On Tue, Dec 20, 2016 at 2:00 AM, Bartosz Dziewoński <matma.rex(a)gmail.com>
wrote:
On 2016-12-20 06:22, Daniel Barrett wrote:
The real issue is that a custom callback for the
hook
"SpecialPages_initList" is invoking RequestContext::getMain()->get
User()->isLoggedIn().
Apparently that doesn't work.
I'll take a guess that SpecialPages_initList runs too early for this
check to succeed?
My goal is to remove some special pages for anonymous users but permit
logged-in users to see them.
Is there a better way to check for a logged-in user at this hook point?
Or a better way to remove
special pages for anonymous users?
Yes, the list of special pages can't depend on anything related to the
current user.
Instead, you should check whether the user is logged in when displaying
the special page. You can just call `$this->requireLogin();` at the
beginning of the special page's execute() function – this will check
whether the user is logged in, and if not, display an error message and
abort execution. You can optionally pass a custom error message. See e.g.
/includes/specials/SpecialWatchlist.php in MediaWiki for an example.
And to hide a special page on Special:SpecialPages from users who can't use
it, have the page's userCanExecute() return false when appropriate and have
isRestricted() return true. If the check is based on having one user right,
this can be easily done by passing the user right as the $restriction
parameter to SpecialPage::__construct().
--
Brad Jorsch (Anomie)
Senior Software Engineer
Wikimedia Foundation