Page MenuHomePhabricator
Create Task
Maniphest T12758

Add a Title parameter to User::isAllowed()
Closed, DeclinedPublic
Actions

Description

Author: bugzilla

Description:
The proposed enhancement:

  • does not disrupt the stock MediaWiki
  • allows for extensions to handle rights management at a more granular level.

Proposed change to User.php:

<source lang=php>
function isAllowed($action='', $ns = null /*optional*/, $title = null /* optional */ )

{
        if ( $action === '' )
                // In the spirit of DWIM
                return true;
 
        // CHANGE begin{{
        $result = null;
        wfRunHooks('UserIsAllowed', array( &$this, $ns, $title, &$action, &$result ) );
        if ( $result !== null )
                return $result;
        // CHANGE end }}
 
        return in_array( $action, $this->getRights() );
}

</source>

Of course it does not address the policing issues of the whole MediaWiki platform but updating this method could open up the path to enhancements to the rights management sub-system i.e. do it piece-by-piece maybe? I know I have seen discussion around 'using more' the 'Title::userCan' method but, in retrospect, after delving for many hours in the bowels of MW, I now could argue 'more intelligently' that this wouldn't be, IMO, a course of action I would follow; e.g. there are 'title/namespace' level rights and there are 'title independent' rights to manage here.

Version: 1.11.x
Severity: enhancement

Details

Reference
bz10758

Event Timeline

bzimport raised the priority of this task from to Lowest.Nov 21 2014, 9:49 PM
bzimport added a project: MediaWiki-General.
bzimport set Reference to bz10758.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Jul 31 2007, 12:33 AM
brion added a comment.Aug 8 2007, 5:22 PM

Seems to duplicate existing code?

bzimport added a comment.Aug 8 2007, 5:27 PM

bugzilla wrote:

Well, until an extension hooks up to the new hook 'UserIsAllowed', the above code does not change the current MediaWiki behavior.
The point is to add a hook that does not disturb the current Mediawiki whilst allowing incremental changes in the direction of better rights management.

IAlex added a comment.Apr 4 2010, 11:13 AM

We already have the getUserPermissionsErrors hook (and its old version userCan) that passes a Title object in its arguments. Adding those parameters User::isAllowed() would only duplicate code as Brion said.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL