Talk:Preventing access

How come, when I add the "$wgWhitelistRead =" as instructed, an anonymous use can still view the contents of pages beyond main/login/help? I copied/pasted the line from this page to avoid the possibility of a typo. - Gregg S.

wgWhitelistRead seems to have no effect in 1.4beta1. From what I can tell, this is due to the default settings of the groupRights hash located in includes/User.php, in the isAllowed function, line 625. Changing line from

 'read'          => '*',

to

 'read'          => 'user',

seems to fix the problem. Joel Franusic 209.129.63.92 22:29, 8 Dec 2004 (UTC)

I'm looking at the FAQ and see the following entry

Question: I want to be tyrannical (just registered users can edit) on the page itself, but still allow general access to Discuss this page/Post a comment. Can this be done? Answer: No. This feature was requested for http://wikimediafoundation.org, but has not yet been implemented.

However, it appears that this feature has infact been implemented for wikimediafoundation. Is this feature in the 1.3.9 code base? If so, how does one activate this feature?

Thanks! Damien Heiser

It appears that this feature has not (yet, I hope) been implemented on the Foundation wiki. Brianjd 10:38, 2005 Jan 24 (UTC)

I though for a second that Brian was wrong, and even emailed the Foundation to ask them for the code, but if you click on the "discuss" tab you do not see a discussion but rather a link to a general feedback page. Alas.

It seems that someone has posted a bug AND a patch to achieve this see this bug. I managed to apply the patch (or at least half of it) but i am no good with preg_match. I used

$wgWhitelistEdit = array ('/Talk:*/'); but it did no work. Talk: pages are still off limits.

Has anyone got the $wgWhitelistAccount, $wgWhitelistEdit and $wgWhitelistRead settings working as instructed? I've edited the LocalSettings.php file to no effect. I'm using version 1.3.11

-- Andy 23 Feb 05

1. Can I set Main to be sysop-only, leaving Talk (and User space) to be open?

Basically I would want Main to act like MediaWiki: space does now, where the entire namespace is protected by default.

2. Can I set uploads such that it is sysop-only, or will I need a custom Special:Upload?

KeithTyler 19:48, 4 Mar 2005 (UTC)

Question-request help :

i would like to allow only few user to login and edit the pages and i want to allocate their user names and passwords, is it possible?, if possible could  any  provide the procedure? many thanks in advance

Srikanth

When adding the following line in the LocalSettings.php:

Specify who may create new accounts: 0 means no, 1 means yes
$wgWhitelistAccount = array ( 'user' => 0, 'sysop' => 1, 'developer' => 1 );

the "create an account or log in" page still has sentences regarding the creation of an account. Can those be changed/eliminated to reflect the fact that that page only allows for log in? If yes, how?

Thank you.

I notice that wgWhitelistRead can actually be an array containing a list of exceptions to the read access block. But despite having a similar name, wgWhitelistEdit cannot be used that way.

Question: I want to be tyrannical (just registered users can edit) on the page itself, but still allow general access to Discuss this page/Post a comment. Can this be done?

The above *could* be done, if:

1. wgWhitelistEdit worked like wgWhitelistRead
2. they accepted wildcards/REs

Neither seems terribly involved, though the latter might have a minor performance hit when used.

Then you could do:

$wgWhitelistEdit = array ("Talk:.*");

- KeithTyler 20:43, 24 Mar 2005 (UTC)

I guess this can not be done? This seems to be essential to allow MediaWiki to be used as a blog or any other personal website. Seems to be a massive hole in the WikiMedia functionality. Any ideas on how this can be done?

And while we are about it, any ideas on how to exchange ideas? because I am not going to know if you (Keith, or anyone else) respond! (I will make a link to this page on my wiki and check back. But how do MediaWiki-ers exchange ideas normally? Forums? Notifications??! User:Tim

Generally by making a point of checking back and reviewing their watchlist. Wiki is not the best option for a full featured forum. I personally wish someone would make a good Wiki of MW quality with an integrated and full-featured forum, but this has apparently not occured to anyone. - 67.51.210.122 22:22, 4 May 2005 (UTC)Reply

The best way to do this would be with Postnuke integration! This is a feature that I would GREATLY like to see. It would allow integration with a forum (through pnPhpBB2 etc.) and several other nice features, and the user access rights can be set on a page by page basis, so if the user rights from postnuke were integrated, you could say that every page with Private* are restricted to members of group X etc, and postnuke can handle setting up the groups up for you. Having coded some postnuke modules, this sort of user controll is VERY easy, just a simple "if current user has rights to do X" check, the rest of the "why" they have the rights is handled for you by postnuke.

I was thinking that something similar the other way round could work... make all users that you want to allow to edit "main" pages into sysops, and protect all pages from edits... also edit the messages referring to protected pages to make it sound less unusual. Would that be feasable? 213.232.66.5 00:37, 11 May 2005 (UTC)Reply

Ok... I figured out a way to do it if you don't mind editing index.php. Add the following lines to index.php just after it sets $title:

 if ( strpos( strtolower($title), "talk:" ) + 4 == strpos( $title, ":" ) ) {
   $wgWhitelistEdit = false;
 }

This will match any Talk: or Xyz_talk: etc. page, but not TalkTalk or Namespace:Talk etc. Hope this helps -- 213.232.66.5 01:39, 11 May 2005 (UTC)Reply

If you're running a non-English MediaWiki, you have to substitute "talk:" with the localized term, e.g. "Diskussion:" in German. --MaPhi 08:26, 2005 May 12 (UTC)

I read around a bit on access restrictions, and decided I wanted to be able to choose between a blacklist and a whitelist. Since the current system didn't allow that, I scrapped the $wgWhitelistRead and $wgWhitelistEdit variables and made my own.

$wgBlockAnonRead = false;   # true = users must login to read.
$wgBlockAnonReadEx = array( 'User Clubhouse');   # Pages exempted from the read policy.
$wgBlockAnonEdit = true;   # true = users must login to edit.
$wgBlockAnonEditEx = array( 'Talk:*', 'User talk:*');   # Pages exempted from the edit policy.

It also required some modifications to Title.php, User.php, EditPage.php and Parser.php to replace the old variables. The example given here would let anonymous users read all pages except User_Clubhouse in the main namespace, and edit all pages in the Talk: and User_talk: namespaces, but nowhere else. I chose to keep it simple, so the wildcard feature only works for "Namespacename:*" to (dis)allow an entire namespace. It didn't take much time, and it works great for my wiki. Dashiva 22:25, 18 May 2005 (UTC)Reply

In case anybody has ideas, I would like to implement two sets of access restrictions:

1. people on a specific set of IP addresses (the "inside") can edit, and view anonymously
2. people on other addresses (the "outside") must log in to view and edit the wiki. -- Kowey 17:29, 1 Apr 2005 (UTC)

Question: I would like to allow certain individuals that are logged in to visit all pages except those that would be set in a restricted area. Another group of logged in users would be able to only see their restricted area of pages (like managers in a company). Does this kind of user/group administration exist yet? If not, is there some other way to implement it other than having to install a separate copy of MediaWiki in a different server directory and a create a separate database? Tim Ingalls 4 Apr 2005

There are two hacks in development for that. See Hidden pages and Page access restriction with MediaWiki for details. I don't know if either will ever be merged into MediaWiki. --MaPhi 10:33, 2005 May 4 (UTC)