Extension:CrudeProtection

View this page in English – in French

DISCLAIMER - Please make sure you fully understand what this extension does and doesn't do before using it. The author is not responsible for any misconceptions you may have and the consequences they may bring!

This extension adds a very crude per-page protection mechanism to your wiki.

What the extension does

 * It allows you to specify a list of users on each page which is either:
 * a list of users who are allowed to view the page (in which case all other users are blocked).
 * a list of users who are denied from viewing the page (in which case all other users can view it).
 * If a user is denied then they will get an 'access denied' error when they try to view the page.
 * This includes transcluding - transcluding a protected page will protect the page that is doing the transcluding in exactly the same way.
 * However - there is a fairly simple way to avoid this and allow transclusion of a protected page!
 * The 'edit' or 'view source' tabs are removed from the interface when this happens.

What it does not do!

 * Although the 'edit' tab is removed from the interface, the code does not block any actions, so by editing the URL any user can edit the page.
 * This means that they can view the source (though 'show preview' will not work).
 * This also means they can remove the protection (in which case 'show preview' will work).
 * Someone who knows how to edit the URL can therefore view both the source and the rendered page without you knowing about it.
 * They can also view the history, rollback edits, move, delete or perform any other operation through the interface without needing to modify the URL.
 * If a user tries to view an old revision of a 'protected' page they will be able to view it so long as that revision was not explicitly protected in the page source. Viewing old revisions is possible from lots of places, including the page history and recent changes.
 * Therefore to add this protection to all versions of a page, make sure you add it in the first edit and that it is never changed or removed.
 * Administrators/bureaucrats/whatever have no special powers. If they are not on the list they are blocked from viewing.
 * The title of the page is always visible - you cannot hide that the page exists, or what it is called.
 * The page will still show up in any categories that it is listed in.
 * Although you can protect image pages, you cannot stop the image itself from being included in another page.
 * Behaviour is undefined if used in the MediaWiki namespace.

In short, this extension offers a very crude protection mechanism to stop casual browsing. It is the technical equivalent of a 'keep out' sign. Please read about security issues with authorization extensions

Rationale
I wrote this extension for use on my private wiki, which is used by several groups of people involved in different projects. I was uncomfortable with the fact that users could view details about projects they weren't involved in, particularly as some of them needed to be kept private. I also know all my users personally and trust them not to go snooping where they don't belong, so I created this extension as a kind of simple 'keep out' sign.

Usage
After installing the extension in the standard way, a new tag, is available to you. This flag has two optional arguments:


 * 1) type = "allow" or "deny" (default "allow").
 * 2) * "allow" means that only the listed users can view the page.
 * 3) * "deny" means everyone except the listed users can view the page.
 * 4) separator = (string)
 * 5) * Set this to the character or string that separates each user in the list.
 * 6) * The default value is a comma. This is most useful for situations where one of the usernames contains a comma.
 * 7) * You can use  to use line-breaks as the separator (but not in conjunction with any other symbols, e.g.   won't work).

Examples:

John,Bob, Terry
 * 1) Allow only John, Bob and Terry to view the page

John, Jr.|Alan
 * 1) Allow everyone except "John, Jr." and "Alan" to view the page.
 * 2) We use the pipe symbol because John, Jr. has a comma in his name.

Whitespace is trimmed from each username, so line-breaks and other friendly layouts are allowed.

Note - only the first protect block in each page is used - all others are stripped from the rendered page, but are otherwise ignored.

Source code
The source code is available at Extension:CrudeProtection/source