Location: PHPKode > projects > GroupWiki > groupwiki_base/extensions/GroupWikiExt.php
<?php
/*
 * GroupWiki Extension file
 *
 */

$wgHooks['userCan'][] = 'userCanExt';

/**
 * userCan hook is called when a page is loaded to check page restrictions
 * and forcefully overrides $user->isAllowed()
 *
 * @param $titleobj Oject: title object
 * @param $wgUser Oject: user object
 * @param $action String: action
 * @param $result bool: set and returned
 * @return bool
 */
function userCanExt(&$titleObj, &$wgUser, $action, &$result) {
  global $wgTitle;

  $wgTitle->mArticleID = getPageID($titleObj);
  if (empty($action))
    return $result = false;

// check if the page request is globally allowed
  if (inWhitelist(&$titleObj, $action))
    return $result = true;

  $restr = $titleObj->getRestrictions($action);

  // retrieving user's name and groups
  if (!$wgUser->mDataLoaded)
    $wgUser->loadFromDatabase();

  $userName = $wgUser->mName;
  $userGroups = $wgUser->mGroups;

  // $users and $groups are the ones specified in page restrictions
  $users_allowed = array();
  $groups_allowed = array();
  $users_denied = array();
  $groups_denied = array();
  sortEntries($restr,&$users_allowed,&$groups_allowed,&$users_denied,&$groups_denied);
  //sortEntries($restr,"deny",&$users_denied,&$groups_denied);

    
  // check if user exisits in page restrictions
  if (in_array($userName, $users_denied))
  	return $result = false;
  else if (in_array($userName, $users_allowed))
    return $result = true;

  // check if any of the groups this user is in is in page restrictions
  if (is_array($userGroups)) {
    foreach($userGroups as $group) {
      if (in_array($group, $groups_denied))
      	return $result = false;
      else if (in_array($group, $groups_allowed))
        return $result = true;
      //else
      	//default permissions apply
    }
  }

  // check global group permissions (if none of the above apply)
  if (inGroupPermissions($userGroups, $action))
    return $result = true;
  
 // if (in_array('sysop', $userGroups) && $action != 'userrights')
 //   return $result = true;

  return $result = false;
}

/**
 * taking entries from page restrictions and putting each one
 * into $users or $groups.
 * NOTE: entries in $users and $groups no longer have 'u_' or 'g_' appended.
 *
 * @param $restr Array: from $title->getRestrictions()
 * @param $users Array
 * @param $groups Array
 */
function sortEntries($restr,&$users_allowed,&$groups_allowed,&$users_denied,&$groups_denied) {
	$offset = 0;
  	foreach($restr as $entry) {
	  	$pos = strpos($entry,'!');
		if (($pos !== false) && ($pos == 0)) //it's a deny entry'
			$offset = 1;
	
	    $nibble = substr($entry, 0+$offset, 2);
	    $chunk = substr($entry,2+$offset);
	    
	    if (!empty($chunk))
	      if ($nibble == 'u_')
	      	if ($offset == 0)
	        	$users_allowed[] = $chunk;
	        else
	        	$users_denied[] = $chunk;
	      elseif ($nibble == 'g_')
	      	if ($offset == 0)
	      		$groups_allowed[] = $chunk;
	      	else
	        	$groups_denied[] = $chunk;
	    else
	      echo "$entry page restrictions not in proper format";
	}
}

/**
 * This function is called with the modified $SpecialPage->userCanExecute()
 *
 * @return bool
 */
function userCanExecuteExt() {
  global $wgTitle;
  return $wgTitle->userCan('execute');
}

/**
 * Get the page_id
 *
 * @param $title Object: title object
 * @return int
 */
function getPageID( $title ) {
  $dbr =& wfGetDB( DB_MASTER );
  $id = $dbr->selectRow( 'page', array('page_id'), array('page_title'=>$title->getDBkey()));
  if (!empty($id))
    return $id->page_id;
  else
    return 0;
}

/**
 * Check for groups and pages in whitelists
 *
 * @param object $titleObj
 * @param String $action
 *
 * @return bool
 */
function inWhitelist(&$titleObj, $action) {
  global $wgUser, $wgWhitelistRead, $wgWhitelistExecute, $wgWhitelistEdit;

  if ($action == 'read' && in_array($titleObj->getFullText(), $wgWhitelistRead))
    return true;
  if ($action == 'execute' && in_array($titleObj->getFullText(), $wgWhitelistExecute))
    return true;
  if ($action == 'edit' && in_array($titleObj->getFullText(), $wgWhitelistEdit))
    return true;
  return false;
}

