Index: trunk/phase3/UPGRADE
===================================================================
--- trunk/phase3/UPGRADE (revision 9631)
+++ trunk/phase3/UPGRADE (revision 9632)
@@ -48,11 +48,22 @@
set:
$wgGroupPermissions['*']['createaccount'] = false;
-If $wgWhitelistRead is set, things need to be funked around. This needs work.
+$wgWhitelistEdit has been replaced by the 'edit' permission key.
+To emulate the old effect of setting:
+ $wgWhitelistEdit = true;
+set:
+ $wgGroupPermissions['*']['edit'] = false;
-bla bla bla
+If $wgWhitelistRead is set, you must also disable the 'read' permission
+for it to take affect on anonymous users:
+ $wgWhitelistRead = array( "Main Page", "Special:Userlogin" );
+ $wgGroupPermissions['*']['read'] = false;
+Note that you can disable/enable several other permissions by modifying
+this configuration array in your LocalSettings.php; see DefaultSettings.php
+for the complete default permission set.
+
=== Web installer ===
You can use the web-based installer wizard if you first remove the
Index: trunk/phase3/includes/Parser.php
===================================================================
--- trunk/phase3/includes/Parser.php (revision 9631)
+++ trunk/phase3/includes/Parser.php (revision 9632)
@@ -346,8 +346,8 @@
#$text = str_replace( $uniq_prefix, wfHtmlEscapeFirst( $uniq_prefix ), $text );
# html
- global $wgRawHtml, $wgWhitelistEdit;
- if( $wgRawHtml && $wgWhitelistEdit ) {
+ global $wgRawHtml;
+ if( $wgRawHtml ) {
$text = Parser::extractTags('html', $text, $html_content, $uniq_prefix);
foreach( $html_content as $marker => $content ) {
if ($render ) {
Index: trunk/phase3/includes/EditPage.php
===================================================================
--- trunk/phase3/includes/EditPage.php (revision 9631)
+++ trunk/phase3/includes/EditPage.php (revision 9632)
@@ -135,7 +135,7 @@
* This is the function that gets called for "action=edit".
*/
function edit() {
- global $wgOut, $wgUser, $wgWhitelistEdit, $wgRequest;
+ global $wgOut, $wgUser, $wgRequest;
// this is not an article
$wgOut->setArticleFlag(false);
@@ -156,9 +156,14 @@
$this->blockedIPpage();
return;
}
- if ( $wgUser->isAnon() && $wgWhitelistEdit ) {
- $this->userNotLoggedInPage();
- return;
+ if ( !$wgUser->isAllowed('edit') ) {
+ if ( $wgUser->isAnon() ) {
+ $this->userNotLoggedInPage();
+ return;
+ } else {
+ $wgOut->readOnlyPage( $this->mArticle->getContent( true ), true );
+ return;
+ }
}
if ( wfReadOnly() ) {
if( $this->save || $this->preview ) {
@@ -282,7 +287,6 @@
global $wgOut, $wgUser;
global $wgLang, $wgContLang, $wgParser, $wgTitle;
global $wgAllowAnonymousMinor;
- global $wgWhitelistEdit;
global $wgSpamRegex, $wgFilterCallback;
$sk = $wgUser->getSkin();
@@ -323,10 +327,18 @@
$this->blockedIPpage();
return;
}
- if ( $wgUser->isAnon() && $wgWhitelistEdit ) {
+
+ if ( !$wgUser->isAllowed('edit') ) {
+ if ( $wgUser->isAnon() ) {
$this->userNotLoggedInPage();
return;
}
+ else {
+ $wgOut->readOnlyPage();
+ return;
+ }
+ }
+
if ( wfReadOnly() ) {
$wgOut->readOnlyPage();
return;
Index: trunk/phase3/includes/DefaultSettings.php
===================================================================
--- trunk/phase3/includes/DefaultSettings.php (revision 9631)
+++ trunk/phase3/includes/DefaultSettings.php (revision 9632)
@@ -654,7 +654,6 @@
# It's not 100% safe, there could be security hole using that one. Use at your
# own risks.
-$wgWhitelistEdit = false; # true = user must login to edit.
$wgWhitelistRead = false; # Pages anonymous user may see, like: = array ( "Main Page", "Special:Userlogin", "Wikipedia:Help");
$wgAllowAnonymousMinor = false; # Allow anonymous users to mark changes as 'minor'
@@ -675,14 +674,18 @@
* logged-in users are all implicitly in the 'user' group. These will be
* combined with the permissions of all groups that a given user is listed
* in in the user_groups table.
+ *
+ * This replaces wgWhitelistAccount and wgWhitelistEdit
*/
$wgGroupPermissions = array();
$wgGroupPermissions['*' ]['createaccount'] = true;
$wgGroupPermissions['*' ]['read'] = true;
+$wgGroupPermissions['*' ]['edit'] = true;
$wgGroupPermissions['user' ]['move'] = true;
$wgGroupPermissions['user' ]['read'] = true;
+$wgGroupPermissions['user' ]['edit'] = true;
$wgGroupPermissions['user' ]['upload'] = true;
$wgGroupPermissions['bot' ]['bot'] = true;
@@ -1160,8 +1163,8 @@
$wgUserHtml = true;
/** Allow raw, unchecked HTML in <html>...</html> sections.
- * THIS IS VERY DANGEROUS on a publically editable site, so you can't enable it
- * unless you've restricted editing to trusted users only with $wgWhitelistEdit.
+ * THIS IS VERY DANGEROUS on a publically editable site, so USE wgGroupPermissions
+ * TO RESTRICT EDITING to only those that you trust
*/
$wgRawHtml = false;
Index: trunk/phase3/RELEASE-NOTES
===================================================================
--- trunk/phase3/RELEASE-NOTES (revision 9631)
+++ trunk/phase3/RELEASE-NOTES (revision 9632)
@@ -332,7 +332,10 @@
* (bug 2504) Updated the Finnish translation
* (bug 2506) Updated the Nynorsk translation
* Everything given to setSubtitle() is now parsed for the full wikisyntax
+* (bug 996) Replace $wgWhitelistEdit with 'edit' permission; fixup UPGRADE
+ documentation about edit and read whitelists.
+
=== Caveats ===
Some output, particularly involving user-supplied inline HTML, may not
