Extension:Semantic ACL

This extension allows read and edit restrictions to be set on pages using SMW properties.

'''Note that this extension only prevents direct views to the pages. There are numerous other ways to get page content, such as by viewing RecentChanges, through the search box and by transcluding the page into another page. This extension does not attempt to prevent this.'''

Usage
To set restrictions, mark up a page with the appropriate properties.

To set read restrictions, use these properties:
 *  Visible to:: 
 *  Visible to user:: 
 *  Visible to group:: 

To set edit restrictions (which apply to all other actions), use these ones:
 *  Editable by:: 
 *  Editable by user:: 
 *  Editable by group:: 

The "main" property (Editable by or Visible to) can take one or more of these values. With the exception of "public", a user must satisfy all conditions set.
 * public</tt> — overrides all other values and never denies access.
 * users</tt> — denies access to users who are not logged in.
 * whitelist</tt> — denies access to all users who are not whitelisted, either explicitly or by being in a whitelisted group.

The read and edit restrictions have separate whitelists. You can add one or more users or groups to the whitelist using the appropriate properties. Note that the User:</tt> prefix is mandatory for the single-user whitelist.

Example
These properties, included on a page, would allow only users in the "moderator" group to read the page, and only the user "Chief Moderator" to edit it. Visible to::whitelist Visible to group::moderator

Editable by::whitelist Editable by user::User:Chief Moderator

Installation
To install this extension, add the following to LocalSettings.php:

User rights
Users who have the sacl-exempt</tt> user group are never prohibited access by this extension. This is a failsafe to avoid pages becoming permanently uneditable by having an empty whitelist.