disableCache(); $wgParser->setHook( $userPermissionsTagName['readUser'], "tagReadUser" ); $wgParser->setHook( $userPermissionsTagName['readGroup'], "tagReadGroup" ); $wgParser->setHook( $userPermissionsTagName['editUser'], "tagEditUser" ); $wgParser->setHook( $userPermissionsTagName['editGroup'], "tagEditGroup" ); } // CALLBACK functions function tagReadUser($input) { $output = ""; return $output; } function tagReadGroup($input) { $output = ""; return $output; } function tagEditUser($input) { $output = ""; return $output; } function tagEditGroup($input) { $output = ""; return $output; } // main part: check, whether user or group is allowed to view/edit article function setPermissionsFromTags($title, $user, $action, $result) { global $userPermissionsTagName, $userPermissionsAllowedUsers, $userPermissionsAllowedGroups, $userPermissionsAllowedPages, $userPermissionsAllowedPagesAnon; // to speed up processing, only check permissions if "read" or "edit" is asked if (($action == "read") || ($action == "edit")) { // initialize permission $userIsAllowed = false; // check if user is always allowed to read/edit if (!$userIsAllowed) { $userIsAllowed = in_array($user->getName(), $userPermissionsAllowedUsers); } // check if one of the user's groups is always allowed to read/edit if (!$userIsAllowed) { foreach ($user->getGroups() as $group) { if (in_array($group, $userPermissionsAllowedGroups)) { $userIsAllowed = true; } } } // check whether user is allowed to read the page if (!$userIsAllowed && ($action == "read")) { // check whether current page is allowed for everyone $userIsAllowed = in_array($title->getPrefixedText(), $userPermissionsAllowedPagesAnon) || (in_array($title->getPrefixedText(), $userPermissionsAllowedPages) && !$user->isAnon()); } if (!$userIsAllowed) { // read article contents $art = MediaWiki::articleFromTitle($title); $content = $art->getContent(); // search for tags in the article if ($action == "read") { $search_users = "/<(" . $userPermissionsTagName['readUser'] . "|" . $userPermissionsTagName['editUser'] . ")>([a-zA-Z]*)<\/(" . $userPermissionsTagName['readUser'] . "|" . $userPermissionsTagName['editUser'] . ")>/s"; $search_groups = "/<(" . $userPermissionsTagName['readGroup'] . "|" . $userPermissionsTagName['editGroup'] . ")>([a-zA-Z]*)<\/(" . $userPermissionsTagName['readGroup'] . "|" . $userPermissionsTagName['editGroup'] . ")>/s"; } elseif ($action == "edit") { $search_users = "/<(" . $userPermissionsTagName['editUser'] . ")>([a-zA-Z]*)<\/(" . $userPermissionsTagName['editUser'] . ")>/s"; $search_groups = "/<(" . $userPermissionsTagName['editGroup'] . ")>([a-zA-Z]*)<\/(" . $userPermissionsTagName['editGroup'] . ")>/s"; } $matches_users = preg_match_all($search_users, $content, $found_users); $matches_groups = preg_match_all($search_groups, $content, $found_groups); // if users were found if ($matches_users != 0) { // create array containing only the usernames $users = array(); for ($i = 0; $i < $matches_users; $i++) { $users[] = $found_users[2][$i]; } // search current user in array $userIsAllowed = in_array($user->getName(), $users); } // if current user wasn't found but groups were found if (!$userIsAllowed && ($matches_groups != 0)) { $groups = array(); for ($i = 0; $i < $matches_groups; $i++) { $groups[] = $found_groups[2][$i]; } foreach ($user->getGroups() as $group) { if (in_array($group, $groups)) { $userIsAllowed = true; } } } } $result = $userIsAllowed; } // read / edit // all actions other than read/edit are allowed else { $result = true; } } // register hook-function $wgHooks['userCan'][] = 'setPermissionsFromTags'; // add SpecialPage "UserPermissions" ------------------------------------------- require_once("includes/SpecialPage.php"); $wgExtensionFunctions[] = "wfAddUserPermissionsSepcialPage"; function wfAddUserPermissionsSepcialPage() { global $userPermissionsSpecialpageName; SpecialPage::addPage( new SpecialPage("UserPermissions") ); global $wgMessageCache; $wgMessageCache->addMessages( array("userpermissions" => $userPermissionsSpecialpageName) ); } ?>