Extension:SimpleSecurity2.1.php

From Organic Design wiki
Revision as of 09:30, 3 March 2007 by Nad (talk | contribs) (version 2.0 - redoing almost from scratch, much more efficient and stronger!)

<?

  1. Simple security extension version 2.0
  2. - sysop
  3. - See [[MediaWiki Security]] article for installation and usage details
  4. - Licenced under LGPL (http://www.gnu.org/copyleft/lesser.html)
  5. - Needs apache's mod-rewrite for security on images, see code comments below
  1. Asseses security after raw content fetched from database and clears if not readable
  2. - also fills the global $securityItems cache with info to append to the rendered article

$securityAfterFetchIndex = count($wgHooks['ArticleAfterFetchContent']); $wgHooks['ArticleAfterFetchContent'][] = 'securityAfterFetch'; function securityAfterFetch(&$this,&$text) { global $wgUser,$wgTitle,$securityItems,$securityAfterFetchIndex; $parser = new Parser; $options = ParserOptions::newFromUser($wgUser); $parser->setFunctionHook('Security','securityProcessItem'); $parser->setFunctionHook(':Security','securityProcessItem'); $securityItems = array(); $output = $parser->parse($text,$wgTitle,$options,false,false); $allItems = $securityItems;

# Before inheriting security from categories # - stop checking :Security because they shouldn't inherit # - remove this AfterDatabaseFetch hook because we need to read each cats content unset($parser->mFunctionHooks[':Security']); $hookBak = $wgHooks['ArticleAfterFetchContent']; $wgHooks['ArticleAfterFetchContent'][$securityAfterFetchIndex] = array_splice($wgHooks['ArticleAfterFetchContent'],$securityAfterFetchIndex,1);

# Get the security items from the cats by running the parser over the content of each foreach ($output->getCategoryLinks() as $cat) { $article = new Article($title = Title::newFromText($cat = "Category:$cat")); $securityItems = array(); $parser->parse($article->fetchContent(0,false,false),$title,$options,false,false); foreach ($securityItems as $i) $allItems[] = array($i[0],$i[1],"this rule is inherited from $cat"); }

# Resolve permission for this action from the extracted security links $security = ; foreach ($seclinks as $link) { if ($link[2]==) $link[2] = 'sysop'; $actions = preg_split("/\\s*,\\s*/",strtolower($link[1])); if (in_array($securityAction,$actions)) $security = $link[2]; if (in_array('*',$actions) && ($security == )) $security = $link[2]; }

# Validate extracted security against this user/groups $groups = $wgUser->getGroups(); foreach($groups as $k => $v) $groups[$k] = strtolower($v); $deny = false; if ($security && !in_array('sysop',$groups) && !in_array('director',$groups)) { $security = preg_split("/\\s*,\\s*/",$security); if (!in_array('*',$security)) { $groups[] = ucwords($wgUser->mName); if (count(array_intersect($groups,$security))==0) { $action = 'view'; $deny = true; } } }

# Put the AfterFetch hook back how it was and exit successfully $wgHooks['ArticleAfterFetchContent'][$securityAfterFetchIndex] = $hookBak; return true; }

  1. Accumulates security information in a global cache whenever a security item is parsed

function securityProcessItem(&$this,$a,$b) { $GLOBALS['securityItems'][] = array($a,$b); return ; } ?>

Retrieved from "https://organicdesign.nz/wiki/index.php?title=Extension:SimpleSecurity2.1.php&oldid=56319"