Page MenuHomePhabricator
Create Task
Maniphest T8097

Patch to allow edits to be restricted to logged-in users with per-page exceptions to allow anonymous editing
Closed, InvalidPublic
Actions

Description

Author: netocrat

Description:
When using MediaWiki as a solution for a non-Wikipedia site, it's sometimes
useful to configure it so that by default pages are not editable except by
logged-in users. Then there are often pages that it would be handy to make an
exception for so that anonymous users can edit them. There isn't a simple way
to achieve this exception in the default codebase that I've found, but by using
the new(ish) ProtectionForm and Title::getRestrictions() functionality, it's
possible to achieve this with small patches to EditPage.php and Title.php.

I'll attach the patches; there are a couple of other additions that also need to
be applied:

  • add these lines to LocalSettings.php (be careful that $wgGroupPermissions

isn't overwritten later in the file and that these lines occur after
DefaultSettings.php has been included):
array_splice($wgRestrictionLevels, 1, 0, '*');
$wgGroupPermissions['*']['edit'] = false;

  • Edit MediaWiki:Protect-level-* to read:

Allow all including anons/not-logged-in

Now to set an individual page to be editable by anonymous users, log in as a
sysop and click the 'protect' tab and select 'Allow all including
anons/not-logged-in' (click 'Unlock move permissions' prior to this if anonymous
users should not also be given permission to move the page). To revert the page
to edits-by-logged-in-users-only, again click the 'protect' tab and choose
'(default)'.

There might then be some confusion due to the tab reading 'protect' when already
only logged in users can edit the page, but it should be easy to explain what
the '(default)' state is, perhaps by editing MediaWiki:Protect-text. The more
dangerous opposite of the tab reading 'unprotect' when in fact the page is not
at all restricted won't (shouldn't) occur due to this patch.

This provides a starting-point for finer-grained ACLs in MediaWiki - a
group-based default per-right that can be overridden per-page.

The patches were generated against 1.6.5; they apply without error to present
svn, and seem to function as expected against svn code.

Version: 1.7.x
Severity: enhancement

Details

Reference
bz6097

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:22 PM
bzimport added a project: MediaWiki-Page-editing.
bzimport set Reference to bz6097.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.May 26 2006, 4:42 PM
bzimport added a comment.May 26 2006, 4:44 PM

netocrat wrote:

Also apply EditPage.php.patch; both are against 1.6.5 but currently patch OK against svn code

Attached:

Title.php.patch2 KBDownload

bzimport added a comment.May 26 2006, 4:44 PM

netocrat wrote:

Also apply Title.php.patch; both are against 1.6.5 but currently patch OK against svn code

Attached:

EditPage.php.patch2 KBDownload

bzimport added a comment.Jul 4 2006, 8:11 AM

robchur wrote:

Feel free to write hacks/patches to meet your own needs.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL