* (bug 996) Replace $wgWhitelistEdit with 'edit' permission; fixup UPGRADE documentation about edit and read whitelists.
Patch by robla: http://bugzilla.wikimedia.org/attachment.cgi?id=645&action=view plus doc fixes
This commit is contained in:
Brion Vibber
parent
bdf49fd8e7
commit
a2a28a34c1
5 changed files with 42 additions and 13 deletions
|
|
@ -332,6 +332,9 @@ Various bugfixes, small features, and a few experimental things:
|
|||
* (bug 2504) Updated the Finnish translation
|
||||
* (bug 2506) Updated the Nynorsk translation
|
||||
* Everything given to setSubtitle() is now parsed for the full wikisyntax
|
||||
* (bug 996) Replace $wgWhitelistEdit with 'edit' permission; fixup UPGRADE
|
||||
documentation about edit and read whitelists.
|
||||
|
||||
|
||||
=== Caveats ===
|
||||
|
||||
|
|
|
|||
15
UPGRADE
15
UPGRADE
|
|
@ -48,9 +48,20 @@ key in $wgGroupPermissions. To emulate the old effect of setting:
|
|||
set:
|
||||
$wgGroupPermissions['*']['createaccount'] = false;
|
||||
|
||||
If $wgWhitelistRead is set, things need to be funked around. This needs work.
|
||||
$wgWhitelistEdit has been replaced by the 'edit' permission key.
|
||||
To emulate the old effect of setting:
|
||||
$wgWhitelistEdit = true;
|
||||
set:
|
||||
$wgGroupPermissions['*']['edit'] = false;
|
||||
|
||||
bla bla bla
|
||||
If $wgWhitelistRead is set, you must also disable the 'read' permission
|
||||
for it to take affect on anonymous users:
|
||||
$wgWhitelistRead = array( "Main Page", "Special:Userlogin" );
|
||||
$wgGroupPermissions['*']['read'] = false;
|
||||
|
||||
Note that you can disable/enable several other permissions by modifying
|
||||
this configuration array in your LocalSettings.php; see DefaultSettings.php
|
||||
for the complete default permission set.
|
||||
|
||||
|
||||
=== Web installer ===
|
||||
|
|
|
|||
|
|
@ -654,7 +654,6 @@ $wgHitcounterUpdateFreq = 1;
|
|||
# It's not 100% safe, there could be security hole using that one. Use at your
|
||||
# own risks.
|
||||
|
||||
$wgWhitelistEdit = false; # true = user must login to edit.
|
||||
$wgWhitelistRead = false; # Pages anonymous user may see, like: = array ( "Main Page", "Special:Userlogin", "Wikipedia:Help");
|
||||
|
||||
$wgAllowAnonymousMinor = false; # Allow anonymous users to mark changes as 'minor'
|
||||
|
|
@ -675,14 +674,18 @@ $wgAutoblockExpiry = 86400; # Number of seconds before autoblock entries expire
|
|||
* logged-in users are all implicitly in the 'user' group. These will be
|
||||
* combined with the permissions of all groups that a given user is listed
|
||||
* in in the user_groups table.
|
||||
*
|
||||
* This replaces wgWhitelistAccount and wgWhitelistEdit
|
||||
*/
|
||||
$wgGroupPermissions = array();
|
||||
|
||||
$wgGroupPermissions['*' ]['createaccount'] = true;
|
||||
$wgGroupPermissions['*' ]['read'] = true;
|
||||
$wgGroupPermissions['*' ]['edit'] = true;
|
||||
|
||||
$wgGroupPermissions['user' ]['move'] = true;
|
||||
$wgGroupPermissions['user' ]['read'] = true;
|
||||
$wgGroupPermissions['user' ]['edit'] = true;
|
||||
$wgGroupPermissions['user' ]['upload'] = true;
|
||||
|
||||
$wgGroupPermissions['bot' ]['bot'] = true;
|
||||
|
|
@ -1160,8 +1163,8 @@ $wgGoToEdit = false;
|
|||
$wgUserHtml = true;
|
||||
|
||||
/** Allow raw, unchecked HTML in <html>...</html> sections.
|
||||
* THIS IS VERY DANGEROUS on a publically editable site, so you can't enable it
|
||||
* unless you've restricted editing to trusted users only with $wgWhitelistEdit.
|
||||
* THIS IS VERY DANGEROUS on a publically editable site, so USE wgGroupPermissions
|
||||
* TO RESTRICT EDITING to only those that you trust
|
||||
*/
|
||||
$wgRawHtml = false;
|
||||
|
||||
|
|
|
|||
|
|
@ -135,7 +135,7 @@ class EditPage {
|
|||
* This is the function that gets called for "action=edit".
|
||||
*/
|
||||
function edit() {
|
||||
global $wgOut, $wgUser, $wgWhitelistEdit, $wgRequest;
|
||||
global $wgOut, $wgUser, $wgRequest;
|
||||
// this is not an article
|
||||
$wgOut->setArticleFlag(false);
|
||||
|
||||
|
|
@ -156,9 +156,14 @@ class EditPage {
|
|||
$this->blockedIPpage();
|
||||
return;
|
||||
}
|
||||
if ( $wgUser->isAnon() && $wgWhitelistEdit ) {
|
||||
$this->userNotLoggedInPage();
|
||||
return;
|
||||
if ( !$wgUser->isAllowed('edit') ) {
|
||||
if ( $wgUser->isAnon() ) {
|
||||
$this->userNotLoggedInPage();
|
||||
return;
|
||||
} else {
|
||||
$wgOut->readOnlyPage( $this->mArticle->getContent( true ), true );
|
||||
return;
|
||||
}
|
||||
}
|
||||
if ( wfReadOnly() ) {
|
||||
if( $this->save || $this->preview ) {
|
||||
|
|
@ -282,7 +287,6 @@ class EditPage {
|
|||
global $wgOut, $wgUser;
|
||||
global $wgLang, $wgContLang, $wgParser, $wgTitle;
|
||||
global $wgAllowAnonymousMinor;
|
||||
global $wgWhitelistEdit;
|
||||
global $wgSpamRegex, $wgFilterCallback;
|
||||
|
||||
$sk = $wgUser->getSkin();
|
||||
|
|
@ -323,10 +327,18 @@ class EditPage {
|
|||
$this->blockedIPpage();
|
||||
return;
|
||||
}
|
||||
if ( $wgUser->isAnon() && $wgWhitelistEdit ) {
|
||||
|
||||
if ( !$wgUser->isAllowed('edit') ) {
|
||||
if ( $wgUser->isAnon() ) {
|
||||
$this->userNotLoggedInPage();
|
||||
return;
|
||||
}
|
||||
else {
|
||||
$wgOut->readOnlyPage();
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if ( wfReadOnly() ) {
|
||||
$wgOut->readOnlyPage();
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -346,8 +346,8 @@ class Parser
|
|||
#$text = str_replace( $uniq_prefix, wfHtmlEscapeFirst( $uniq_prefix ), $text );
|
||||
|
||||
# html
|
||||
global $wgRawHtml, $wgWhitelistEdit;
|
||||
if( $wgRawHtml && $wgWhitelistEdit ) {
|
||||
global $wgRawHtml;
|
||||
if( $wgRawHtml ) {
|
||||
$text = Parser::extractTags('html', $text, $html_content, $uniq_prefix);
|
||||
foreach( $html_content as $marker => $content ) {
|
||||
if ($render ) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue