Mailing List Archive: Blacklist pages from viewing?

Blacklist pages from viewing?

Aug 4, 2004, 9:44 AM

Post #1 of 5 (1300 views)

Hey all,

My original question was posed on my blog.
http://brainscat.com/archives/2004/08/04/mediawiki-permissions
Hopefully, somebody knows an answer... :)

> This is a plea for help regarding the MediaWiki permissions model. I
> spent the majority of all last night looking for a way to have an open
> wiki with certain pages that weren’t viewable by anyone except sysops.
> I know you can lock a page from editing, but I need certain pages to
> be invisible.
>
> The closest I could find was a whitelist scheme. For my purposes
> though, the whitelist scheme would be far too hard to update, as my
> number of public pages is far greater than private pages and
> maintaining a whitelist would be too time consuming.
>
> Are there ways to do one of the following?
>
> * Namespace the default set of documents and whitelist them, while
> creating a different namespace for the private pages?
> * Manage a blacklist of pages? Or blacklist a namespace?
>
> Any answer I find will be posted here and on MediaWiki for posterity,
> and will be greatly appreciated.

Best,
~Tor

Re: Blacklist pages from viewing? [ In reply to ]

kerim.mail at oxus

Aug 4, 2004, 10:07 AM

Post #2 of 5 (1291 views)

Permalink

I can think of one possibility:

Create two wikis and use interwiki links between the two of them. The
ones that you wish to keep private could be protected by .htaccess
authentication, requiring a password.

Unfortunately, it doesn't seem easy to modify the list of recognized
interwiki links in MediaWiki. I know in TikiWiki there was an admin
page for this, but MediaWiki doesn't have one. All I could find was a
page where you can suggest sites to be added into the next release of
the code! Someone asked in the Talk page how to do this yourself, but
there is no answer. (Sorry to have so many references to TikiWiki. I
hate its bloat, which is why I'm now using MediaWiki, but some of the
many features it had are really quite useful - especially for
configuring your own setup.)

Cheers,

kerim

On Aug 4, 2004, at 12:44 PM, Tor Bjornrud wrote:

> Hey all,
>
> My original question was posed on my blog.
> http://brainscat.com/archives/2004/08/04/mediawiki-permissions
> Hopefully, somebody knows an answer... :)
>
>> This is a plea for help regarding the MediaWiki permissions model. I
>> spent the majority of all last night looking for a way to have an
>> open wiki with certain pages that weren’t viewable by anyone except
>> sysops. I know you can lock a page from editing, but I need certain
>> pages to be invisible.
>>
>> The closest I could find was a whitelist scheme. For my purposes
>> though, the whitelist scheme would be far too hard to update, as my
>> number of public pages is far greater than private pages and
>> maintaining a whitelist would be too time consuming.
>>
>> Are there ways to do one of the following?
>>
>> * Namespace the default set of documents and whitelist them,
>> while creating a different namespace for the private pages?
>> * Manage a blacklist of pages? Or blacklist a namespace?
>>
>> Any answer I find will be posted here and on MediaWiki for posterity,
>> and will be greatly appreciated.
>
> Best,
> ~Tor
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l@Wikimedia.org
> http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
>

Re: Blacklist pages from viewing? [ In reply to ]

bjornrud at msu

Aug 4, 2004, 11:24 AM

Post #3 of 5 (1288 views)

Permalink

> Create two wikis and use interwiki links between the two of them.

I think this would be quite possible, though slightly tedious. If
there's no alternative, I may have to do this, or use TikiWiki... I'm
going on a limb here, but I would think that the management of one
tikiwiki would be easier than two mediawikis...

> Unfortunately, it doesn't seem easy to modify the list of recognized
> interwiki links in MediaWiki. I know in TikiWiki there was an admin
> page for this, but MediaWiki doesn't have one.

I've seen some work on interwiki links here...
http://meta.wikimedia.org/wiki/Interwiki_links though it seems poorly
explained.

It also briefly mentions interlanguage links.

Are languages handled through separate installs of mediawiki and then
interwiki linked, or are the languages defined within the same wiki?
Basically, could I define my own "language", and then allow only
english pages to be viewed by all users?

Re: Blacklist pages from viewing? [ In reply to ]

brion at pobox

Aug 4, 2004, 11:37 AM

Post #4 of 5 (1303 views)

Permalink

Tor Bjornrud wrote:
>> Are there ways to do one of the following?
>>
>> * Namespace the default set of documents and whitelist them, while
>> creating a different namespace for the private pages?
>> * Manage a blacklist of pages? Or blacklist a namespace?

There is not currently a blacklist feature, but it should be easy to
hack in. In Title.php there is this function:

function userCanRead() {
global $wgUser;
global $wgWhitelistRead;

if( 0 != $wgUser->getID() ) return true;
if( !is_array( $wgWhitelistRead ) ) return true;

$name = $this->getPrefixedText();
if( in_array( $name, $wgWhitelistRead ) ) return true;

# Compatibility with old settings
if( $this->getNamespace() == NS_MAIN ) {
if( in_array( ":" . $name, $wgWhitelistRead ) )
return true;
}
return false;
}

A blacklist will be the opposite of the whitelist:

if( in_array( $name, $wgBlacklistRead ) ) return false;

Or a namespace blacklist might look like:

if( in_array( $this->getNamespace(), $wgBlacklistNs ) ) {
return false;
}

However be careful; MediaWiki is designed for open access, and there may
be numerous ways around the poorly tested, little-used access control
features. I would not recommend relying on them for any purpose; if you
have information you wish to keep private, the best way is to keep it
completely separate from a public wiki database and use HTTP
authentication to control access at the highest level.

-- brion vibber (brion @ pobox.com)

Re: Blacklist pages from viewing? [ In reply to ]

bjornrud at msu

Aug 4, 2004, 11:52 AM

Post #5 of 5 (1319 views)

Permalink

On Aug 4, 2004, at 2:37 PM, Brion Vibber wrote:

> Tor Bjornrud wrote:
>>> Are there ways to do one of the following?
>>>
>>> * Namespace the default set of documents and whitelist them,
>>> while creating a different namespace for the private pages?
>>> * Manage a blacklist of pages? Or blacklist a namespace?
>
> There is not currently a blacklist feature, but it should be easy to
> hack in. In Title.php there is this function:
>
> function userCanRead() {
> global $wgUser;
> global $wgWhitelistRead;
>
> if( 0 != $wgUser->getID() ) return true;
> if( !is_array( $wgWhitelistRead ) ) return true;
>
> $name = $this->getPrefixedText();
> if( in_array( $name, $wgWhitelistRead ) ) return true;
>
> # Compatibility with old settings
> if( $this->getNamespace() == NS_MAIN ) {
> if( in_array( ":" . $name, $wgWhitelistRead ) )
> return true;
> }
> return false;
> }
>
> A blacklist will be the opposite of the whitelist:
>
> if( in_array( $name, $wgBlacklistRead ) ) return false;
>
> Or a namespace blacklist might look like:
>
> if( in_array( $this->getNamespace(), $wgBlacklistNs ) ) {
> return false;
> }
>
> However be careful; MediaWiki is designed for open access, and there
> may be numerous ways around the poorly tested, little-used access
> control features. I would not recommend relying on them for any
> purpose; if you have information you wish to keep private, the best
> way is to keep it completely separate from a public wiki database and
> use HTTP authentication to control access at the highest level.
>
> -- brion vibber (brion @ pobox.com)

Thanks a ton, Brion. This is pretty much what I was looking for, and
I'll hack something together... maybe even get it merged into future
versions.

Thankfully, what I need to keep separate is not top-secret stuff, and
it wouldn't be all that terrible if people stumbled upon it.

Best,
~Tor

Mailing List Archive

Mailing List Archive

Attached Files: