Extension:Group Based Access Control/AllUsers-0-8Mod

See Extension_talk:Group_Based_Access_Control This modification allows you to use "*" as a group name to reference all wiki users. You just have to replace two functions with these: // The callback function for user access function controlUserAccess( $input, $showGroupText, $useReadOnlyFlag = false ) {		// Grab currently logged in user global $wgUser;

// whether to show or to show not the little message on the Site global $wgAccessControlDisableMessages; // the page where we redirect if access was denied global $wgAdminCanReadAll;

global $wgArticlePath;

// get allowed Groups from Tag $groupAccess = explode(",,", $input);

$groupsToDisplay = getGroupsToDisplay($groupAccess);

$allowedAccess = getAllowedUsersFromGroupPages($groupAccess, $useReadOnlyFlag);

debugme("controlUserAccess_0: the following users have access: ".implode($allowedAccess," / "));

debugme("controlUserAccess_1: testing for access for user ".$wgUser->getName); // if user is NOT in Array of allowed Users... if (!in_array(strtolower(trim($wgUser->getName)), $allowedAccess)) {	               foreach($groupAccess as $groupEntry) {               	        $groupTitle = makeGroupTitle($groupEntry, $readOnly); debugme("controlUserAccess_A: Testing grouptitle -> " . $groupTitle);

if(strcmp(trim($groupTitle), '*')) {       	                         debugme("controlUserAccess_B: user in group '*', so access is granted"); if($useReadOnlyFlag == true) return false; if ($showGroupText) {                               	        return( displayGroups($groupsToDisplay) ); } else { return true; }                       	}	                }

debugme("controlUserAccess_2: user ".$wgUser->getName." not in group(s) ".str_replace("(ro)","",implode($groupsToDisplay,"/")).", testing for sysop rights"); // if user in sysop-Group and admins may see restricted pages allow access nevertheless if ((in_array("sysop", $wgUser->mGroups)) && ($wgAdminCanReadAll == true)) {				debugme("controlUserAccess_3: user ".$wgUser->getName." is sysop and wgAdminCanReadAll is true, so access will be granted"); // Allow Access (and show Text if configured) if ($showGroupText) {					return( displayGroups($groupsToDisplay) ); }				else {					return true; }			}			else {				debugme("user controlUserAccess_4: ".$wgUser->getName." is not sysop or wgAdminCanReadAll is not true, so access is not allowed"); doRedirect; return false; }		}		else {			debugme("controlUserAccess_6: access granted, user ".$wgUser->getName." is in group(s) ".implode($groupsToDisplay,"/")); // Allow Access (and show Text if configured) if ($showGroupText) {				return( displayGroups($groupsToDisplay) ); }			else {				return true; }		}	}

// The callback function for user access if $wgUseMediaWikiGroups is set function controlMediaWikiUserAccess( $input, $showGroupText, $useReadOnlyFlag = false ) {		global $wgUser; global $wgAdminCanReadAll; global $wgAccessControlAnonymousGroupName;

// get allowed Groups from Tag $groupAccess = explode(",,", $input); $readOnly = false;

require_once("includes/User.php");

debugme("controlMediaWikiUserAccess_1: ".$wgUser->getName);

$groupsToDisplay = getGroupsToDisplay($groupAccess);

$wgUsermGroups = $wgUser->mGroups; if (anonymousUser($wgUser)) {			$wgUsermGroups[] = $wgAccessControlAnonymousGroupName; }

if(in_array("sysop", $wgUsermGroups) && $wgAdminCanReadAll) {			debugme("controlMediaWikiUserAccess_2: user in sysop group, so access is granted");

if ($showGroupText) {				return( displayGroups($groupsToDisplay) ); }			else {				return true; }		}

foreach($groupAccess as $groupEntry) {			$groupTitle = makeGroupTitle($groupEntry, $readOnly); debugme("controlMediaWikiUserAccess_3: Group = " . $groupTitle);

if (($useReadOnlyFlag == true) && ($readOnly == true)) {				debugme("controlMediaWikiUserAccess_4: group '".$groupTitle."', is readonly so access is not granted"); }			else {				if(in_array($groupTitle, $wgUsermGroups)) {					debugme("controlMediaWikiUserAccess_5: user in group '".$groupTitle."', so access is granted"); if ($showGroupText) {						return( displayGroups($groupsToDisplay) ); }					else {						return true; }				} else if ($groupTitle == '*') { 					debugme("controlMediaWikiUserAccess_4: user in group '*', so access is granted"); if ($showGroupText) {						return( displayGroups($groupsToDisplay) ); } else { return true; }				}			}		}

debugme("controlMediaWikiUserAccess_6: user access denied"); doRedirect; return false; }