Regional-training LocalSettings.php

From regional-training
Revision as of 14:18, 9 June 2023 by Ralph (talk | contribs)

The LocalSettings.php customisations:


The http://regional-training.org wiki has the following LocalSettings.php customisations for category:Access Control: 

# RBH - block out most of it for anon users
wfLoadExtension( 'HideSidebar' );
$wgEnableSidebarCache = false;

#RBH
wfLoadExtension( 'RSS' );

# RBH Page Access authorisation
require_once "$IP/extensions/rabcg/RestrictAccessByCategoryAndGroup.php";

# SECURITY prevent public privleges  (anonymous user)
$wgReadPermissions['*']['read'] = false;
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermisisons['*']['createpage'] = false;
$wgGroupPermissions['*']['createaccount'] = false;

# install Page Access authorisation extension
require_once "$IP/extensions/rabcg/RestrictAccessByCategoryAndGroup.php";

# sysop can create accounts
$wgGroupPermissions['sysop']['createaccount'] = true;

# exclusive private category - where only user's with private group can access, or the sysop
$wgGroupPermissions['private']['*'] = false;
$wgGroupPermissions['private']['private'] = true;

# private category that users with group:lesson may access, or sysop
$wgGroupPermissions['lesson']['*'] = false;
$wgGroupPermissions['lesson']['private'] = true;

# private category that users with group:student may access, or sysop
$wgGroupPermissions['student']['*'] = false;
$wgGroupPermissions['student']['private'] = true;

# private category that users with group:projects may access, or sysop
$wgGroupPermissions['projects']['*'] = false;
$wgGroupPermissions['projects']['private'] = true;

# private category that users with group:trainer may access, or sysop
$wgGroupPermissions['trainer']['*'] = false;
$wgGroupPermissions['trainer']['private'] = true;

# the above private categories will show up as group privileges that may be assigned to users.
# you may define nearly any group you may required (except for predefined names such as user)
$wgGroupPermissions['sysop']['deletelogentry'] = true;
$wgGroupPermissions['sysop']['deleterevision'] = true;

$wgShowExceptionDetails = true;
$wgRightsPage = 'wiki rights';

# prevent anonymous edit and view source
function preventAnonymousEditHistory( $output,$article, $title, $user, $request, $wiki ) {
        if ( !user || $user->isAnon() ) {
                $action = $request->getVal('action');
                switch($action) {
                case 'edit':
                        if($title == 'Talk:Main') {
                             return true;
                        }
                        return false;

                case 'history':
                        return false;
                }

        }
        return true;
}
$wgHooks['MediaWikiPerformAction'][] = 'preventAnonymousEditHistory';

summary

These privileges may be assigned to a selected user from the Special:UserRights page, and are accessible in the php hook via $user->getGroups().

.

Categories may be assigned to a page, where the category may be associated by name to group.

Matches are performed case-insensitively, and when they occur, it means that the page is subject to fine-grained category:Access Control that is implemented by the Regional-training RestrictAccessByCategoryAndGroup.php extension.

Retrieved from ‘https://regional-training.org:443/rt-dir/index.php?title=Regional-training_LocalSettings.php&oldid=1821