Extension:PermissionACL

What can this extension do?
The PermissionACL extension implements a way to restrict access to specific {namespaces, pages, categories} based on user group or user name. This provides a more fine grained security model than the one provided by the default $wgGroupPermissions.

PermissionACL extension configuration is based on ACL (Access Control List) - list of rules which are processing from first to last. '''First applicable rule is used! On the end of list is implicit rule DENY TO ALL!'''

Usage
If $wgPermissionACL is set, then ACL model is used - if not, extension do nothing.

Rules are array elements and their order in array is used by ACL mechanism.

Syntax of rules (every rule has 4 parts):
 * 1) which page : select of pages (namespaces, categories)
 * 2) which user : select of users (groups)
 * 3) which action : select of actions ( userCan actions - read, edit, create, move)
 * 4) operation : permit or deny access

First, second and third rule part can be:
 * one value
 * array of values
 * ALL (represented by asterisk)

Example 1
Story about:
 * namespaces: Private, Ccna, Ccnp, Ns, Fwl
 * user groups: private, ccna, ccnp, ns, fwl;
 * group ccna has RW access only to namespace Ccna, group fwl to Fwl, ...
 * group private has RW access to every namespace
 * unlogged users can only read NS_MAIN namespace
 * administrator (user wikisysop, vav166) can do everything

Download instructions
Please cut and paste the code found below and place it in.

Note: $IP stands for the root directory of your MediaWiki installation, the same directory that holds LocalSettings.php.

Installation
To install this extension, add the following to LocalSettings.php: