Extension:Group Based Access Control/AllUsers-0-8Mod

From MediaWiki.org
Jump to: navigation, search

See Extension_talk:Group_Based_Access_Control#All_users This modification allows you to use "*" as a group name to reference all wiki users. You just have to replace two functions with these:

        // The callback function for user access
        function controlUserAccess( $input, $showGroupText, $useReadOnlyFlag = false )
        {
                // Grab currently logged in user
                global $wgUser;

                // whether to show or to show not the little message on the Site
                global $wgAccessControlDisableMessages;
                // the page where we redirect if access was denied
                global $wgAdminCanReadAll;

                global $wgArticlePath;

                // get allowed Groups from Tag
                $groupAccess = explode(",,", $input);

                $groupsToDisplay = getGroupsToDisplay($groupAccess);

                $allowedAccess = getAllowedUsersFromGroupPages($groupAccess, $useReadOnlyFlag);

                debugme("controlUserAccess_0: the following users have access: ".implode($allowedAccess," / "));

                debugme("controlUserAccess_1: testing for access for user ".$wgUser->getName());
                // if user is NOT in Array of allowed Users...
                if (!in_array(strtolower(trim($wgUser->getName())), $allowedAccess))
                {
                        foreach($groupAccess as $groupEntry)
                        {
                                $groupTitle = makeGroupTitle($groupEntry, $readOnly);
                                debugme("controlUserAccess_A: Testing grouptitle -> " . $groupTitle);

                                if(strcmp(trim($groupTitle), '*'))
                                {
                                         debugme("controlUserAccess_B: user in group '*', so access is granted");
                                        if($useReadOnlyFlag == true) return false;
                                         if ($showGroupText)
                                         {
                                                return( displayGroups($groupsToDisplay) );
                                         } else {
                                                return true;
                                         }
                                }
                        }

                        debugme("controlUserAccess_2: user ".$wgUser->getName()." not in group(s) ".str_replace("(ro)","",implode($groupsToDisplay,"/")).", testing for sysop rights");
                        // if user in sysop-Group and admins may see restricted pages allow access nevertheless
                        if ((in_array("sysop", $wgUser->mGroups)) && ($wgAdminCanReadAll == true))
                        {
                                debugme("controlUserAccess_3: user ".$wgUser->getName()." is sysop and wgAdminCanReadAll is true, so access will be granted");
                                // Allow Access (and show Text if configured)
                                if ($showGroupText)
                                {
                                        return( displayGroups($groupsToDisplay) );
                                }
                                else
                                {
                                        return true;
                                }
                        }
                        else
                        {
                                debugme("user controlUserAccess_4: ".$wgUser->getName()." is not sysop or wgAdminCanReadAll is not true, so access is not allowed");
                                doRedirect();
                                return false;
                        }
                }
                else
                {
                        debugme("controlUserAccess_6: access granted, user ".$wgUser->getName()." is in group(s) ".implode($groupsToDisplay,"/"));
                        // Allow Access (and show Text if configured)
                        if ($showGroupText)
                        {
                                return( displayGroups($groupsToDisplay) );
                        }
                        else
                        {
                                return true;
                        }
                }
        }

        // The callback function for user access if $wgUseMediaWikiGroups is set
        function controlMediaWikiUserAccess( $input, $showGroupText, $useReadOnlyFlag = false )
        {
                global $wgUser;
                global $wgAdminCanReadAll;
                global $wgAccessControlAnonymousGroupName;

                // get allowed Groups from Tag
                $groupAccess = explode(",,", $input);
                $readOnly = false;

                require_once("includes/User.php");

                debugme("controlMediaWikiUserAccess_1: ".$wgUser->getName());

                $groupsToDisplay = getGroupsToDisplay($groupAccess);

                $wgUsermGroups = $wgUser->mGroups;
                if (anonymousUser($wgUser))
                {
                        $wgUsermGroups[] = $wgAccessControlAnonymousGroupName;
                }       

                if(in_array("sysop", $wgUsermGroups) && $wgAdminCanReadAll)
                {
                        debugme("controlMediaWikiUserAccess_2: user in sysop group, so access is granted");

                        if ($showGroupText)
                        {
                                return( displayGroups($groupsToDisplay) );
                        }
                        else
                        {
                                return true;
                        }
                }

                foreach($groupAccess as $groupEntry)
                {
                        $groupTitle = makeGroupTitle($groupEntry, $readOnly);
                        debugme("controlMediaWikiUserAccess_3: Group = " . $groupTitle);

                        if (($useReadOnlyFlag == true) && ($readOnly == true))
                        {
                                debugme("controlMediaWikiUserAccess_4: group '".$groupTitle."', is readonly so access is not granted");
                        }
                        else
                        {
                                if(in_array($groupTitle, $wgUsermGroups))
                                {
                                        debugme("controlMediaWikiUserAccess_5: user in group '".$groupTitle."', so access is granted");
                                        if ($showGroupText)
                                        {
                                                return( displayGroups($groupsToDisplay) );
                                        }
                                        else
                                        {
                                                return true;
                                        }
                                } else if ($groupTitle == '*')
                                {
                                        debugme("controlMediaWikiUserAccess_4: user in group '*', so access is granted");
                                        if ($showGroupText)
                                        {
                                                return( displayGroups($groupsToDisplay) );
                                        } else { 
                                                return true;
                                        }
                                }
                        }
                }

                debugme("controlMediaWikiUserAccess_6: user access denied");
                doRedirect();
                return false;
        }
Retrieved from "http://www.mediawiki.org/w/index.php?title=Extension:Group_Based_Access_Control/AllUsers-0-8Mod&oldid=297540"
Personal tools
Namespaces

Variants
Actions
Navigation
Support
Download
Development
Communication
Print/export
Toolbox