HotSop DotCom wrote: > I want to set up a wiki which will contain a series of private sections, > where each section will only be accessible to a specific set of users. When > someone registers as a user they're given their own private section: one or > more pages that only they and their friends can read and edit. > > Then, to give a friend read/write access to their private section, they'd > fill out a form with a username and email address. An automatically generated > password would be sent to their friend's email, and that user will then be > given read/write access to the section. > > I want there to be a common section that everyone can see, and the admin > should be able to see all the sections. > > I don't want users of one section to know about the other sections. But, > security that specifically relates to this setup isn't that big of an issue: > one user probably isn't going to try hacking into another user's section. > This is also probably not going to be a high-traffic site. > > I was thinking of using categories and it looks like there are extensions > that limit access to categories that I can use or modify. I can hack the core > code if necessary, but I'd prefer not to do that. Also, this will be on > shared hosting. > > Are categories the best way to do this? Are their extensions that would make > this easier? Are there tutorials already showing how to set something like > this up? > > I'd prefer to avoid creating a wiki family because it seems like that would > make administration more difficult. With just one wiki the admin would be > able to see everything without going to Special:Allpages for each of the > wikis in the wiki farm. > > I currently run a basic MW wiki, but I'm not familiar with all of MW's > features. Can someone suggest the best way to do this, bearing in mind that > security between the various sections isn't that much of a concern and also > that I want to make administration as easy as possible (unless it will > require much more work)?
It can't be done completely secure. See http://www.mediawiki.org/wiki/Security_issues_with_authorization_extensions Using differents wikis is the best way but may be troublesome on a shared hosting, nonetheless I warn you that some users will try to break into the others space. Given your requeriments, I'd disable the API and Special:Export, make NS_USER and NS_USERTALK non-includable, and hack the core (try using UserCan hook) so user subpages can only be viewed (and edited) by a list of friends (eg. User:Foo/Friends). As you don't want to leak it, you'll want to change Special:Allpages restriction, but it could still leak if the users add some of the hidden pages to a category, appears as a search result, recentchanges... There're many things to change/disable. _______________________________________________ MediaWiki-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
