Extension:PageProtection

PageProtection is an extension for MediaWiki (1.6.3) which enables you to protect specific areas by only allowing access to certain users / groups.

The extension is implemented as parser and hook in AlternateEdit. You can have multiple protected and unprotected areas on a single article where only allowed users see the protected areas, all other users see the rest.

Getting
The whole code with installation-instructions is now available from the following link:
 * Current Version (1.4).
 * LINK IS BROKEN - GETTING 404 -- March, 29 2007 5:00PM EDT
 * Appears to download again, but I'm not sure I would trust it anymore. That domain is parked and for sale. Rest of the site is gone.
 * ALL GONE. This link isn't working anymore; Domain is unregistered. (getting ads) --Claudio - 8 January 2008 16:58(UTC)

Features

 * Protect pages / sections / textblocks
 * Store protected texts RSA-encoded in database
 * not searchable
 * not displayed in diffs
 * if extensions is not loaded/fails/is deactivated, the content will not be displayed, but only the RSA-encoded text
 * Mark sections as readonly

Usage
Surround text that should be protected by , tags.
 * Parameters
 * users Comma-separated list of allowed users.
 * groups Comma-separated list of allowed groups. 'sysop' will be automatically in this list, don't need to specify.
 * show What to print for users that don't have access. Possible Values:
 * none - nothing is printed
 * warning - Error-message is printed
 * text - Plain-text is displayed but section is not editable (readonly)
 * crypt - RSA-encrypted string is printed (debugging ...)
 * page - Content of another page is printed
 * errorpage - Page to be displayed - can have and  as parameters.

The extension also registers the messages ProtectedSite and ProtectedSiteEditing that will be displayed for unauthorized users. These messages have two variables that will be replaced:
 * List of users that can access the area (links to ther user-pages)
 * List of users that can access the area (links to ther user-pages)


 * List of groups that can access the area
 * List of groups that can access the area

ProtectedSite will be displayed when unallowed users want to read protected contents with show="warn" and ProtectedSiteEditing will be displayed when unallowed users want to edit protected contents.

Example
The following code would give admin1 and admin2 and all users of sysop read /write access to an area. All other users would see an information instead.  Database-Settings
 * Server
 * localhost

...

Code

 * Current Version (1.4) LINK IS BROKEN - GETTING 404 -- March, 29 2007 5:00PM EDT
 * Patch for Working with 1.6.8 (experimental!; potential issue decribed here)
 * Tarball for Working with 1.8.0 (experimental!)
 * Source code (version 1.1, 16 May 2006)
 * Modified source code by Jonabbey (version 0.7, 16 May 2006)

Changelog
1.4 - Working with PHP4 1.3 - Parameter show="none" did not work - Minor bugfixes in code and installation-manual 1.2 - Redesign of internal structure (more classes) - Added value "text" to parameter "show" that allows marking sections as readonly. - Disabled editing of sections as this adds currently unfixable security holes.

1.1 - PEM-file for storing PEM-data now is automatically created - Bugfix 1.0 - Texts are stored RSA-encrypted in database - When saving articles, the current user is automatically added to the permitted users. - Added parameter show=[warning, none, crypt, page] and parameter errorpage

Requirements
Needs at least MediaWiki 1.6 to run as it uses a hook to AlternateEdit which is first available in version 1.6 and later.

You need to have the following modules installed:
 * Crypt_RSA http://pear.php.net/package/Crypt_RSA (min. version 1.2)
 * Pear-Base http://pear.php.net/package/PEAR

Simply download, and unpack, keeping directory structure.

They have to be in the include-path. I placed them in mediawiki/pear and mediawiki/crypt. Additionally you have to create a file containing your private and public key that is localed in the mediawiki-folder.

/mw |- index.php |- PEAR.php |- PEAR/ |   | ...  |- Crypt |- extensions |   |-  PageProtection |   |     |- PageProtection.php |  ... ...
 * Directory structure of my wiki:

... the installation
Save the above code in extensions/PageProtection/ and add the following to LocalSettings.php // disable caching $wgCachePages      = false; $wgCacheEpoch = 'date +%Y%m%d%H%M%S'; // Activate PageProtection extension. require_once("extensions/PageProtection/PageProtection.php"); I had to add the above deactivation of the cache as $parser->disableCache; did not work for me. Better suggestions are welcome ;)

Tested environments
The extension has been successfully tested in the following environments:
 * Gentoo Linux
 * MediaWiki 1.6.3, 1.7alpha (r14141)
 * Apache 2.0.55
 * PHP 5.1.2
 * MySQL 5.0.19
 * SuSE Linux with XAMPP 1.5.2
 * MediaWiki 1.6.3
 * Apache 2.2.0
 * PHP 5.1.2
 * MySQL 5.0.20
 * Windows 2000 with XAMPP 1.5.2
 * MediaWiki 1.6.3
 * Apache 2.2.0
 * PHP 5.1.1
 * MySQL 5.0.20
 * Windows 2000 with XAMPP 1.5.1
 * PageProtection 1.4 with 1.8.0 patch
 * MediaWiki 1.7.1
 * Apache 2.2.0
 * PHP 5.1.1
 * MySQL 5.0.18
 * Fedora Core 5
 * MediaWiki: 1.6.6, 1.7.1
 * Apache/2.2.0, 2.2.2
 * PHP: 5.1.4 (apache2handler) in safe mode, needed to instal PEAR in homedir because of user restrictions (i am not superuser), as described in install steps
 * MySQL: 5.0.22
 * Debian GNU/Linux 3.1r2 Etch
 * MediaWiki: 1.6.7
 * Apache/2.0.55
 * PHP 5.1.4
 * MySQL 5.0.22
 * Debian GNU/Linux 2.4.27-i686
 * MediaWiki: 1.6.7 (used Parser.php from 1.6.6 cos PP-patch for MW1.6.7 didn't work for me)
 * Apache/2.0.54 mod-ssl
 * PHP 4.3.10 (had to add the file_put_contents function)
 * MySQL 5.0.19
 * don't know your test methods, but works for groups/edit/diff --Nad 02:55, 12 August 2006 (UTC)
 * Ubuntu Linux 6.10 Edgy Eft
 * MediaWiki: 1.8.2
 * PageProtection: 1.4.2
 * Apache/2.0.55 mod-ssl
 * PHP 5.1.6
 * MySQL 5.0.24