User:Dashiva

Personal

Norwegian university student. More coming later.

$wgWhitelist customization

A modification to the wiki that gives better control over read/edit restrictions for anonymous users.

This is not a how-to, just a quick display of the concepts used. Just doing the direct replacements here won't work, and I don't mention all the places you have to change global declarations. Besides, I'm not sure if it's suitable or even wanted as a general mod, so it's mostly for show.

Default/LocalSettings.php

$wgWhitelistEdit = false;
$wgWhitelistRead = false;

replaced by

$wgBlockAnonRead = false;   # true = users must login to read.
$wgBlockAnonReadEx = array( 'User Clubhouse');   # Pages exempted from the read policy.
$wgBlockAnonEdit = true;   # true = users must login to edit.
$wgBlockAnonEditEx = array( 'Talk:*', 'User talk:*');   # Pages exempted from the edit policy.

The example given here would let anonymous users read all pages except User_Clubhouse in the main namespace, and edit all pages in the Talk: and User_talk: namespaces, but nowhere else. As is shown further down, the wildcard only works to block or enable entire namespaces on the form "Namespacename:*".

The DefaultSettings.php values would be false and array() for the booleans and arrays respectively.

userCanRead/Edit2 functions in Title.php

$name = $this->getPrefixedText();
if( in_array( $name, $wgWhitelistRead ) ) {
	return true;
}

replaced by

$name = $this->getPrefixedText();
$namespacewild = substr($name, 0, strpos($name, ':')) . ':*';
if( !$wgBlockAnonEdit xor ( in_array( $name, $wgBlockAnonEditEx ) || in_array( $namespacewild, $wgBlockAnonEditEx ) ) ) {
	return true;
}

$namespacewild will be on the form "Namespacename:*", which is why the wildcard used earlier works. The function called userCanEdit checks if the page can be edited at all, so this mod used userCanRead as a template for a new function userCanEdit2. userCanEdit2 does the same as userCanRead, except for edits. :)

The section in userCanRead marked "# Compatibility with old settings" can be removed, since old settings affect the old variables, and thus don't need to be bothered with. The modification itself is fundamentally incompatible, so removing the section does not create any further problems.

The logic itself shouldn't need explanation, but that never stopped me. $namespacewild is set as "substring of $name, starting from 0 and ending before the first :". This is the namespace, or an empty string for no namespace. Then append :* to get the wildcard form. The next line may look complex, but isn't. "If EITHER anon is NOT blocked OR ( page or namespace is in the exception list ) THEN grant permission". The reason for xor is therefore that if anon is not blocked in general, the list is a blacklist, and thus if the page is in the list it should be blocked.

EditPage.php

if ( !$wgUser->getID() && $wgWhitelistEdit ) {

replaced by

if ( ! $this->mTitle->userCanEdit2() ) {

There are two occurences of this. Watch out. :)

Parser.php

if( $wgRawHtml && $wgWhitelistEdit ) {

replaced by

if( $wgRawHtml && $this->mTitle->userCanEdit2() ) {

Other

You also have to change all the global declarations from the old variable names to the new ones, or just remove the old ones, depending on the file. And there are a few lines of documentation that refer to $wgWhitelist stuff that could use fixing too. If you actually go through with it, remember to do a search for wgWhilelistRead/Edit in all your files when you're done to make sure you've removed/replaced all neccessary instances. :)

The instances HISTORY and RELEASE-NOTES can obviously be left alone. Some LanguageXx.php have messages related to the whitelist, but those are deprecated and will be removed as the language files are updated. Finally, SpecialSitesettings.php is legacy code or experimental code or something else, but it is not in use and will apparently not be in the foreeable future. You can leave that one alone as well. The only place I haven't mentioned is img_auth.php. You probably don't need to update this file; it's an optional feature of an optional feature. But I still recommend doing it, just in case. The replacement needed is similar to in the userCanRead function.