r33832 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r33831‎ \| r33832 \| r33833 >
Date:	12:54, 24 April 2008
Author:	werdna
Status:	old
Tags:
Comment:	Fix unclosed <ul>
Modified paths:	/trunk/extensions/CentralAuth/CentralAuth.i18n.php (modified) (history) /trunk/extensions/CentralAuth/CentralAuth.php (modified) (history) /trunk/extensions/CentralAuth/CentralAuthGroupMembershipProxy.php (added) (history) /trunk/extensions/CentralAuth/CentralAuthHooks.php (modified) (history) /trunk/extensions/CentralAuth/CentralAuthUser.php (modified) (history) /trunk/extensions/CentralAuth/SpecialGlobalGroupMembership.php (added) (history) /trunk/extensions/CentralAuth/SpecialGlobalGroupPermissions.php (added) (history) /trunk/extensions/CentralAuth/central-auth.sql (modified) (history) /trunk/extensions/CentralAuth/db_patches/patch-globalgroups.sql (added) (history)

Diff [purge]

Index: trunk/extensions/CentralAuth/SpecialGlobalGroupMembership.php
—	—	@@ -0,0 +1,69 @@
	2	+<?php
	3	+
	4	+/**
	5	+ *
	6	+ * Equivalent of Special:Userrights for global groups.
	7	+ * @addtogroup extensions
	8	+ */
	9	+
	10	+class SpecialGlobalGroupMembership extends UserrightsPage {
	11	+ var $mGlobalUser;
	12	+ function SpecialGlobalGroupMembership() {
	13	+ SpecialPage::SpecialPage( 'GlobalGroupMembership' );
	14	+
	15	+ global $wgUser;
	16	+ $this->mGlobalUser = CentralAuthUser::getInstance( $wgUser );
	17	+ }
	18	+
	19	+ function changeableGroups() {
	20	+ global $wgUser;
	21	+
	22	+ ## Should be a global user
	23	+ if (!$this->mGlobalUser->exists() \|\| !$this->mGlobalUser->isAttached()) {
	24	+ return array();
	25	+ }
	26	+
	27	+ $allgroups = CentralAuthUser::availableGlobalGroups();
	28	+
	29	+ ## Permission MUST be gained from global rights.
	30	+ return $this->mGlobalUser->hasGlobalPermission( 'globalgroupmembership' ) ? array( 'add' => $allgroups, 'remove' => $allgroups): array();
	31	+ }
	32	+
	33	+ function fetchUser( $username ) {
	34	+ global $wgOut, $wgUser;
	35	+
	36	+ $user = CentralAuthGroupMembershipProxy::newFromName( $username );
	37	+
	38	+ if( !$user ) {
	39	+ $wgOut->addWikiMsg( 'nosuchusershort', $username );
	40	+ return null;
	41	+ }
	42	+
	43	+ return $user;
	44	+ }
	45	+
	46	+ protected static function getAllGroups() {
	47	+ return CentralAuthUser::availableGlobalGroups();
	48	+ }
	49	+
	50	+ protected function showLogFragment( $user, $output ) {
	51	+ $pagetitle = Title::makeTitleSafe( NS_USER, $user->getName());
	52	+ $output->addHtml( Xml::element( 'h2', null, LogPage::logName( 'gblrights' ) . "\n" ) );
	53	+ LogEventsList::showLogExtract( $output, 'globalrights', $pagetitle->getPrefixedText );
	54	+ }
	55	+
	56	+ function addLogEntry( $user, $oldGroups, $newGroups ) {
	57	+ global $wgRequest;
	58	+
	59	+ $log = new LogPage( 'gblrights' );
	60	+
	61	+ $log->addEntry( 'usergroups',
	62	+ $user->getUserPage(),
	63	+ $wgRequest->getText( 'user-reason' ),
	64	+ array(
	65	+ $this->makeGroupNameList( $oldGroups ),
	66	+ $this->makeGroupNameList( $newGroups )
	67	+ )
	68	+ );
	69	+ }
	70	+}
\ No newline at end of file
Property changes on: trunk/extensions/CentralAuth/SpecialGlobalGroupMembership.php
___________________________________________________________________
Added: svn:eol-style
1	71	+ native
Index: trunk/extensions/CentralAuth/central-auth.sql
—	—	@@ -113,3 +113,24 @@
114	114	primary key (lu_dbname, lu_name),
115	115	key (lu_name, lu_dbname)
116	116	) /$wgDBTableOptions/;
	117	+
	118	+
	119	+-- Global user groups.
	120	+CREATE TABLE global_user_groups (
	121	+ gug_user int(11) not null,
	122	+ gug_group varchar(255) not null,
	123	+
	124	+ PRIMARY KEY (gug_user,gug_group),
	125	+ KEY (gug_user),
	126	+ key (gug_group)
	127	+) /$wgDBTableOptions/;
	128	+
	129	+-- Global group permissions.
	130	+CREATE TABLE global_group_permissions (
	131	+ ggp_group varchar(255) not null,
	132	+ ggp_permission varchar(255) not null,
	133	+
	134	+ PRIMARY KEY (ggp_group, ggp_permission),
	135	+ KEY (ggp_group),
	136	+ KEY (ggp_permission)
	137	+) /$wgDBTableOptions/;
\ No newline at end of file
Index: trunk/extensions/CentralAuth/CentralAuthGroupMembershipProxy.php
—	—	@@ -0,0 +1,63 @@
	2	+<?php
	3	+
	4	+
	5	+/**
	6	+ * Cut-down copy of User interface for local-interwiki-database
	7	+ * user rights manipulation.
	8	+ */
	9	+class CentralAuthGroupMembershipProxy {
	10	+ private function __construct( $user ) {
	11	+ $this->name = $user->getName();
	12	+ $this->mGlobalUser = $user;
	13	+ }
	14	+
	15	+ public static function whoIs( $database, $id ) {
	16	+ $user = self::newFromId( $database, $id );
	17	+ if( $user ) {
	18	+ return $user->name;
	19	+ } else {
	20	+ return false;
	21	+ }
	22	+ }
	23	+
	24	+ public static function newFromName( $name ) {
	25	+ $globalUser = new CentralAuthUser( $name );
	26	+ return $globalUser->exists() ? new CentralAuthGroupMembershipProxy( $globalUser ) : null;
	27	+ }
	28	+
	29	+ public function getId() {
	30	+ return $this->mGlobalUser->getId();
	31	+ }
	32	+
	33	+ public function isAnon() {
	34	+ return $this->getId() == 0;
	35	+ }
	36	+
	37	+ public function getName() {
	38	+ return $this->name;
	39	+ }
	40	+
	41	+ public function getUserPage() {
	42	+ return Title::makeTitle( NS_USER, $this->getName() );
	43	+ }
	44	+
	45	+ // Replaces getUserGroups()
	46	+ function getGroups() {
	47	+ return $this->mGlobalUser->getGlobalGroups();
	48	+ }
	49	+
	50	+ // replaces addUserGroup
	51	+ function addGroup( $group ) {
	52	+ $this->mGlobalUser->addToGlobalGroups( $group );
	53	+ }
	54	+
	55	+ // replaces removeUserGroup
	56	+ function removeGroup( $group ) {
	57	+ $this->mGlobalUser->removeFromGlobalGroups( $group );
	58	+ }
	59	+
	60	+ // replaces touchUser
	61	+ function invalidateCache() {
	62	+ # What should I do here?
	63	+ }
	64	+}
Property changes on: trunk/extensions/CentralAuth/CentralAuthGroupMembershipProxy.php
___________________________________________________________________
Added: svn:eol-style
1	65	+ native
Index: trunk/extensions/CentralAuth/db_patches/patch-globalgroups.sql
—	—	@@ -0,0 +1,22 @@
	2	+-- This patch allows storing global groups in the database.
	3	+-- Andrew Garrett (Werdna), April 2008.
	4	+
	5	+-- Global user groups.
	6	+CREATE TABLE global_user_groups (
	7	+ gug_user int(11) not null,
	8	+ gug_group varchar(255) not null,
	9	+
	10	+ PRIMARY KEY (gug_user,gug_group),
	11	+ KEY (gug_user),
	12	+ key (gug_group)
	13	+) /$wgDBTableOptions/;
	14	+
	15	+-- Global group permissions.
	16	+CREATE TABLE global_group_permissions (
	17	+ ggp_group varchar(255) not null,
	18	+ ggp_permission varchar(255) not null,
	19	+
	20	+ PRIMARY KEY (ggp_group, ggp_permission),
	21	+ KEY (ggp_group),
	22	+ KEY (ggp_permission)
	23	+) /$wgDBTableOptions/;
\ No newline at end of file
Property changes on: trunk/extensions/CentralAuth/db_patches/patch-globalgroups.sql
___________________________________________________________________
Added: svn:eol-style
1	24	+ native
Index: trunk/extensions/CentralAuth/CentralAuthUser.php
—	—	@@ -135,6 +135,13 @@
136	136	$this->loadState();
137	137	return $this->mGlobalId;
138	138	}
	139	+
	140	+ /**
	141	+ * Return the global account's name, whether it exists or not.
	142	+ */
	143	+ public function getName() {
	144	+ return $this->mName;
	145	+ }
139	146
140	147	/**
141	148	* @return bool True if the account is attached on the local wiki
—	—	@@ -1352,4 +1359,105 @@
1353	1360	__METHOD__
1354	1361	);
1355	1362	}
	1363	+
	1364	+ function getGlobalGroups() {
	1365	+ $dbr = self::getCentralSlaveDB();
	1366	+
	1367	+ $res = $dbr->select( 'global_user_groups', 'gug_group', array( 'gug_user' => $this->getId() ), __METHOD__ );
	1368	+
	1369	+ $groups = array();
	1370	+
	1371	+ while ($row = $dbr->fetchObject( $res ))
	1372	+ {
	1373	+ $groups[] = $row->gug_group;
	1374	+ }
	1375	+
	1376	+ return $groups;
	1377	+ }
	1378	+
	1379	+ function getGlobalRights() {
	1380	+ # Select rights the user has.
	1381	+ $dbr = self::getCentralSlaveDB();
	1382	+
	1383	+ $res = $dbr->select( array( 'global_group_permissions', 'global_user_groups' ),
	1384	+ array( 'ggp_permission' ), array( 'ggp_group=gug_group', 'gug_user' => $this->getId() ), __METHOD__ );
	1385	+
	1386	+ $rights = array();
	1387	+
	1388	+ while ($row = $dbr->fetchObject( $res ) ) {
	1389	+ $rights[] = $row->ggp_permission;
	1390	+ }
	1391	+
	1392	+ return $rights;
	1393	+ }
	1394	+
	1395	+ function removeFromGlobalGroups( $groups ) {
	1396	+ $dbw = self::getCentralDB();
	1397	+
	1398	+ # Delete from the DB
	1399	+ $dbw->delete( 'global_user_groups', array( 'gug_user' => $this->getId(), 'gug_group' => $groups ), __METHOD__ );
	1400	+ }
	1401	+
	1402	+ function addToGlobalGroups( $groups ) {
	1403	+ $dbw = self::getCentralDB();
	1404	+
	1405	+ if (!is_array($groups)) {
	1406	+ $groups = array($groups);
	1407	+ }
	1408	+
	1409	+ $insert_rows = array();
	1410	+ foreach( $groups as $group ) {
	1411	+ $insert_rows[] = array( 'gug_user' => $this->getId(), 'gug_group' => $group );
	1412	+ }
	1413	+
