Skip to content

hermannschwaerzlerUIBK/IntraACL

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

340 Commits
includes
includes
 
 
languages
languages
 
 
maintenance
maintenance
 
 
patches
patches
 
 
scripts
scripts
 
 
skins
skins
 
 
storage
storage
 
 
templates
templates
 
 
tests
tests
 
 
COPYING
COPYING
 
 
README.mediawiki
README.mediawiki
 
 

Repository files navigation

Table of Contents

IntraACL extension for MediaWiki

IntraACL extension for MediaWiki is the page rights extension loosely based on HaloACL, correcting its endless bugs and inconveniences.

  • Homepage and help: http://wiki.4intra.net/IntraACL
  • License: GNU GPLv3
  • Copyright (c) 2010+, Vitaliy Filippov, Stas Fomin
  • Loosely based on HaloACL (c) 2009, ontoprise GmbH
  • This is IntraACL backed by the new storage code.
  • Version number is 2.1.7.

REQUIREMENTS

  • MediaWiki >= 1.19
  • PHP >= 5.3
  • MySQL/MariaDB >= 5.1

INSTALLATION

  • Add the following lines into your LocalSettings.php:
  require_once('extensions/IntraACL/includes/HACL_Initialize.php');
  enableIntraACL();

  • You can also add custom configuration options before enableIntraACL() call. For the option list, see extensions/IntraACL/includes/HACL_Initialize.php or http://wiki.4intra.net/IntraACL
  • Apply patches for appropriate version of MediaWiki:
  cd YOUR_WIKI_INSTALLATION_DIR
  patch -p1 < extensions/IntraACL/patches/IntraACL-MediaWiki-<YOUR_VERSION>.diff

  • Run MediaWiki database update tool:
  php maintenance/update.php

The method of IntraACL installation via the super-duper-installer of Halo MediaWiki bundle is now removed as very non-standard.

WARNING

ANY installed extension MAY lead to SECURITY BREACHES.

This is because of MediaWiki by-design openness and extensibility and the need for direct database queries from extension code.

You should check that all your extensions perform access right checks using $title->userCan('read') before displaying $title content.

When showing page listings from the DB, you can use a stored procedure for permission checks using the FilterPageQuery hook to modify your query (for details see FilterPageQuery in includes/Evaluator.php)

SemanticMediaWiki

The original feature of HaloACL (protection of semantic properties via encrypting them) is also removed. IntraACL is thus incompatible with the original SemanticMediaWiki.

You may however try the version from Mediawiki4Intranet: https://github.com/mediawiki4intranet/SemanticMediaWiki - it is slightly outdated (only 1.8), but it contains a patch which enables read permission checks in every place that displays information.

If you have experience in PHP you may also try to rebase that patch for newer SMW versions and send it to us :)

MediaWiki 4 Intranet

You can also use Mediawiki4Intranet bundle. It already includes IntraACL and many other useful extensions which are patched to perform access right checks.

See http://wiki.4intra.net/Mediawiki4Intranet

About

IntraACL extension

wiki.4intra.net/IntraACL

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

16 tags

Packages

No packages published

Languages

  • PHP 84.8%
  • JavaScript 12.4%
  • SQLPL 2.4%
  • CSS 0.4%