Extension talk:Semantic ACL

Jump to navigation Jump to search

About this board

wgParser has been depricated

3
TazzyTazzy (talkcontribs)

Upgrading to MediaWiki 1361, and getting this error:

Use of $wgParser was deprecated in MediaWiki 1.32. [Called from MediaWiki\Extension\SemanticACL\SemanticACL::hasPermission in /var/www/mediawiki1362/extensions/SemanticACL/SemanticACL.class.php at line 303]


Per the mediawiki manual (Manual:$wgParser), it's a simple change.

I've replaced:

global $wgParser;


with:


$wgParser = new StubObject( 'wgParser', $wgParserConf['class'], array( $wgParserConf ) );


However, I don't know where to send a pull request to.


-Mitch

Tinss (talkcontribs)

Hello Mitch,

Thanks for pointing this out.

Per Manual:$wgParser, you should rather use \MediaWiki\MediaWikiServices::getInstance()->getParser().

Morevover the code for this extension si hosted in Wikimedia's gerrit. Any change you could push a commit for review there?

TazzyTazzy (talkcontribs)

I'll tackle these after vacation. :-)

Reply to "wgParser has been depricated"

Output of Pages that are Restricted for Reading

7
Summary by Tinss

Set $wgEnablePrivateLinks = false when using MediaWiki 1.31

AID-PMBD (talkcontribs)

Hello,


Mediawiki:1.31

PHP: 7.2

Ubuntu 18.04

SemanticACL: 0.2b (7b98339)


First of all I want to say thank you for creating this extension. It is easy to install, easy to use and works well 10/10 points on that.

My question is about the output that is shown to users that are not allowed to read a page.


On my wiki when accessing those pages a Internal error is returned:

[ce31e7dd85c22f9f4b3a1d91] /pmbd/index.php/Requirements_directory Error from line 376 of /var/www/html/pmbd/extensions/SemanticACL/SemanticACL.class.php: Call to undefined method MediaWiki\MediaWikiServices::getParserFactory()

Backtrace:

#0 /var/www/html/pmbd/extensions/SemanticACL/SemanticACL.class.php(88): MediaWiki\Extension\SemanticACL\SemanticACL::hasPermission(Title, string, User, boolean)

#1 /var/www/html/pmbd/includes/Hooks.php(177): MediaWiki\Extension\SemanticACL\SemanticACL::onSMWStoreAfterQueryResultLookupComplete(SMW\SQLStore\SQLStore, SMW\Query\QueryResult)

#2 /var/www/html/pmbd/includes/Hooks.php(205): Hooks::callHook(string, array, array, NULL)

#3 /var/www/html/pmbd/extensions/SemanticMediaWiki/src/SQLStore/SQLStore.php(366): Hooks::run(string, array)

#4 /var/www/html/pmbd/extensions/SemanticMediaWiki/includes/query/SMW_QueryProcessor.php(338): SMW\SQLStore\SQLStore->getQueryResult(SMWQuery)

#5 /var/www/html/pmbd/extensions/SemanticMediaWiki/src/ParserFunctions/AskParserFunction.php(364): SMWQueryProcessor::getResultFromQuery(SMWQuery, array, integer, integer)

#6 /var/www/html/pmbd/extensions/SemanticMediaWiki/src/ParserFunctions/AskParserFunction.php(197): SMW\ParserFunctions\AskParserFunction->doFetchResultsFromFunctionParameters(array, array)

#7 /var/www/html/pmbd/extensions/SemanticMediaWiki/src/ParserFunctionFactory.php(402): SMW\ParserFunctions\AskParserFunction->parse(array)

#8 /var/www/html/pmbd/includes/parser/Parser.php(3426): SMW\ParserFunctionFactory->SMW\{closure}(Parser, string, string, string, string, string, string, string)

#9 /var/www/html/pmbd/includes/parser/Parser.php(3127): Parser->callParserFunction(PPFrame_DOM, string, array)

#10 /var/www/html/pmbd/includes/parser/Preprocessor_DOM.php(1277): Parser->braceSubstitution(array, PPFrame_DOM)

#11 /var/www/html/pmbd/includes/parser/Parser.php(2942): PPFrame_DOM->expand(DOMElement, integer)

#12 /var/www/html/pmbd/includes/parser/Parser.php(1293): Parser->replaceVariables(string)

#13 /var/www/html/pmbd/includes/parser/Parser.php(443): Parser->internalParse(string)

#14 /var/www/html/pmbd/includes/content/WikitextContent.php(323): Parser->parse(string, Title, ParserOptions, boolean, boolean, integer)

#15 /var/www/html/pmbd/includes/content/AbstractContent.php(516): WikitextContent->fillParserOutput(Title, integer, ParserOptions, boolean, ParserOutput)

#16 /var/www/html/pmbd/includes/poolcounter/PoolWorkArticleView.php(144): AbstractContent->getParserOutput(Title, integer, ParserOptions)

#17 /var/www/html/pmbd/includes/poolcounter/PoolCounterWork.php(123): PoolWorkArticleView->doWork()

#18 /var/www/html/pmbd/includes/page/Article.php(604): PoolCounterWork->execute()

#19 /var/www/html/pmbd/includes/actions/ViewAction.php(68): Article->view()

#20 /var/www/html/pmbd/includes/MediaWiki.php(500): ViewAction->show()

#21 /var/www/html/pmbd/includes/MediaWiki.php(294): MediaWiki->performAction(Article, Title)

#22 /var/www/html/pmbd/includes/MediaWiki.php(861): MediaWiki->performRequest()

#23 /var/www/html/pmbd/includes/MediaWiki.php(524): MediaWiki->main()

#24 /var/www/html/pmbd/index.php(42): MediaWiki->run()

#25 {main}


Is this the default message or is there a way to output a more user-friendly message when a user without permission is trying to access a page? Or maybe the error is on my side?


Thank you and Best Regards

Tinss (talkcontribs)

Thanks for the comments. It's supposed to show a clean message and not a dump like that. The problem is the MediaWiki\MediaWikiServices::getParserFactory() call which is only defined in MediaWiki 1.32, which makes this extension incompatible with 1.31.

Can you easily upgrade you MediaWiki installation?

AID-PMBD (talkcontribs)

Thank you for the quick reply, outstanding support compared to other extensions I had trouble with.


Unfortunately I can't easily upgrade my mediawiki due to multiple extensions that are not supported on newer versions. I guess there is no easy workaround for that issue, right?

AID-PMBD (talkcontribs)

Is there another way to solve this issue?

Tinss (talkcontribs)

I've dug into it and the faulty line is used only for private links. If you do not need that feature, set $wgEnablePrivateLinks = false in you LocalSettings.php.

Then, just comment out line 376 in /var/www/html/pmbd/extensions/SemanticACL/SemanticACL.class.php

Tell me if that works.

AID-PMBD (talkcontribs)

Hello Tinss,


Thank you for taking the time to look into this.


So I tried your approach and when commenting out line 376 of the SemanticACL.class.php ( "$parser =  \MediaWiki\MediaWikiServices::getInstance()->getParserFactory()->create(); // Use a new parser to avoid interfering with the current parser.") it doesn't work. The wiki returns a white page.


What worked however, was just setting $wgEnablePrivateLinks = false in my LocalSettings.php.


Thanks again for the support.

Tinss (talkcontribs)

You're welcome!

134.60.112.70 (talkcontribs)

Is there a way to protect pages with Semantic ACL recursively?

I want to add the code for protection in the wiki/firstpage page and when a new page e.g. wiki/firstpage/newpage is created it is supposed to be protected too. How is this configurable?

Tinss (talkcontribs)

Hello,

It's not possible at the moment, but it's a feature I've wanted to implement for some time. You can check back here in a couple of months to see if this has been done or if you are versed in PHP programming you can definitely contribute a feature to the extension.

Reply to "Recursive Protection"

Semantic ACL doesn't work due to Whitelist?

5
91.96.129.199 (talkcontribs)

Hello,

i have installed the Semantic Media Wiki and the SemanticACL extensions today. Sadly i didn't get it to work properly, which is probable my fault. What i have done so far:

1. Added following lines to the LocalSettings.php

  1. wfLoadExtension( 'SemanticACL' );

require_once "$IP/extensions/SemanticACL/SemanticACL.php"; (i tried both lines)

enableSemantics( 'Wikiname' );

$smwgNamespacesWithSemanticLinks[NS_MAIN] = true; $smwgNamespacesWithSemanticLinks[NS_Test1] = true;


2. I created a page inside the main namespace which contains the following lines:

The User Acltest has normally no rights to edit a page in this namespace and my hope was to give him the rights on this page using your extension. But it doesn't work for me. I also gave him the SMW-Administrator and SMW-Kurator rights but nothing changed. I think it has to do with the whitelist because i can't understand for what this line is used. Is it a page inside the wiki or a special param? Does anybody have an idea what went wrong? Thx in advance.

Tinss (talkcontribs)

Hello,

You say that the user Acltest has no rights to edit the page. What is the feature that prevents the user from editing? Is it another extension? A MediaWiki feature?

Please also provide the wikicode you used to whitelist that user for editing the page.

178.142.109.88 (talkcontribs)

Sorry forget that code:



<div style="display:none">
[[Editable by ::whitelist]]
[[Editable by user::User:Acltest]]
</div>

The feature that prevent the user from editing should be this LocalSetting param: $wgGroupPermissions['user']['edit'] = false;

Tinss (talkcontribs)

The code you provided is correct.

However, I'm pretty sure restrictions from MediaWiki will override those of SemanticACL. I don't really know how one would go about preventing edit access to all pages but one. MediaWiki's design is more toward's openness rather than restriction.

Maybe if you can define basic rights in Extension:Header Footer so they can apply to all pages? Be careful though, this will disable caching for all pages in your wiki.

178.142.109.88 (talkcontribs)

Thx for your help, Tinss. I will have to take a look into that Extension.

Reply to "Semantic ACL doesn't work due to Whitelist?"

page shows whitelisted users

4
Summary by Tinss

Use a hidden div or #set.

<div style="display:none">[[Visible to::whitelist]]</div>
{{#set:Visible to group=moderator}}
87.163.146.147 (talkcontribs)

Hello,


unfortunately the pages with restricted access shows "Test whitelist ehtest whitelist ehtest"

in source editor, I used [[visible to:: whitelist]] [[visible to group:: ehtest]] [[editable by::whitelist]] [[editable by group:: ehtest]]

used only small letters in group name because I read that big letters and spaces may cause trouble

any suggestion or correction to my "code"?

Tinss (talkcontribs)

Your code is correct. The values are shown in case the ACL status of a page needs to be displayed. To hide it, wrap them in a hidden div:

<div style="display:none;">[[visible to:: whitelist]] [[visible to group:: ehtest]] [[editable by::whitelist]] [[editable by group:: ehtest]]</div>

Hope this helps.

87.163.146.147 (talkcontribs)

thank you very much :-)

ideally, this hidden div woraround would be mentioned in the install explanation

Tinss (talkcontribs)

Done! Juste remembered you also had the option of using #set

<div style="display:none">[[Visible to::whitelist]]</div>
{{#set:Visible to group=moderator}}

PSA: Lockdown + SemanticACL + SimpleBatchUpload = Private Content in MW

3
Revansx (talkcontribs)

This is just a PSA for those wanting a way of providing a protected namespace for private content that is also able to automatically protect files uploaded from a page in that namespace. The goal on my site was to give management a place to upload sensitive management files that are not available to non-management users. Here's how I did it:

  1. Create a custom namespace called "Management"
  2. Create a custom rights group called "management"
  3. Use "Extension:Lockdown" to protect the "Management" namespace for user in the "management" right group
  4. Use "Extension:SimpleBatchUpload" in a page in the Management namespace to provide the methods of uploading files with a template of {{Upload|viewedonlyby=management}}
  5. Modify Template:Upload to test (#ifeq) for property {{{viewonlyby|}}} in {{Uploads}},
    • if so, then add [[Visible to group::management]] to all files uploaded with that template where |viewonlyby=management.
  6. Use Extension:Semantic_ACL to limit access to the file by group management per the presence of [[Visible to group::management]].
In summary: Custom Namespace + Lockdown + SimpleBatchUpload + SemanticACL produces the overall effect.

Within the security limitations noted by MW, this method provides a very nice way of allowing management to add content that is not visible to non-management users.. a very handy thing for an enterprise site!

Revansx (talkcontribs)

The wikitext {{#batchupload:Upload|viewonlyby=management}} will create an upload button in a page that will automatically protect any files uploaded by it as long as Template:Upload contains

{{#ifeq:{{{viewonlyby|}}}|management
| [[Visible to group::management]]
|
}}
Tinss (talkcontribs)

Thank you for sharing your tips!

Reply to "PSA: Lockdown + SemanticACL + SimpleBatchUpload = Private Content in MW"

Use in an added namespace

3
Summary by Tinss

Works for any namespaces that are configured for semantic data.

Legaulph (talkcontribs)

Is there something I can do to get this to work in another namespace?

Kghbln (talkcontribs)

If this extension still works it should probably work as soon as this other namespace was enabled for holding semantic data.

148.177.65.215 (talkcontribs)

That was it

Thanks

ShinyComputers (talkcontribs)

Hi, I love this extension. One issue I am running in to is that the initial page creation shows a snipped of the text in recent changes. Is there anyway to fix this?

Tinss (talkcontribs)
Reply to "Recent Changes new page"

Probably my fault, but it's not working

3
Summary by Tinss

Visible to::whitelist needed to be added.

HGx2007 (talkcontribs)

Hi.

I followed the installation instructions on Extension:Semantic ACL#Installation. First I installed Semantic Media Wiki an then Semantic ACL.

The Special:Version shows Semantic Media Wiki (3.1.6) and SemanticACL (0.2b) as installed on my MediaWiki (1.34.2), so it seems to be OK.

But when I insert [[Visible to user::User:MyUserName]] all that happens is, that it shows "User:MyUserName" on the page.

Sorry, but I don't get it...did I miss some step setting it up? Could the language maybe be a problem? MW is running in german here?

I would be grateful for help.

Thanks in advance.

HG

HGx2007 (talkcontribs)

OK...as I thought...my fault.

I missunderstood, that Visible to::whitelist has to be there too...as shown in the example. Stupid me. :-(

Tinss (talkcontribs)

No worries. It's not that obvious, I would have done without it but it was how the extension previously worked so I kept it for compatibility reasons.

VisualEditor error message on pages with Semantic

2
Wiki-wiwat (talkcontribs)

Hello,

I got error from parsoid when i user Semaric ACL. Tinss said to put parsoid ip to $wgSemanticACLWhitelistIPs = ['127.0.0.1', '::1']; // Or the IP your Parsoid service is connecting from. I have question can i put the ip with subnet to this properties (192.168.0.0/24).

Tinss (talkcontribs)

Sorry, you can't specify a subnet. That would be interesting feature to add and easy to implement.

Reply to "VisualEditor error message on pages with Semantic"