jenkins-bot has submitted this change and it was merged.
Change subject: Added to permissions new parameter
......................................................................
Added to permissions new parameter
* due to new config parameter I deleted the $aGlobalPermissions and
lockdown parameter. So I remade the logic for them
* added to all BS-Extensions the config parameter, also added an default
one
Change-Id: I26d5d10734aa456d7c23605f0feffdbd37798f58
---
M ExtendedSearch/ExtendedSearch.class.php
M Flexiskin/Flexiskin.class.php
M PermissionManager/PermissionManager.class.php
M Readers/Readers.class.php
M ResponsibleEditors/ResponsibleEditors.class.php
M Review/Review.class.php
M SecureFileStore/SecureFileStore.class.php
M ShoutBox/ShoutBox.class.php
M UniversalExport/UniversalExport.class.php
M WantedArticle/WantedArticle.class.php
M WikiAdmin/WikiAdmin.class.php
11 files changed, 63 insertions(+), 61 deletions(-)
Approvals:
Tweichart: Verified; Looks good to me, approved
jenkins-bot: Verified
diff --git a/ExtendedSearch/ExtendedSearch.class.php
b/ExtendedSearch/ExtendedSearch.class.php
index 6baad6d..dd16ff2 100644
--- a/ExtendedSearch/ExtendedSearch.class.php
+++ b/ExtendedSearch/ExtendedSearch.class.php
@@ -124,7 +124,7 @@
$this->setHook( 'BSDashboardsAdminDashboardPortalPortlets' );
$this->setHook( 'SkinTemplateOutputPageBeforeExec' );
- $this->mCore->registerPermission( 'searchfiles', array( 'user'
) );
+ $this->mCore->registerPermission( 'searchfiles', array( 'user'
), array( 'type' => 'global' ) );
wfProfileOut( 'BS::'.__METHOD__ );
}
diff --git a/Flexiskin/Flexiskin.class.php b/Flexiskin/Flexiskin.class.php
index 6b6aaf1..56e976e 100644
--- a/Flexiskin/Flexiskin.class.php
+++ b/Flexiskin/Flexiskin.class.php
@@ -87,7 +87,7 @@
if ($sId != "default")
$wgOut->addHeadItem('flexiskin', "<link
rel='stylesheet' href='" . $wgUploadPath . "/bluespice/flexiskin/" . $sId .
"/style" . (self::getVal('preview', '') != "" ? '.tmp' : '') . ".css'>");
}
- $this->mCore->registerPermission('flexiskinedit');
+ $this->mCore->registerPermission( 'flexiskinedit', array(),
array( 'type' => 'global' ) );
wfProfileOut('BS::' . __METHOD__);
}
diff --git a/PermissionManager/PermissionManager.class.php
b/PermissionManager/PermissionManager.class.php
index 20616c1..aa1642d 100644
--- a/PermissionManager/PermissionManager.class.php
+++ b/PermissionManager/PermissionManager.class.php
@@ -54,27 +54,6 @@
*/
protected static $aInvisibleGroups = array('Sysop');
/**
- * @var array
- */
- protected static $aGlobalPermissions = array(
- "apihighlimits", "autoconfirmed", "autopatrol", "bigdelete",
"block",
- "blockemail", "bot", "browsearchive", "createaccount",
"editinterface",
- "editusercssjs", "editusercss", "edituserjs", "hideuser",
"import",
- "importupload", "ipblock-exempt", "move-rootuserpages",
- "override-export-depth", "passwordreset", "proxyunbannable",
- "sendemail", "siteadmin", "unblockself", "userrights",
- "userrights-interwiki", "writeapi", "skipcaptcha",
"renameuser", "viewfiles",
- "searchfiles", "wikiadmin"
- );
- /**
- * @var array Holds all rights which are protected. Protected rights
have to be applied to at least one real group
- * and get applied automatically to the sysop group, if no
other group hold them.
- */
- protected static $aProtectedPermissions = array(
- 'read', 'siteadmin', 'wikiadmin'
- );
-
- /**
* Constructor of PermissionManager
*/
public function __construct() {
@@ -345,23 +324,37 @@
return $aMetadata;
}
+ /**
+ * This is to check if a right is global or local. This is stored in the
+ * $aMetadata to creates categorys in the Permission Manager form
+ * @global Array $bsgPermissionConfig stores various configurations for
rights
+ * @return Array $aMetadata stores values needed in the
permissionmanager getForm()
+ * i.e. if a right is global or local.
+ */
protected static function buildRightsMetadata() {
+ global $bsgPermissionConfig;
$aRights = User::getAllRights();
$aMetadata = array();
-
natsort( $aRights );
- foreach($aRights as $sRight) {
- $bGlobalPermission = in_array( $sRight,
self::$aGlobalPermissions );
- $aMetadata[] = array(
- 'right' => $sRight,
- 'type' => $bGlobalPermission ? 2 : 1,
- 'typeHeader' => $bGlobalPermission
- ?
wfMessage('bs-permissionmanager-grouping-global')->plain()
- :
wfMessage('bs-permissionmanager-grouping-local')->plain()
- );
+ if ( is_array( $aRights ) ) {
+ foreach ( $aRights as $sRight ) {
+ if ( !isset( $bsgPermissionConfig[$sRight] ) ) {
+ $bsgPermissionConfig[$sRight] = array(
+ 'type' => 'namespace'
+ );
+ }
+ $aConfig = $bsgPermissionConfig[$sRight];
+ $bGlobalPermission = $aConfig['type'] ==
'global' ? true : false;
+ $aMetadata[] = array(
+ 'right' => $sRight,
+ 'type' => $bGlobalPermission ? 2 : 1,
+ 'typeHeader' => $bGlobalPermission
+ ?
wfMessage('bs-permissionmanager-grouping-global')->plain()
+ :
wfMessage('bs-permissionmanager-grouping-local')->plain()
+ );
+ }
}
-
- wfRunHooks('BsPermissionManager::buildRightsMetadata',
array(&$aMetadata));
+ wfRunHooks( 'BsPermissionManager::buildRightsMetadata', array(
&$aMetadata ) );
return $aMetadata;
}
@@ -455,21 +448,30 @@
/**
* Prevents that the wiki gets accidentally inaccessible for all users.
- * All rights which are noted in @see
PermissionManager::$aProtectedPermssions will be applied automatically to the
- * sysop group, if no other group holds them.
- *
+ * Some of the rights which are pre-set in the $bsgPermissionConfig have
+ * a config array, which prevents the Lockdown to be enabled on these
rights.
* @param array $aGroupPermissions
*/
- protected static function preventPermissionLockout(&$aGroupPermissions)
{
- foreach(self::$aProtectedPermissions as $sRight) {
- $isSet = false;
- foreach($aGroupPermissions as $aDataset) {
- if(isset($aDataset[$sRight]) &&
$aDataset[$sRight]) {
- $isSet = true;
+ protected static function preventPermissionLockout( &$aGroupPermissions
) {
+ global $bsgPermissionConfig;
+ $aRights = User::getAllRights();
+ if ( !is_array( $aRights ) ) {
+ return;
+ }
+ foreach ( $aRights as $sRight ) {
+ if ( isset(
$bsgPermissionConfig[$sRight]['preventLockout'] ) ) {
+ $bIsSet = false;
+ if ( is_array( $aGroupPermissions ) ) {
+ foreach ( $aGroupPermissions as
$aDataset ) {
+ if ( isset( $aDataset[$sRight]
) && $aDataset[$sRight] ) {
+ $bIsSet = true;
+ continue;
+ }
+ }
+ if ( !$bIsSet ) {
+
$aGroupPermissions['sysop'][$sRight] = true;
+ }
}
- }
- if(!$isSet) {
- $aGroupPermissions['sysop'][$sRight] = true;
}
}
}
diff --git a/Readers/Readers.class.php b/Readers/Readers.class.php
index de4b094..0a4dd9b 100644
--- a/Readers/Readers.class.php
+++ b/Readers/Readers.class.php
@@ -75,7 +75,7 @@
$this->setHook( 'SkinTemplateOutputPageBeforeExec' );
$this->setHook( 'SkinTemplateNavigation' );
- $this->mCore->registerPermission( 'viewreaders' );
+ $this->mCore->registerPermission( 'viewreaders', array(),
array( 'type' => 'global' ) );
BsConfig::registerVar( 'MW::Readers::Active', true,
BsConfig::LEVEL_PUBLIC|BsConfig::TYPE_BOOL, 'bs-readers-pref-active', 'toggle'
);
BsConfig::registerVar( 'MW::Readers::NumOfReaders', 10,
BsConfig::TYPE_INT|BsConfig::LEVEL_PUBLIC, 'bs-readers-pref-numofreaders',
'int' );
diff --git a/ResponsibleEditors/ResponsibleEditors.class.php
b/ResponsibleEditors/ResponsibleEditors.class.php
index 9975ee0..8d67c0e 100644
--- a/ResponsibleEditors/ResponsibleEditors.class.php
+++ b/ResponsibleEditors/ResponsibleEditors.class.php
@@ -102,9 +102,9 @@
$this->setHook( 'SuperList::queryPagesWithFilter',
'onSuperListQueryPagesWithFilter' );
$this->setHook( 'SuperList::buildDataSets',
'onSuperListBuildDataSets' );
- $this->mCore->registerPermission(
'responsibleeditors-changeresponsibility' );
- $this->mCore->registerPermission(
'responsibleeditors-viewspecialpage' );
- $this->mCore->registerPermission(
'responsibleeditors-takeresponsibility', array( 'user' ) );
+ $this->mCore->registerPermission(
'responsibleeditors-changeresponsibility', array(), array( 'type' => 'global' )
);
+ $this->mCore->registerPermission(
'responsibleeditors-viewspecialpage', array(), array( 'type' => 'global' ) );
+ $this->mCore->registerPermission(
'responsibleeditors-takeresponsibility', array( 'user' ), array( 'type' =>
'global' ) );
wfProfileOut('BS::' . __METHOD__);
}
diff --git a/Review/Review.class.php b/Review/Review.class.php
index dc387ed..20f29a6 100644
--- a/Review/Review.class.php
+++ b/Review/Review.class.php
@@ -91,9 +91,9 @@
$this->setHook('BeforePageDisplay');
$this->setHook('SkinTemplateOutputPageBeforeExec');
- $this->mCore->registerPermission('workflowview', array('user'));
- $this->mCore->registerPermission('workflowedit');
- $this->mCore->registerPermission('workflowlist');
+ $this->mCore->registerPermission( 'workflowview', array( 'user'
), array( 'type' => 'global' ) );
+ $this->mCore->registerPermission( 'workflowedit', array(),
array( 'type' => 'global' ) );
+ $this->mCore->registerPermission( 'workflowlist', array(),
array( 'type' => 'global' ) );
global $wgLogActionsHandlers;
$wgLogActionsHandlers['bs-review/create'] = array($this,
'logCreate');
diff --git a/SecureFileStore/SecureFileStore.class.php
b/SecureFileStore/SecureFileStore.class.php
index cdce0b1..43deecf 100644
--- a/SecureFileStore/SecureFileStore.class.php
+++ b/SecureFileStore/SecureFileStore.class.php
@@ -97,7 +97,7 @@
$this->setHook( 'ExtendedSearchBeforeAjaxResponse',
'secureImages' );
$this->setHook( 'SiteNoticeAfter', 'onSiteNoticeAfter' );
- $this->mCore->registerPermission( 'viewfiles', array( 'user' )
);
+ $this->mCore->registerPermission( 'viewfiles', array( 'user' ),
array( 'type' => 'global' ) );
wfProfileOut( 'BS::'.__METHOD__ );
}
diff --git a/ShoutBox/ShoutBox.class.php b/ShoutBox/ShoutBox.class.php
index 5a84ffb..8ae83dc 100644
--- a/ShoutBox/ShoutBox.class.php
+++ b/ShoutBox/ShoutBox.class.php
@@ -108,9 +108,9 @@
// Permissions
- $this->mCore->registerPermission( 'readshoutbox' );
- $this->mCore->registerPermission( 'writeshoutbox' );
- $this->mCore->registerPermission( 'archiveshoutbox' );
+ $this->mCore->registerPermission( 'readshoutbox', array(),
array( 'type' => 'global' ) );
+ $this->mCore->registerPermission( 'writeshoutbox', array(),
array( 'type' => 'global' ) );
+ $this->mCore->registerPermission( 'archiveshoutbox', array(),
array( 'type' => 'global' ) );
$this->mCore->registerBehaviorSwitch( 'bs_noshoutbox' );
diff --git a/UniversalExport/UniversalExport.class.php
b/UniversalExport/UniversalExport.class.php
index eeecb47..2875dcd 100644
--- a/UniversalExport/UniversalExport.class.php
+++ b/UniversalExport/UniversalExport.class.php
@@ -129,7 +129,7 @@
BsConfig::registerVar( 'MW::UniversalExport::ParamsOverrides',
$this->aParamsOverrides, BsConfig::LEVEL_PRIVATE|BsConfig::TYPE_ARRAY_MIXED
);
//Permissions
- $this->mCore->registerPermission( 'universalexport-export' );
+ $this->mCore->registerPermission( 'universalexport-export',
array(), array( 'type' => 'namespace' ) );
wfProfileOut( 'BS::'.__METHOD__ );
}
diff --git a/WantedArticle/WantedArticle.class.php
b/WantedArticle/WantedArticle.class.php
index 99089eb..db0317d 100644
--- a/WantedArticle/WantedArticle.class.php
+++ b/WantedArticle/WantedArticle.class.php
@@ -97,7 +97,7 @@
$this->setHook( 'BSInsertMagicAjaxGetData' );
$this->setHook( 'BeforePageDisplay' );
- $this->mCore->registerPermission( 'wantedarticle-suggest' );
+ $this->mCore->registerPermission( 'wantedarticle-suggest',
array(), array( 'type' => 'namespace' ) );
BsConfig::registerVar(
'MW::WantedArticle::DataSourceTemplateTitle', 'WantedArticles',
BsConfig::LEVEL_PUBLIC|BsConfig::TYPE_STRING,
'bs-wantedarticle-pref-datasourcetemplatetitle' );
BsConfig::registerVar( 'MW::WantedArticle::IncludeLimit', 10,
BsConfig::LEVEL_USER|BsConfig::TYPE_INT, 'bs-wantedarticle-pref-includelimit',
'int' );
diff --git a/WikiAdmin/WikiAdmin.class.php b/WikiAdmin/WikiAdmin.class.php
index e5d28ca..e1f0095 100644
--- a/WikiAdmin/WikiAdmin.class.php
+++ b/WikiAdmin/WikiAdmin.class.php
@@ -176,7 +176,7 @@
wfProfileIn( 'BS::'.__METHOD__ );
self::$prLoadModulesAndScripts = true;
- $this->mCore->registerPermission( 'wikiadmin', array( 'sysop' )
);
+ $this->mCore->registerPermission( 'wikiadmin', array( 'sysop'
), array( 'type' => 'global' ) );
wfProfileOut( 'BS::'.__METHOD__ );
}
--
To view, visit https://gerrit.wikimedia.org/r/192323
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I26d5d10734aa456d7c23605f0feffdbd37798f58
Gerrit-PatchSet: 7
Gerrit-Project: mediawiki/extensions/BlueSpiceExtensions
Gerrit-Branch: master
Gerrit-Owner: Jgoettlich <[email protected]>
Gerrit-Reviewer: Mglaser <[email protected]>
Gerrit-Reviewer: Pigpen <[email protected]>
Gerrit-Reviewer: Pwirth <[email protected]>
Gerrit-Reviewer: Robert Vogel <[email protected]>
Gerrit-Reviewer: Tweichart <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
