@ -137,6 +159,16 @@
$offsetQuery = "AND rev_timestamp <= '{$this->offset}'";
$nscond = $this->getNamespaceCond();
+ # Exclude all namespaces that are restricted to this user
+ global $wgRestrictedNamespaces;
+ global $wgUser;
+ if( is_array( $wgRestrictedNamespaces )) {
+ foreach( $wgRestrictedNamespaces as $key => $value ) {
+ if( ! $wgUser->canAccessNamespace( $key )) {
+ $nscond .= ' AND page_namespace <>' . $key;
+ }
+ }
+ }
$use_index = $this->dbr->useIndexClause( $index );
$sql = "SELECT
page_namespace,page_title,page_is_new,page_latest,
diff -iEbdu -r ./includes/SpecialLog.php ./includes/SpecialLog.php
--- ./includes/SpecialLog.php 2006-10-14 02:06:34.000000000 +0200
+++ ./includes/SpecialLog.php 2006-12-07 15:30:57.433902900 +0100
@@ -302,11 +302,42 @@
* @private
*/
function logLine( $s ) {
- global $wgLang;
+ global $wgLang, $wgUser;
+ global $wgHideLogs, $wgHidenLogs;
$title = Title::makeTitle( $s->log_namespace, $s->log_title );
$user = Title::makeTitleSafe( NS_USER, $s->user_name );
$time = $wgLang->timeanddate( wfTimestamp(TS_MW, $s->log_timestamp), true );
+ # Hide all logs or the log types in $wgHidenLogs.
+ # Block and rights are namespace independed.
+ if((is_array($wgHidenLogs) &&
+ ((in_array('block', $wgHidenLogs) && $s->log_type =='block' )
+ ||(in_array('rights', $wgHidenLogs) && $s->log_type=='rights'))
+ ||($wgHideLogs && ($s->log_type=='block' ||$s->log_type=='rights')))){
+ return;
+ }
+
+ # Upload namespaces are public.
+ if(is_array($wgHidenLogs) &&
+ (in_array('upload', $wgHidenLogs) && $s->log_type=='upload') ||
+ ($wgHideLogs && $s->log_type=='upload')) {
+ return;
+ }
+
+ # We hide the rest only for the restricted namespaces.
+ if(!$wgUser->canAccessNamespace($s->log_namespace)){
+ if($wgHideLogs){
+ return;
+ }
+ if(is_array($wgHidenLogs)){
+ if((in_array('protect', $wgHidenLogs) && $s->log_type=='protect')
+ ||(in_array('delete', $wgHidenLogs) && $s->log_type=='delete')
+ ||(in_array('move', $wgHidenLogs) && $s->log_type=='move')){
+ return;
+ }
+ }
+ }
+
// Enter the existence or non-existence of this page into the link cache,
// for faster makeLinkObj() in LogPage::actionText()
$linkCache =& LinkCache::singleton();
diff -iEbdu -r ./includes/SpecialPreferences.php ./includes/SpecialPreferences.php
--- ./includes/SpecialPreferences.php 2006-12-07 11:51:17.164600800 +0100
+++ ./includes/SpecialPreferences.php 2006-12-07 15:30:57.730789300 +0100
@@ -88,7 +88,7 @@
if ( $this->mPosted ) {
$namespaces = $wgContLang->getNamespaces();
foreach ( $namespaces as $i => $namespace ) {
- if ( $i >= 0 ) {
+ if ( $i >= 0 && $wgUser->canAccessNamespace( $i) ) {
$this->mSearchNs[$i] = $request->getCheck( "wpNs$i" ) ? 1 : 0;
}
}
@@ -384,7 +384,7 @@
$namespaces = $wgContLang->getNamespaces();
foreach ( $namespaces as $i => $namespace ) {
- if ( $i >= NS_MAIN ) {
+ if ( $i >= NS_MAIN && $wgUser->canAccessNamespace( $i) ) {
$this->mSearchNs[$i] = $wgUser->getOption( 'searchNs'.$i );
}
}
@@ -394,14 +394,14 @@
* @access private
*/
function namespacesCheckboxes() {
- global $wgContLang;
+ global $wgContLang, $wgUser;
# Determine namespace checkboxes
$namespaces = $wgContLang->getNamespaces();
$r1 = null;
foreach ( $namespaces as $i => $name ) {
- if ($i < 0)
+ if ($i < 0 || !$wgUser->canAccessNamespace( $i) )
continue;
$checked = $this->mSearchNs[$i] ? "checked='checked'" : '';
$name = str_replace( '_', ' ', $namespaces[$i] );
diff -iEbdu -r ./includes/SpecialRandompage.php ./includes/SpecialRandompage.php
--- ./includes/SpecialRandompage.php 2006-10-14 02:06:36.000000000 +0200
