http://www.mediawiki.org/wiki/Special:Code/MediaWiki/88709
Revision: 88709
Author: werdna
Date: 2011-05-24 01:57:30 +0000 (Tue, 24 May 2011)
Log Message:
-----------
Commit SemanticACL extension: simple naive extension to restrict page views and
edits using semantic properties.
Added Paths:
-----------
trunk/extensions/SemanticACL/
trunk/extensions/SemanticACL/Messages.php
trunk/extensions/SemanticACL/SemanticACL.php
Added: trunk/extensions/SemanticACL/Messages.php
===================================================================
--- trunk/extensions/SemanticACL/Messages.php (rev 0)
+++ trunk/extensions/SemanticACL/Messages.php 2011-05-24 01:57:30 UTC (rev
88709)
@@ -0,0 +1,15 @@
+<?php
+
+$messages['en'] = array(
+ 'sacl-desc' => 'Allows access restrictions to be set with Semantic
MediaWiki properties.',
+ 'sacl-denied' => 'You are not on the access list for this page.',
+ 'right-sacl-exempt' => 'Exempt from Semantic ACLs',
+
+ 'sacl-property-visibility' => 'Visible to',
+ 'sacl-property-visibility-wl-group' => 'View whitelisted group',
+ 'sacl-property-visibility-wl-user' => 'View whitelisted user',
+
+ 'sacl-property-editable' => 'Editable by',
+ 'sacl-property-editable-wl-group' => 'Edit whitelisted group',
+ 'sacl-property-editable-wl-user' => 'Edit whitelisted user',
+);
Added: trunk/extensions/SemanticACL/SemanticACL.php
===================================================================
--- trunk/extensions/SemanticACL/SemanticACL.php
(rev 0)
+++ trunk/extensions/SemanticACL/SemanticACL.php 2011-05-24 01:57:30 UTC
(rev 88709)
@@ -0,0 +1,127 @@
+<?php
+
+if ( !defined( 'MEDIAWIKI' ) )
+ die();
+
+$wgExtensionCredits['other'][] = array(
+ 'path' => __FILE__,
+ 'name' => 'Semantic ACL',
+ 'author' => array( 'Andrew Garrett' ),
+ 'descriptionmsg' => 'sacl-desc',
+);
+
+$wgExtensionMessagesFiles['SemanticACL'] = dirname(__FILE__).'/Messages.php';
+
+$wgHooks['userCan'][] = 'saclGetPermissionErrors';
+$wgHooks['smwInitProperties'][] = 'saclInitProperties';
+
+$wgGroupPermissions['sysop']['sacl-exempt'] = true;
+
+// Initialise predefined properties
+function saclInitProperties() {
+
+
+ // Read restriction properties
+ SMWDIProperty::registerProperty( '___VISIBLE', '_str',
+
wfMsgForContent('sacl-property-visibility') );
+ SMWDIProperty::registerProperty( '___VISIBLE_WL_GROUP', '_str',
+
wfMsgForContent('sacl-property-visibility-wl-group') );
+ SMWDIProperty::registerProperty( '___VISIBLE_WL_USER', '_wpg',
+
wfMsgForContent('sacl-property-visibility-wl-user') );
+
+ SMWDIProperty::registerPropertyAlias( '___VISIBLE', 'Visible to' );
+ SMWDIProperty::registerPropertyAlias( '___VISIBLE_WL_GROUP', 'View
whitelisted group' );
+ SMWDIProperty::registerPropertyAlias( '___VISIBLE_WL_USER', 'View
whitelisted user' );
+
+ // Write restriction properties
+ SMWDIProperty::registerProperty( '___EDITABLE', '_str',
+
wfMsgForContent('sacl-property-editable') );
+ SMWDIProperty::registerProperty( '___EDITABLE_WL_GROUP', '_str',
+
wfMsgForContent('sacl-property-editable-wl-group') );
+ SMWDIProperty::registerProperty( '___EDITABLE_WL_USER', '_wpg',
+
wfMsgForContent('sacl-property-editable-wl-user') );
+
+ SMWDIProperty::registerPropertyAlias( '___EDITABLE_BY', 'Editable by' );
+ SMWDIProperty::registerPropertyAlias( '___EDITABLE_WL_GROUP', 'Edit
whitelisted group' );
+ SMWDIProperty::registerPropertyAlias( '___EDITABLE_WL_USER', 'Edit
whitelisted user' );
+
+ return true;
+}
+
+
+function saclGetPermissionErrors( $title, $user, $action, &$result ) {
+
+ // Failsafe: Some users are exempt from Semantic ACLs
+ if ( $user->isAllowed( 'sacl-exempt' ) ) {
+ return true;
+ }
+
+ $store = smwfGetStore();
+ $subject = SMWDIWikiPage::newFromTitle( $title );
+
+ // The prefix for the whitelisted group and user properties
+ // Either ___VISIBLE or ___EDITABLE
+ $prefix = '';
+
+ if ( $action == 'read' ) {
+ $prefix = '___VISIBLE';
+ } else {
+ $type_property = 'Editable by';
+ $prefix = '___EDITABLE';
+ }
+
+ $property = new SMWDIProperty($prefix);
+ $aclTypes = $store->getPropertyValues( $subject, $property );
+
+ foreach( $aclTypes as $valueObj ) {
+ $value = strtolower($valueObj->getString());
+
+ if ( $value == 'users' ) {
+ if ( $user->isAnon() ) {
+ $result = false;
+ return false;
+ }
+ } elseif ( $value == 'whitelist group' ) {
+ $whitelistProperty = new SMWDIProperty(
"{$prefix}_WL_GROUP" );
+ $whitelistValues = $store->getPropertyValues( $subject,
$whitelistProperty );
+
+ $inWhitelistedGroup = false;
+
+ foreach( $whitelistValues as $whitelistValue ) {
+ $group =
strtolower($whitelistValue->getString());
+
+ if ( in_array( $group,
$user->getEffectiveGroups() ) ) {
+ $inWhitelistedGroup = true;
+ break;
+ }
+ }
+
+ if ( ! $inWhitelistedGroup ) {
+ $result = false;
+ return false;
+ }
+ } elseif ( $value == 'whitelist user' ) {
+ $whitelistProperty = new SMWDIProperty(
"{$prefix}_WL_USER" );
+ $whitelistValues = $store->getPropertyValues( $subject,
$whitelistProperty );
+
+ $isWhitelistedUser = false;
+
+ foreach( $whitelistValues as $whitelistValue ) {
+ $title = $whitelistValue->getTitle();
+
+ if ( $title->equals( $user->getUserPage() ) ) {
+ $isWhitelistedUser = true;
+ }
+ }
+
+ if ( ! $isWhitelistedUser ) {
+ $result = false;
+ return false;
+ }
+ } elseif ( $value == 'public' ) {
+ return true;
+ }
+ }
+
+ return true;
+}
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs