/** Function: recentChangesLine( &$rc, $watched )
* Override the regular line to remove a change that should not be visible
* &$rc --> (editable) Recent change line
* $watched --> Whether this is being watched (unused)
* Returns: Either nothing (to remove it from list) or the regular line,
* passing through
*/
public function recentChangesLine(&$rc, $watched = false)
{
// Get current user
global $wgUser;
// Get title of article with change
$title = $rc->mAttribs['rc_title'];
// Get namespace of article with change
$namespace = $rc->mAttribs['rc_namespace'];
$fullTitle = efIACMakeTitle($title, $namespace);
// Return the change only if the user would have read access
$result = true;
if (efIACAccessControlUserCanHook($fullTitle, $wgUser, 'read', $result)) {
return parent::recentChangesLine($rc, $watched);
}
unset($rc);
return null;
}
/** Function: efIACGetArticleContent( $title[, $namespace] ) {
* Get article content from the wiki
* $title --> Name of article to get
* Returns: Contents of the article, or false if no article exists
*/
function efIACGetArticleContent($title)
{
// Make a title object
$title = efIACMakeTitle($title);
// Get the article ID to make sure it exists
$articleID = $title->getArticleId();
// Return false if there is no article
if (!$articleID) {
efIACDebugLog("(efIACGetArticleContent) article '" . $title->getText() . "' does not exist");
return false;
}
// Query the database for this article
$article = new Article($title, 0);
// Get the content
$content = $article->getContent();
unset($title);
return $content;
}
/** Function: efIACAccessControlUserCanHook( $title, $wgUser, $action,
* &$result )
* Hook: userCan
* Check the current user's rights to perform an action on a page
* $title --> Title object for article being accessed
* $wgUser --> Current user
* $action --> Action being attempted
* &$result --> Result to return (modifiable).
* Returns: Whether this user has access to the page for this action
* NOTE: Return value determines whether later functions should be run to
* check access
* $result determines whether this function thinks the user should
* have access
* This extension always returns the same value as $result
*/
function efIACAccessControlUserCanHook($title, $wgUser, $action, &$result)
{
// Option for whether to pass through if sysop
global $egAdminCanReadAll;
// Make sure we're dealing with a Title object
$title = efIACMakeTitle($title);
efIACDebugLog("(efIACAccessControlUserCanHook) checking access for " . $wgUser->getName() . " on '" . $title->getText() . "'");
// Check if the user is a sysop
$userIsSysop = efIACUserIsSysop($wgUser);
// Pass through if user is a sysop and the option is set
if ($egAdminCanReadAll && $userIsSysop) {
efIACDebugLog("(efIACAccessControlUserCanHook) sysop access");
return efIACReturnResult(true, $result);
}
// Fail if article requires sysop and user is not one
if (efIACArticleRequiresAdmin($title) && !$userIsSysop) {
efIACDebugLog("(efIACAccessControlUserCanHook) sysop required");
return efIACReturnResult(false, $result);
}
// Get the content of the article
$content = efIACGetArticleContent($title);
// Get the access control list from that content
$accessList = efIACGetAccessList($content);
// Get the result of whether the user can access
$localResult = efIACUserCanAccess($wgUser, $accessList, $action);
unset($accessList);
unset($content);
unset($title);
return efIACReturnResult($localResult, $result);
}