+++ ./includes/SpecialRandompage.php 2006-12-07 15:30:59.058965300 +0100
@@ -11,12 +11,15 @@
* used as e.g. Special:Randompage/Category
*/
function wfSpecialRandompage( $par = NS_MAIN ) {
- global $wgOut, $wgExtraRandompageSQL, $wgContLang, $wgLang;
+ global $wgOut, $wgExtraRandompageSQL, $wgContLang, $wgLang, $wgUser;
$fname = 'wfSpecialRandompage';
# Determine namespace
$t = Title::newFromText ( $par . ":Dummy" ) ;
$namespace = $t->getNamespace () ;
+ if ($namespace === false || $namespace < NS_MAIN || !$wgUser->canAccessNamespace($namespace)) {
+ $namespace = NS_MAIN;
+ }
# NOTE! We use a literal constant in the SQL instead of the RAND()
# function because RAND() will return a different value for every row
diff -iEbdu -r ./includes/SpecialRecentchanges.php ./includes/SpecialRecentchanges.php
--- ./includes/SpecialRecentchanges.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/SpecialRecentchanges.php 2006-12-07 15:30:55.011934900 +0100
@@ -17,6 +17,7 @@
global $wgUser, $wgOut, $wgRequest, $wgUseRCPatrol, $wgDBtype;
global $wgRCShowWatchingUsers, $wgShowUpdatedMarker;
global $wgAllowCategorizedRecentChanges ;
+ global $wgRestrictedNamespaces, $wgHideCategoriesinRC, $wgHidenLogs, $wgHideLogs, $wgHideUtalk;
$fname = 'wfSpecialRecentchanges';
# Get query parameters
@@ -124,8 +125,9 @@
# Get last modified date, for client caching
# Don't use this if we are using the patrol feature, patrol changes don't update the timestamp
+ # Don't use it if there are hidden namespaces, as the feed must be different for the users
$lastmod = $dbr->selectField( 'recentchanges', 'MAX(rc_timestamp)', false, $fname );
- if ( $feedFormat || !$wgUseRCPatrol ) {
+ if ( !is_array( $wgRestrictedNamespaces ) && ($feedFormat || !$wgUseRCPatrol) ) {
if( $lastmod && $wgOut->checkLastModified( $lastmod ) ){
# Client cache fresh and headers sent, nothing more to do.
return;
@@ -152,6 +154,32 @@
}
}
+ # Hide all categories if $wgHideCategoriesinRC is set
+ $hidem .= $wgHideCategoriesinRC ? ' AND rc_namespace <> 14':'';
+ # Hide all User_talk pages if $wgHideUtalk is set
+ $hidem .= $wgHideUtalk ? ' AND rc_namespace <> 3':'';
+ # Hide all logs if $wgHideRCLogs is set
+ $hidem .= $wgHideLogs ? ' AND rc_type <> 3':'';
+ # Hide all logs or the log types in $wgHidenLogs.
+ if(!$wgHideLogs && is_array($wgHidenLogs)){
+ # Block and rights are namespace independed.
+ $hidem .= in_array('block', $wgHidenLogs) ? ' AND rc_title <> "Log/block"':'';
+ $hidem .= in_array('rights', $wgHidenLogs) ? ' AND rc_title <> "Log/rights"':'';
+ # Hide the log types set in $wgHidenLogs
+ $hidem .= in_array('protect', $wgHidenLogs) ? ' AND rc_title <> "Log/protect"':'';
+ $hidem .= in_array('delete', $wgHidenLogs) ? ' AND rc_title <> "Log/delete"':'';
+ $hidem .= in_array('upload', $wgHidenLogs) ? ' AND rc_title <> "Log/upload"':'';
+ $hidem .= in_array('move', $wgHidenLogs) ? ' AND rc_title <> "Log/move"':'';
+ }
+ # Exclude all namespaces that are restricted to this user
+ if( is_array( $wgRestrictedNamespaces )) {
+ foreach( $wgRestrictedNamespaces as $key => $value ) {
+ if( ! $wgUser->canAccessNamespace( $key )) {
+ $hidem .= ' AND rc_namespace <>' . $key;
+ }
+ }
+ }
+
# Namespace filtering
$hidem .= is_null( $namespace ) ? '' : ' AND rc_namespace' . ($invert ? '!=' : '=') . $namespace;
@@ -349,8 +377,13 @@
* go ahead and use it even if there have been edits made
* since it was rendered. This keeps a swarm of requests
* from being too bad on a super-frequently edited wiki.
