Page MenuHomePhabricator
Create Task
Maniphest T3740

A more advanced control over read access.
Closed, ResolvedPublic
Actions

Description

Author: mavcunha

Description:
I've just installed the 1.4rc1 to manage some developer documentation but the
Wiki was elected to manage all documents on my site. The first trouble I've got
was the read access rights.
The Whitelist(Read|Edit|Account) works fine but how can I isolate part of the
Wiki from anonymous readers? What I need was an option like WhitelistRead but
doing the exactly the reverse thing, this way I could protect some restricted
information without worry with the growth of the Wiki.

Hacking the code I've came with some rough solution, here is it:

First you will have another option in LocalSettings.php called

$wgProtectedPages witch is an
array.

So my LocalSettings.php looks like:

--snip--
# Disabling anonymous edits.
$wgWhitelistEdit = true;
# Specify who may create new accounts: 0 means no, 1 means yes
$wgWhitelistAccount = array ( 'user' => 0, 'sysop' => 1, 'developer' => 0 );

$wgWhitelistRead  = array('Main Page'); 
$wgProtectedPages = array (
      'Protected', 
      'Systems.*LDAP$' #you can use RegExp here.
);      

 --snip--

 For this work you should define $wgWhitelistRead, so putting the 'Main Page'

is a good idea since you probably won't block this page.

Now, for the $wgProtectedPages you can define in each element an (Perl)

Regular Expression (I will use preg_match() to check the title) or the name of
the page you want to restrict.

And now the hack itself, in Title.php (witch asks for the isAllowed('read')

in User.php), in function userCanRead() /Sorry but I have to paste some code here/:

--snip--

} else {
       global $wgWhitelistRead, $wgProtectedPages; # our new option
       
       /** If anon users can create an account,
           they need to reach the login page first! */
       if( $wgUser->isAllowed( 'createaccount' )
           && $this->getNamespace() == NS_SPECIAL
           && $this->getText() == 'Userlogin' ) {
               return true;
       }

       $name = $this->getPrefixedText();

       # the new code, witch tries with preg_match() find
       # if this page is protected so anon can't read this.
       if (is_array($wgProtectedPages) ) {
               foreach($wgProtectedPages as $pageName) {
                       if( preg_match("/$pageName/",$name) ) {
                               return false;
                       }
               }
               return true;
       }

       /** some pages are explicitly allowed */
       if( in_array( $name, $wgWhitelistRead ) ) {
               return true;
       }
       --snip--

With this kind of check I can protect a complete subtree, generate a
auto-protected for new pages using some keyword in the title, or protect just
one single page. As you can see $wgProtectedPages has precedence above
$wgWhitelistRead.

Hope I didn't broke something, any thought?

Version: unspecified
Severity: enhancement

Details

Reference
bz1740

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 8:17 PM
bzimport added a project: MediaWiki-General.
bzimport set Reference to bz1740.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Mar 23 2005, 10:11 PM
bzimport added a comment.Apr 19 2005, 2:08 PM

maphiwe wrote:

Please check whether enhancement 1924
(http://bugzilla.wikipedia.org/show_bug.cgi?id=1924) fulfills your needs...

brion added a comment.Jun 25 2005, 12:17 AM
  • This bug has been marked as a duplicate of 1924 ***
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL