Jgoettlich has uploaded a new change for review.
https://gerrit.wikimedia.org/r/192323
Change subject: Added to permissions new parameter
......................................................................
Added to permissions new parameter
* due to new config parameter I deleted the $aGlobalPermissions and
lockdown parameter. So I remade the logic for them
* added to all BS-Extensions the config parameter, also added an default
one
Change-Id: I26d5d10734aa456d7c23605f0feffdbd37798f58
---
M ExtendedSearch/ExtendedSearch.class.php
M Flexiskin/Flexiskin.class.php
M PermissionManager/PermissionManager.class.php
M Readers/Readers.class.php
M ResponsibleEditors/ResponsibleEditors.class.php
M Review/Review.class.php
M SecureFileStore/SecureFileStore.class.php
M ShoutBox/ShoutBox.class.php
M UniversalExport/UniversalExport.class.php
M WantedArticle/WantedArticle.class.php
M WikiAdmin/WikiAdmin.class.php
11 files changed, 38 insertions(+), 50 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/BlueSpiceExtensions
refs/changes/23/192323/1
diff --git a/ExtendedSearch/ExtendedSearch.class.php
b/ExtendedSearch/ExtendedSearch.class.php
index 6baad6d..46eec20 100644
--- a/ExtendedSearch/ExtendedSearch.class.php
+++ b/ExtendedSearch/ExtendedSearch.class.php
@@ -124,7 +124,7 @@
$this->setHook( 'BSDashboardsAdminDashboardPortalPortlets' );
$this->setHook( 'SkinTemplateOutputPageBeforeExec' );
- $this->mCore->registerPermission( 'searchfiles', array( 'user'
) );
+ $this->mCore->registerPermission( 'searchfiles', array( 'user'
), array('type'=>'global'));
wfProfileOut( 'BS::'.__METHOD__ );
}
diff --git a/Flexiskin/Flexiskin.class.php b/Flexiskin/Flexiskin.class.php
index 6b6aaf1..5daf6c0 100644
--- a/Flexiskin/Flexiskin.class.php
+++ b/Flexiskin/Flexiskin.class.php
@@ -87,7 +87,7 @@
if ($sId != "default")
$wgOut->addHeadItem('flexiskin', "<link
rel='stylesheet' href='" . $wgUploadPath . "/bluespice/flexiskin/" . $sId .
"/style" . (self::getVal('preview', '') != "" ? '.tmp' : '') . ".css'>");
}
- $this->mCore->registerPermission('flexiskinedit');
+ $this->mCore->registerPermission('flexiskinedit',array(),
array('type'=>'global'));
wfProfileOut('BS::' . __METHOD__);
}
diff --git a/PermissionManager/PermissionManager.class.php
b/PermissionManager/PermissionManager.class.php
index 20616c1..dd0cea2 100644
--- a/PermissionManager/PermissionManager.class.php
+++ b/PermissionManager/PermissionManager.class.php
@@ -54,27 +54,6 @@
*/
protected static $aInvisibleGroups = array('Sysop');
/**
- * @var array
- */
- protected static $aGlobalPermissions = array(
- "apihighlimits", "autoconfirmed", "autopatrol", "bigdelete",
"block",
- "blockemail", "bot", "browsearchive", "createaccount",
"editinterface",
- "editusercssjs", "editusercss", "edituserjs", "hideuser",
"import",
- "importupload", "ipblock-exempt", "move-rootuserpages",
- "override-export-depth", "passwordreset", "proxyunbannable",
- "sendemail", "siteadmin", "unblockself", "userrights",
- "userrights-interwiki", "writeapi", "skipcaptcha",
"renameuser", "viewfiles",
- "searchfiles", "wikiadmin"
- );
- /**
- * @var array Holds all rights which are protected. Protected rights
have to be applied to at least one real group
- * and get applied automatically to the sysop group, if no
other group hold them.
- */
- protected static $aProtectedPermissions = array(
- 'read', 'siteadmin', 'wikiadmin'
- );
-
- /**
* Constructor of PermissionManager
*/
public function __construct() {
@@ -346,12 +325,18 @@
}
protected static function buildRightsMetadata() {
+ global $bsgPermissionConfig;
$aRights = User::getAllRights();
$aMetadata = array();
-
natsort( $aRights );
- foreach($aRights as $sRight) {
- $bGlobalPermission = in_array( $sRight,
self::$aGlobalPermissions );
+ foreach ( $aRights as $sRight ) {
+ if ( !isset( $bsgPermissionConfig[$sRight] ) ) {
+ $bsgPermissionConfig[$sRight] = array(
+ 'type' => 'namespace'
+ );
+ }
+ $aConfig = $bsgPermissionConfig[$sRight];
+ $bGlobalPermission = $aConfig['type'] == 'global' ?
true : false;
$aMetadata[] = array(
'right' => $sRight,
'type' => $bGlobalPermission ? 2 : 1,
@@ -360,7 +345,6 @@
:
wfMessage('bs-permissionmanager-grouping-local')->plain()
);
}
-
wfRunHooks('BsPermissionManager::buildRightsMetadata',
array(&$aMetadata));
return $aMetadata;
@@ -461,18 +445,22 @@
* @param array $aGroupPermissions
*/
protected static function preventPermissionLockout(&$aGroupPermissions)
{
- foreach(self::$aProtectedPermissions as $sRight) {
- $isSet = false;
- foreach($aGroupPermissions as $aDataset) {
- if(isset($aDataset[$sRight]) &&
$aDataset[$sRight]) {
- $isSet = true;
+ global $bsgPermissionConfig;
+ $aRights = User::getAllRights();
+ foreach($aRights as $sRight) {
+
if(isset($bsgPermissionConfig[$sRight]['preventLockout'])){
+ $isSet = false;
+ foreach($aGroupPermissions as
$aDataset) {
+ if(isset($aDataset[$sRight]) &&
$aDataset[$sRight]) {
+ $isSet = true;
+ }
+ }
+ if(!$isSet) {
+
$aGroupPermissions['sysop'][$sRight] = true;
+ }
}
}
- if(!$isSet) {
- $aGroupPermissions['sysop'][$sRight] = true;
- }
}
- }
protected static function getTemplateRules() {
$aTemplates = PermissionTemplates::getAll();
diff --git a/Readers/Readers.class.php b/Readers/Readers.class.php
index de4b094..2cdfc75 100644
--- a/Readers/Readers.class.php
+++ b/Readers/Readers.class.php
@@ -75,7 +75,7 @@
$this->setHook( 'SkinTemplateOutputPageBeforeExec' );
$this->setHook( 'SkinTemplateNavigation' );
- $this->mCore->registerPermission( 'viewreaders' );
+ $this->mCore->registerPermission( 'viewreaders', array(),
array('type'=>'global') );
BsConfig::registerVar( 'MW::Readers::Active', true,
BsConfig::LEVEL_PUBLIC|BsConfig::TYPE_BOOL, 'bs-readers-pref-active', 'toggle'
);
BsConfig::registerVar( 'MW::Readers::NumOfReaders', 10,
BsConfig::TYPE_INT|BsConfig::LEVEL_PUBLIC, 'bs-readers-pref-numofreaders',
'int' );
diff --git a/ResponsibleEditors/ResponsibleEditors.class.php
b/ResponsibleEditors/ResponsibleEditors.class.php
index 9975ee0..b897237 100644
--- a/ResponsibleEditors/ResponsibleEditors.class.php
+++ b/ResponsibleEditors/ResponsibleEditors.class.php
@@ -102,9 +102,9 @@
$this->setHook( 'SuperList::queryPagesWithFilter',
'onSuperListQueryPagesWithFilter' );
$this->setHook( 'SuperList::buildDataSets',
'onSuperListBuildDataSets' );
- $this->mCore->registerPermission(
'responsibleeditors-changeresponsibility' );
- $this->mCore->registerPermission(
'responsibleeditors-viewspecialpage' );
- $this->mCore->registerPermission(
'responsibleeditors-takeresponsibility', array( 'user' ) );
+ $this->mCore->registerPermission(
'responsibleeditors-changeresponsibility', array(), array('type'=>'global') );
+ $this->mCore->registerPermission(
'responsibleeditors-viewspecialpage',array() ,array('type'=>'global') );
+ $this->mCore->registerPermission(
'responsibleeditors-takeresponsibility', array( 'user' ),
array('type'=>'global') );
wfProfileOut('BS::' . __METHOD__);
}
diff --git a/Review/Review.class.php b/Review/Review.class.php
index dc387ed..36c6c6b 100644
--- a/Review/Review.class.php
+++ b/Review/Review.class.php
@@ -91,9 +91,9 @@
$this->setHook('BeforePageDisplay');
$this->setHook('SkinTemplateOutputPageBeforeExec');
- $this->mCore->registerPermission('workflowview', array('user'));
- $this->mCore->registerPermission('workflowedit');
- $this->mCore->registerPermission('workflowlist');
+ $this->mCore->registerPermission('workflowview', array('user'),
array('type'=>'global'));
+ $this->mCore->registerPermission('workflowedit', array(),
array('type'=>'global'));
+ $this->mCore->registerPermission('workflowlist', array(),
array('type'=>'global'));
global $wgLogActionsHandlers;
$wgLogActionsHandlers['bs-review/create'] = array($this,
'logCreate');
diff --git a/SecureFileStore/SecureFileStore.class.php
b/SecureFileStore/SecureFileStore.class.php
index cdce0b1..4a015c8 100644
--- a/SecureFileStore/SecureFileStore.class.php
+++ b/SecureFileStore/SecureFileStore.class.php
@@ -97,7 +97,7 @@
$this->setHook( 'ExtendedSearchBeforeAjaxResponse',
'secureImages' );
$this->setHook( 'SiteNoticeAfter', 'onSiteNoticeAfter' );
- $this->mCore->registerPermission( 'viewfiles', array( 'user' )
);
+ $this->mCore->registerPermission( 'viewfiles', array( 'user' ),
array('type'=>'global') );
wfProfileOut( 'BS::'.__METHOD__ );
}
diff --git a/ShoutBox/ShoutBox.class.php b/ShoutBox/ShoutBox.class.php
index 5a84ffb..febfd53 100644
--- a/ShoutBox/ShoutBox.class.php
+++ b/ShoutBox/ShoutBox.class.php
@@ -108,9 +108,9 @@
// Permissions
- $this->mCore->registerPermission( 'readshoutbox' );
- $this->mCore->registerPermission( 'writeshoutbox' );
- $this->mCore->registerPermission( 'archiveshoutbox' );
+ $this->mCore->registerPermission( 'readshoutbox', array(),
array('type'=>'global') );
+ $this->mCore->registerPermission( 'writeshoutbox', array(),
array('type'=>'global') );
+ $this->mCore->registerPermission( 'archiveshoutbox', array(),
array('type'=>'global') );
$this->mCore->registerBehaviorSwitch( 'bs_noshoutbox' );
diff --git a/UniversalExport/UniversalExport.class.php
b/UniversalExport/UniversalExport.class.php
index eeecb47..e3b8f96 100644
--- a/UniversalExport/UniversalExport.class.php
+++ b/UniversalExport/UniversalExport.class.php
@@ -129,7 +129,7 @@
BsConfig::registerVar( 'MW::UniversalExport::ParamsOverrides',
$this->aParamsOverrides, BsConfig::LEVEL_PRIVATE|BsConfig::TYPE_ARRAY_MIXED
);
//Permissions
- $this->mCore->registerPermission( 'universalexport-export' );
+ $this->mCore->registerPermission( 'universalexport-export',
array(), array('type'=>'namespace') );
wfProfileOut( 'BS::'.__METHOD__ );
}
diff --git a/WantedArticle/WantedArticle.class.php
b/WantedArticle/WantedArticle.class.php
index 99089eb..54925ee 100644
--- a/WantedArticle/WantedArticle.class.php
+++ b/WantedArticle/WantedArticle.class.php
@@ -97,7 +97,7 @@
$this->setHook( 'BSInsertMagicAjaxGetData' );
$this->setHook( 'BeforePageDisplay' );
- $this->mCore->registerPermission( 'wantedarticle-suggest' );
+ $this->mCore->registerPermission( 'wantedarticle-suggest',
array(), array('type'=>'namespace') );
BsConfig::registerVar(
'MW::WantedArticle::DataSourceTemplateTitle', 'WantedArticles',
BsConfig::LEVEL_PUBLIC|BsConfig::TYPE_STRING,
'bs-wantedarticle-pref-datasourcetemplatetitle' );
BsConfig::registerVar( 'MW::WantedArticle::IncludeLimit', 10,
BsConfig::LEVEL_USER|BsConfig::TYPE_INT, 'bs-wantedarticle-pref-includelimit',
'int' );
diff --git a/WikiAdmin/WikiAdmin.class.php b/WikiAdmin/WikiAdmin.class.php
index e5d28ca..2531fa1 100644
--- a/WikiAdmin/WikiAdmin.class.php
+++ b/WikiAdmin/WikiAdmin.class.php
@@ -176,7 +176,7 @@
wfProfileIn( 'BS::'.__METHOD__ );
self::$prLoadModulesAndScripts = true;
- $this->mCore->registerPermission( 'wikiadmin', array( 'sysop' )
);
+ $this->mCore->registerPermission( 'wikiadmin', array( 'sysop'
), array('type'=>'global'));
wfProfileOut( 'BS::'.__METHOD__ );
}
--
To view, visit https://gerrit.wikimedia.org/r/192323
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I26d5d10734aa456d7c23605f0feffdbd37798f58
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/BlueSpiceExtensions
Gerrit-Branch: master
Gerrit-Owner: Jgoettlich <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