+ *
+ * Using restricted namespaces forbids caching the feed,
+ * however, since it must be rendered according to user
+ * rights.
*/
- if( time() - wfTimestamp( TS_UNIX, $feedLastmod )
+ if( !is_array( $wgRestrictedNamespaces )
+ && time() - wfTimestamp( TS_UNIX, $feedLastmod )
< $wgFeedCacheTimeout
|| wfTimestamp( TS_UNIX, $feedLastmod )
> wfTimestamp( TS_UNIX, $lastmod ) ) {
diff -iEbdu -r ./includes/SpecialRecentchangeslinked.php ./includes/SpecialRecentchangeslinked.php
--- ./includes/SpecialRecentchangeslinked.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/SpecialRecentchangeslinked.php 2006-12-07 15:22:21.173792100 +0100
@@ -67,6 +67,16 @@
$cmq = 'AND rc_minor=0';
} else { $cmq = ''; }
+ # Exclude all namespaces that are restricted to this user
+ global $wgRestrictedNamespaces;
+ if( is_array( $wgRestrictedNamespaces )) {
+ foreach( $wgRestrictedNamespaces as $key => $value ) {
+ if( ! $wgUser->canAccessNamespace( $key )) {
+ $cmq .= ' AND page_namespace <>' . $key;
+ }
+ }
+ }
+
extract( $dbr->tableNames( 'recentchanges', 'categorylinks', 'pagelinks', 'revision', 'page' , "watchlist" ) );
$uid = $wgUser->getID();
diff -iEbdu -r ./includes/SpecialUserlogin.php ./includes/SpecialUserlogin.php
--- ./includes/SpecialUserlogin.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/SpecialUserlogin.php 2006-12-07 15:30:54.574418100 +0100
@@ -475,6 +475,7 @@
function successfulLogin( $msg, $auto = true ) {
global $wgUser;
global $wgOut;
+ global $wgLinkWarn;
# Run any hooks; ignore results
@@ -484,12 +485,20 @@
$wgOut->setRobotpolicy( 'noindex,nofollow' );
$wgOut->setArticleRelated( false );
$wgOut->addWikiText( $msg );
+ if($wgUser->getRMainPages() != NULL) {
+ # We are going to put some links to restricted namespaces
+ # that the user has access to, so we disable the warning.
+ $wgLinkWarn = false;
+ $wgOut->addWikiText(wfMsg('RNSlist')."<br>".str_replace( '_', ' ',$wgUser->getRMainPages()));
+ $wgOut->returnToMain(false);
+ } else {
if ( !empty( $this->mReturnTo ) ) {
$wgOut->returnToMain( $auto, $this->mReturnTo );
} else {
$wgOut->returnToMain( $auto );
}
}
+ }
/** */
function userNotPrivilegedMessage() {
diff -iEbdu -r ./includes/SpecialWantedpages.php ./includes/SpecialWantedpages.php
--- ./includes/SpecialWantedpages.php 2006-10-14 02:06:36.000000000 +0200
+++ ./includes/SpecialWantedpages.php 2006-12-07 15:30:58.871458100 +0100
@@ -67,10 +67,15 @@
function formatResult( $skin, $result ) {
- global $wgLang;
+ global $wgLang, $wgUser;
$title = Title::makeTitleSafe( $result->namespace, $result->title );
+ # Don't show wanted pages in restricted namespaces
+ if( !$wgUser->canAccessNamespace( $title->getNamespace() ) ) {
+ return "";
+ }
+
if( $this->isCached() ) {
# Check existence; which is stored in the link cache
if( !$title->exists() ) {
diff -iEbdu -r ./includes/SpecialWhatlinkshere.php ./includes/SpecialWhatlinkshere.php
--- ./includes/SpecialWhatlinkshere.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/SpecialWhatlinkshere.php 2006-12-07 15:30:54.761925300 +0100
@@ -73,7 +73,7 @@
* @private
*/
function showIndirectLinks( $level, $target, $limit, $from = 0, $dir = 'next' ) {
- global $wgOut;
+ global $wgOut, $wgUser;
$fname = 'WhatLinksHerePage::showIndirectLinks';
$dbr =& wfGetDB( DB_READ );
@@ -199,6 +199,11 @@
$wgOut->addHTML( '<ul>' );
foreach ( $rows as $row ) {
+ #If the linking page is located in a secured namespace, skip it.
+ if(!$wgUser->canAccessNamespace($row->page_namespace)) {
+ continue;
+ }
+
$nt = Title::makeTitle( $row->page_namespace, $row->page_title );
if ( $row->page_is_redirect ) {
diff -iEbdu -r ./includes/Title.php ./includes/Title.php
--- ./includes/Title.php 2006-10-14 02:06:34.000000000 +0200
+++ ./includes/Title.php 2006-12-07 17:06:26.249622900 +0100
@@ -1026,6 +1026,10 @@
wfProfileOut( $fname );
return false;
}
+ if( !$wgUser->canAccessNamespace( $this->mNamespace )) {
+ wfProfileOut( $fname );
+ return false;
+ }
// XXX: This is the code that prevents unprotecting a page in NS_MEDIAWIKI
// from taking effect -ævar
if( NS_MEDIAWIKI == $this->mNamespace &&
@@ -1133,7 +1137,7 @@
return $result;
}
- if( $wgUser->isAllowed('read') ) {
+ if( $wgUser->isAllowed('read', $this) ) {
return true;
} else {
global $wgWhitelistRead;
@@ -1147,18 +1151,19 @@
}
/** some pages are explicitly allowed */
+ if( is_array( $wgWhitelistRead )) {
$name = $this->getPrefixedText();
- if( $wgWhitelistRead && in_array( $name, $wgWhitelistRead ) ) {
+ if( in_array( $name, $wgWhitelistRead ) ) {
return true;
}
-
# Compatibility with old settings
- if( $wgWhitelistRead && $this->getNamespace() == NS_MAIN ) {
+ if( $this->getNamespace() == NS_MAIN ) {
if( in_array( ':' . $name, $wgWhitelistRead ) ) {
return true;
}
}
}
+ }
return false;
}
diff -iEbdu -r ./includes/User.php ./includes/User.php
--- ./includes/User.php 2006-10-14 02:06:32.000000000 +0200
+++ ./includes/User.php 2006-12-07 15:30:54.011896500 +0100
@@ -871,6 +871,7 @@
}
$effectiveGroups = array_merge( $implicitGroups, $this->mGroups );
+
$this->mRights = $this->getGroupPermissions( $effectiveGroups );
}
@@ -1348,16 +1349,155 @@
* @param string $action Action to be checked
* @return boolean True: action is allowed, False: action should not be allowed
*/
- function isAllowed($action='') {
+ function isAllowed($action='', $title=NULL) {
+ global $wgRestrictedNamespaces, $wgReadOnlyNSes;
if ( $action === '' )
// In the spirit of DWIM
return true;
$this->loadFromDatabase();
+ if( $title == NULL ) {
+ global $wgTitle;
+ $title = $wgTitle;
+ }
+ $ns = $title->getNamespace();
+
+ // If user wants to read a page, that page is in a read only namespace
+ // and the user has the 'roread' right, allow him to read it. If it has
+ // the 'roedit' right allow him to edit it.
+ if( is_array($wgReadOnlyNSes)) {
+ if( $action == 'read' && in_array($ns, $wgReadOnlyNSes) &&
+ in_array('roread', $this->mRights) && !$this->isBlocked() ) {
+ return true;
+ }
+ if( $action == 'edit' && !$title->isProtected() &&
+ in_array($ns, $wgReadOnlyNSes) && in_array('roedit', $this->mRights) && !$this->isBlocked()) {
+ return true;
+ }
+ }
+
+ // Prevent access to restricted namespaces if the user does not have all
+ // required rights.
+ if( !$this->canAccessNamespace($ns) ) {
+ return false;
+ }
+
+ // If we are in user's page, allow him to do everything...
+ if ( $action == 'edit' && ($ns == NS_USER_TALK || $ns == NS_USER) &&
+ $title->getText() == $this->getName() && !$this->isBlocked() && !$title->isProtected() ) {
+ return true;
+ }
+
+ if ( $action == 'protect' && ($ns == NS_USER_TALK || $ns == NS_USER) &&
+ $title->getText() == $this->getName() && !$this->isBlocked() ){
+ return true;
+ }
+
+ // If user wants to edit a talk page and has the talk right, allow him to do so...
+ if( $title->isTalkPage() && $action == 'edit' && in_array('talk', $this->mRights) &&
+ !$this->isBlocked() && !$title->isProtected() ){
+ return true;
+ }
+
+ // If user wants to leave a mesage on another's user talk page and that page is unprotected, allow him to do so...
+ if( $action == 'edit' && $ns == NS_USER_TALK && !$this->isBlocked() && !$title->isProtected() ){
+ return true;
+ }
+
+ // If user has the sedit right, allow him to edit pages in the restricted namespaces
+ // he has access.
+ if( is_array($wgRestrictedNamespaces) && array_key_exists($ns, $wgRestrictedNamespaces)
+ && $this->canAccessNamespace($ns) && !$this->isBlocked() ){
+ if( $action == 'edit' && in_array('sedit', $this->mRights) && !$title->isProtected() ) {
+ return true;
+ }
+
+ // If user has the sprotect right, allow him to edit pages in the in the restricted namespaces
+ // he has access.
+ if(($action == 'protect' || $action == 'unprotect') && in_array('sprotect', $this->mRights)) {
+ return true;
+ }
+
+ // If user has the sdelete right, allow him to edit pages in the in the restricted namespaces
+ // he has access.
+ if( !$title->isProtected() && ($action == 'delete' || $action == 'undelete') &&
+ (in_array('sdelete', $this->mRights)) ) {
+ return true;
+ }
+ }
+
+ //If the user wants to delete or undelete a page and it's blocked don't allow him to do so.
+ if( ($action == 'delete' || $action == 'undelete') && ($title->isProtected() || $this->isBlocked()) ){
+ return false;
+ }
+
+ //If the user wants to protect or unprotect a page and it's blocked don't allow him to do so.
+ if( ($action == 'protect' || $action == 'unprotect') && $this->isBlocked() ){
+ return false;
+ }
+
return in_array( $action , $this->mRights );
}
/**
+ * Check if user is allowed to access a given namespace
+ * @param string $namespace ID of the namespace that needs to be checked.
+ * @return boolean True: access is allowed, False: access is denied
+ */
+ function canAccessNamespace( $namespace='' ) {
+ global $wgRestrictedNamespaces;
+ $this->loadFromDatabase();
+ if( is_array( $wgRestrictedNamespaces )) {
+ if( array_key_exists( $namespace, $wgRestrictedNamespaces ) ) {
+ if( in_array($wgRestrictedNamespaces[$namespace], $this->mRights)){
+ return true;
+ }
+ return false;
+ }
+ }
+ return true;
+ }
+
+ /**
+ * Get the restricted namespaces the user has access to (talk namespaces not included).
+ * @return string with the namespace names seperated by the "\n" character/
+ */
+ function getAllowedRNSes() {
+ global $wgRestrictedNamespaces;
+ $this->loadFromDatabase();
+ $names = NULL;
+ if( is_array( $wgRestrictedNamespaces ) ) {
+ foreach ($wgRestrictedNamespaces as $nsid => $ugroup) {
+ #if( $this->canAccessNamespace($nsid) && !($nsid %2) ) { #huh!?!? what the hell is the mod 2 about?
+ if( $this->canAccessNamespace($nsid) ) {
+ $names .= Namespace::getCanonicalName($nsid)."\n";
+ }
+ }
+ }
+ return $names;
+ }
+
+ /**
+ * Get the main page title of each restricted namespace (talk namespaces not included)
+ * the user has access to.
+ * @return string: The titles seperated by the "\n" character.
+ */
+ function getRMainPages() {
+ global $wgRestrictedNamespaces;
+ $titles = NULL;
+ if( is_array( $wgRestrictedNamespaces ) ) {
+ $namespaces = $this->getAllowedRNSes();
+ $nsarray = explode("\n",$namespaces);
+ foreach ($nsarray as $index => $nsname) {
+ if($nsname != ""){
+ $titles .= "[[".$nsname.":".wfMsgForContent( 'mainpage' )."|".$nsname."]]"."<br/>\n";
+ }
+ }
+ }
+ return $titles;
+ }
+
+ /**
* Load a skin if it doesn't exist or return it
* @todo FIXME : need to check the old failback system [AV]
*/
@@ -1370,7 +1510,8 @@
# get the user skin
$userSkin = $this->getOption( 'skin' );
$userSkin = $wgRequest->getVal('useskin', $userSkin);
-
+ ini_set('display_errors', true);
+ ini_set('error_reporting', 2047);
$this->mSkin =& Skin::newFromKey( $userSkin );
wfProfileOut( $fname );
}
diff -iEbdu -r ./includes/Wiki.php ./includes/Wiki.php
--- ./includes/Wiki.php 2006-10-14 02:06:34.000000000 +0200
+++ ./includes/Wiki.php 2006-12-07 15:30:56.855755700 +0100
@@ -331,7 +331,6 @@
/* No such action; this will switch to the default case */
$action = 'nosuchaction';
}
-
switch( $action ) {
case 'view':
$output->setSquidMaxage( $this->getVal( 'SquidMaxage' ) );
diff -iEbdu -r ./languages/messages/MessagesEn.php ./languages/messages/MessagesEn.php
--- ./languages/messages/MessagesEn.php 2006-10-14 02:07:00.000000000 +0200
+++ ./languages/messages/MessagesEn.php 2006-12-07 15:30:59.512107700 +0100
@@ -1589,6 +1589,7 @@
# Namespace form on various pages
'namespace' => 'Namespace:',
'invert' => 'Invert selection',
+'RNSlist' => 'Available Namespaces',
# Contributions
#
diff -iEbdu -r ./skins/CologneBlue.php ./skins/CologneBlue.php
--- ./skins/CologneBlue.php 2006-10-14 02:06:12.000000000 +0200
+++ ./skins/CologneBlue.php 2006-12-07 15:20:32.734904100 +0100
@@ -183,41 +183,43 @@
$s .= $this->menuHead( "qbfind" );
$s .= $this->searchForm();
- $s .= $this->menuHead( "qbbrowse" );
+ #$s .= $this->menuHead( "qbbrowse" );
- # Use the first heading from the Monobook sidebar as the "browse" section
+ # Use the first two headings from the Monobook sidebar as the "browse" section
$bar = $this->buildSidebar();
- $browseLinks = reset( $bar );
-
+ foreach($bar as $sectionTitle => $browseLinks)
+ {
+ $s .= $this->menuHeadText($sectionTitle);
foreach ( $browseLinks as $link ) {
if ( $link['text'] != '-' ) {
$s .= "<a href=\"{$link['href']}\">" .
htmlspecialchars( $link['text'] ) . '</a>' . $sep;
}
}
+ }
if ( $wgOut->isArticle() ) {
- $s .= $this->menuHead( "qbedit" );
- $s .= "<strong>" . $this->editThisPage() . "</strong>";
-
- $s .= $sep . $this->makeKnownLink( wfMsgForContent( "edithelppage" ), wfMsg( "edithelp" ) );
-
- if( $wgUser->isLoggedIn() ) {
- $s .= $sep . $this->moveThisPage();
- }
- if ( $wgUser->isAllowed('delete') ) {
- $dtp = $this->deleteThisPage();
- if ( "" != $dtp ) {
- $s .= $sep . $dtp;
- }
- }
- if ( $wgUser->isAllowed('protect') ) {
- $ptp = $this->protectThisPage();
- if ( "" != $ptp ) {
- $s .= $sep . $ptp;
- }
- }
- $s .= $sep;
+# $s .= $this->menuHead( "qbedit" );
+# $s .= "<strong>" . $this->editThisPage() . "</strong>";
+#
+# $s .= $sep . $this->makeKnownLink( wfMsgForContent( "edithelppage" ), wfMsg( "edithelp" ) );
+#
+# if( $wgUser->isLoggedIn() ) {
+# $s .= $sep . $this->moveThisPage();
+# }
+# if ( $wgUser->isAllowed('delete') ) {
+# $dtp = $this->deleteThisPage();
+# if ( "" != $dtp ) {
+# $s .= $sep . $dtp;
+# }
+# }
+# if ( $wgUser->isAllowed('protect') ) {
+# $ptp = $this->protectThisPage();
+# if ( "" != $ptp ) {
+# $s .= $sep . $ptp;
+# }
+# }
+# $s .= $sep;
$s .= $this->menuHead( "qbpageoptions" );
$s .= $this->talkLink()
@@ -295,6 +297,12 @@
return $s;
}
+ function menuHeadText( $text )
+ {
+ $s = "\n<h6>" . $text . "</h6>";
+ return $s;
+ }
+
function searchForm( $label = "" )
{
global $wgRequest;

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1468
Default Alt Text
mediawiki-1.8.2-restrictednamespaces.patch (38 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL