search

werideyou / improved-accesscontrol

Automatically exported from code.google.com/p/improved-accesscontrol
0 stars 0 forks source link

Anonymous rights #7

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Support is needed for non-group (global) access controls. For example,
restricting write access to a small group but allowing read access to
everybody else.

Original issue reported on code.google.com by eisenst...@gmail.com on 10 Nov 2008 at 7:57

GoogleCodeExporter commented 9 years ago 
Not being able to stop anonymous access globally is a bit of show-stopper for 
the
system I'm building, since it's intended to be private.  I'm trying to work out 
where
this is going wrong, but the logic in the standard User.php is making my head 
spin. 
Any hints as to where I should start?

Original comment by bookrevi...@gmail.com on 13 Jan 2009 at 5:18

GoogleCodeExporter commented 9 years ago 
I've been circling back on this issue and I think it's actually a lot easier 
than I originally thought. I'm going to try to get this into the code within 
the week.

However, this bug is just that if you put access control onto a page, you can't 
give read access to anonymous users. If you're just looking to close the system 
off from 
anonymous users entirely, try this in your LocalSettings.php:

    $wgGroupPermissions['*']['createaccount'] = false;
    $wgGroupPermissions['*']['read'] = false;
    $wgGroupPermissions['*']['edit'] = false;
    $wgGroupPermissions['*']['createpage'] = false;
    $wgGroupPermissions['*']['createtalk'] = false;

Other examples are at http://www.mediawiki.org/wiki/Manual:User_rights.

Original comment by eisenst...@gmail.com on 13 Jan 2009 at 7:13

GoogleCodeExporter commented 9 years ago 
I'd be happy with blocking all anonymous access!  I have all five of those set 
to
false in LocalSettings.php, and that works without improved-access control.  
But when
I enable improved-access-control, it stops working and anonymous users can read 
all
the pages that don't have <accesscontrol> tags on them.

(I can't see why you'd want to give anonymous users read access to a restricted 
page
anyway - could that ever make sense, given a blocked user can then just log out 
and
view the page?)

Original comment by bookrevi...@gmail.com on 15 Jan 2009 at 12:59

GoogleCodeExporter commented 9 years ago 
That is definitely a bug and I've added it as issue 11, critical for the next 
release

(In answer to your question, in this case the term 'anonymous users' means 'all 
users including anonymous'. That 
is, it should let you make a page world-readable but only editable by people in 
the specified groups.)

Original comment by eisenst...@gmail.com on 16 Jan 2009 at 3:38