-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Rob Church wrote:
On 14/06/06, Rotem Liss <mail(a)rotemliss.com>
wrote:
I think this fucntion is already exist (for
editing/moving/creating
page), and is called Title::userCan (includes/Title.php). As far as I
understand, you can hook it (or just edit it) and return false if it is
not some public namespace or a talk namespace and the user doesn't have
the necessary permission.
Let us assume that the user performing the following operation has no
rights to "view" Secret:Page.
1. Open up a page the user can edit
2. {{Secret:Page}}
3. Save
Gasp. This is one example of the vast number of means of accessing
content which makes attempting to use wiki software to lock down
access a somewhat awkward process.
Rob Church
The site administrator can also prevent editing (for example,
http://grants.wikimedia.org/), but it's not the solution for other wikis
which have, for example, a private part (unviewable and uneditable) and
a public part (viewable and editable).
Therefore, I suggest that the function Title::userCanRead will be called
and checked when viewing a template, and if the user cannot view this
page, an error message will be shown instead of the template.
- --
#define Name RotemLiss
#define Mail mailSTRUDELrotemlissDOTcom
#define Site
www.rotemliss.com
#define KeyFingerPrint 4AFD 8579 A449 4267 BED9 38E5 6EF8 5B1F EBDE 7AC0
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iD8DBQFEj//obvhbH+veesARAjn8AKCHXg5tNPFnaL+BHih3EjW/ftfWFQCfalvy
k0D0udAwo7zO+rrXjKheNoY=
=5I13
-----END PGP SIGNATURE-----