/**
 * Checks global and default group permissions.
 *
 * @param array $groups
 * @param String $action
 *
 * @return bool
 */
function inGroupPermissions($groups, $action='') {
  global $wgGroupsAllowedCreateaccount, $wgGroupsAllowedCreatepage,
         $wgGroupsAllowedCreatetalk, $wgUser, $wgAnonPermissions,
         $wgLoggedInPermissions, $wgSysopPermissions;
  //
  if ($wgUser->isLoggedIn()) {
    //if (!empty($groups)) {
      //check mediawiki groups
      if (in_array($action, $wgLoggedInPermissions)) {
        return true;
      }
      if (in_array('sysop', $groups))
        if (in_array($action, $wgSysopPermissions))
          return true;
      //check custom groups
      if ($action == 'createaccount') {
        if (in_array('*',$wgGroupsAllowedCreateaccount))
          return true;
        foreach ($wgUser->mGroups as $group)
          if (in_array($group, $wgGroupsAllowedCreateaccount))
            return true;
      }
      if ($action == 'createpage') {
        if (in_array('*',$wgGroupsAllowedCreatepage))
          return true;
        foreach ($wgUser->mGroups as $group)
          if (in_array($group, $wgGroupsAllowedCreatepage))
            return true;
      }
      if ($action == 'createtalk') {
        if (in_array('*',$wgGroupsAllowedCreatetalk))
          return true;
        foreach ($wgUser->mGroups as $group)
          if (in_array($group, $wgGroupsAllowedCreatetalk))
            return true;
      }

   // }
  } else {
    //check $wgAnonPermissions
    switch ($action) {
      case 'createaccount':
        if (in_array('*',$wgGroupsAllowedCreateaccount))
          return true;
          break;
      case 'createpage':
        if (in_array('*',$wgGroupsAllowedCreatepage))
          return true;
          break;
      case 'createtalk':
        if (in_array('*',$wgGroupsAllowedCreatetalk))
          return true;
          break;
      default:
        break; //do nothing
    }
    if (in_array($action, $wgAnonPermissions)) {
      return true;
    }
  }
  return false;
}

/**
 * Getting all distinct entries directly from DB
 *
 * @param $selectType String
 *
 * @return array
 */
function getAllEntriesExt($selectType) {
  global $wgDBprefix;
  $dbr =& wfGetDB(DB_MASTER);
  if ($selectType == 'users') {
    $dbObj = $dbr->doQuery("SELECT DISTINCT user_name FROM ".$wgDBprefix."user");
  }
  elseif ($selectType == 'groups') {
    $dbObj = $dbr->doQuery("SELECT DISTINCT ug_group FROM ".$wgDBprefix."user_groups");
  }
  $entries = array();

  while (!empty($dbObj) && $getEntries = mysql_fetch_row($dbObj)) {
    array_push($entries, $getEntries[0]);
  }
  return $entries;
}

/**
 * Parses permissions from the page
 *
 * @param unknown_type $titleObj
 * @param unknown_type $type
 * @param unknown_type $action
 * @return unknown
 */
function getPermissionsExt(&$titleObj,$type,$action) {
	global $wgTitle;
	$wgTitle->mArticleID = getPageID($titleObj);
  	if (empty($action))
    	return $result = false;

  	$restr = $titleObj->getRestrictions($action);
  	
  	$allows = array();
  	$denies = array();
  	foreach ($restr as $obj) {
  		$pos = strpos($obj,"!");
  		if ( $pos === false) {
  			array_push($allows,$obj);
  		}
  		else if ($pos == 0) {
  			array_push($denies,substr($obj,1));
  		}
  	}
  	if ($type === "allow")
  		return implode(",",$allows);
  	if ($type === "deny")
  		return implode(",",$denies);
  		
  	return "";
}

/**
 * Build the selectbox options of all users/groups
 *
 * @return unknown
 */
function buildOptionsAllAclObjects() {
	$out = "";
	
	$groups = getAllEntriesExt('groups');
	foreach ($groups as $group) {
		$out .= wfElement( 'option', array( 'value' => "g_".$group, 'text' => "(G) ".$group ), "(G) ".$group );
	}
	
	$users = getAllEntriesExt('users');
	foreach ($users as $user) {
		$out .= wfElement( 'option', array( 'value' => "u_".$user, 'text' => "(U) ".$user ), "(U) ".$user );
	}
	return $out;
}

/**
 * Builds the selectbox options of protected users for the current page
 *
 * @param unknown_type $titleObj
 * @return unknown
 */
function buildOptionsAclObjects(&$titleObj) {
	global $wgRestrictionTypes;
	$out = "";
	$aclobjs = array();
	foreach( $wgRestrictionTypes as $action ) {
		$restr = $titleObj->getRestrictions($action);
		foreach ($restr as $obj) {
			if ($obj == "")
				continue;
			$pos = strpos($obj,'!');
			if (($pos !== false) && ($pos == 0))
				$obj = substr($obj,1);
			if (!in_array($obj,$aclobjs)) {
				array_push($aclobjs,$obj);
			}
		}
	}
	$pattern[0] = '/u_/';
	$pattern[1] = '/g_/';
	$repl[0] = '(U) ';
	$repl[1] = '(G) ' ;
	foreach ($aclobjs as $obj) {
		$text = preg_replace($pattern,$repl,$obj);
		$out .= wfElement( 'option', array( 'value' => $obj, 'text' => $text ), $text );
	}
	return $out;
}

?>
Return current item: GroupWiki