	1414	+ # Replace into the DB
	1415	+ $dbw->replace( 'global_user_groups', array( 'gug_user', 'gug_group' ), $insert_rows, __METHOD__ );
	1416	+ }
	1417	+
	1418	+ static function availableGlobalGroups() {
	1419	+ $dbr = self::getCentralSlaveDB();
	1420	+
	1421	+ $res = $dbr->select( 'global_group_permissions', 'distinct ggp_group', array(), __METHOD__ );
	1422	+
	1423	+ $groups = array();
	1424	+
	1425	+ while ($row = $dbr->fetchObject( $res ) )
	1426	+ $groups[] = $row->ggp_group;
	1427	+
	1428	+ return $groups;
	1429	+ }
	1430	+
	1431	+ static function globalGroupPermissions( $group ) {
	1432	+ $dbr = self::getCentralSlaveDB();
	1433	+
	1434	+ $res = $dbr->select( array( 'global_group_permissions' ),
	1435	+ array( 'ggp_permission' ), array( 'ggp_group' => $group), __METHOD__ );
	1436	+
	1437	+ $rights = array();
	1438	+
	1439	+ while ($row = $dbr->fetchObject( $res ) ) {
	1440	+ $rights[] = $row->ggp_permission;
	1441	+ }
	1442	+
	1443	+ return $rights;
	1444	+ }
	1445	+
	1446	+ function hasGlobalPermission( $perm ) {
	1447	+ $perms = $this->getGlobalRights();
	1448	+
	1449	+ return in_array( $perm, $perms );
	1450	+ }
	1451	+
	1452	+ static function getUsedRights() {
	1453	+ $dbr = self::getCentralSlaveDB();
	1454	+
	1455	+ $res = $dbr->select( 'global_group_permissions', 'distinct ggp_permission', array(), __METHOD__ );
	1456	+
	1457	+ $rights = array();
	1458	+
	1459	+ while ($row = $dbr->fetchObject( $res ) )
	1460	+ $rights[] = $row->ggp_permission;
	1461	+
	1462	+ return $rights;
	1463	+ }
1356	1464	}
Index: trunk/extensions/CentralAuth/CentralAuth.php
—	—	@@ -98,6 +98,9 @@
99	99	$wgAutoloadClasses['SpecialAutoLogin'] = "$caBase/SpecialAutoLogin.php";
100	100	$wgAutoloadClasses['CentralAuthUserArray'] = "$caBase/CentralAuthUserArray.php";
101	101	$wgAutoloadClasses['CentralAuthUserArrayFromResult'] = "$caBase/CentralAuthUserArray.php";
	102	+$wgAutoloadClasses['SpecialGlobalGroupMembership'] = "$caBase/SpecialGlobalGroupMembership.php";
	103	+$wgAutoloadClasses['CentralAuthGroupMembershipProxy'] = "$caBase/CentralAuthGroupMembershipProxy.php";
	104	+$wgAutoloadClasses['SpecialGlobalGroupPermissions'] = "$caBase/SpecialGlobalGroupPermissions.php";
102	105
103	106	$wgExtensionMessagesFiles['SpecialCentralAuth'] = "$caBase/CentralAuth.i18n.php";
104	107
—	—	@@ -116,6 +119,8 @@
117	120	$wgHooks['UserSetEmail'][] = 'CentralAuthHooks::onUserSetEmail';
118	121	$wgHooks['UserSaveSettings'][] = 'CentralAuthHooks::onUserSaveSettings';
119	122	$wgHooks['UserSetEmailAuthenticationTimestamp'][] = 'CentralAuthHooks::onUserSetEmailAuthenticationTimestamp';
	123	+$wgHooks['UserGetRights'][] = 'CentralAuthHooks::onUserGetRights';
	124	+$wgHooks['GetAvailableRights'][] = 'CentralAuthHooks::onGetAvailableRights';
120	125
121	126	// For interaction with the Special:Renameuser extension
122	127	$wgHooks['RenameUserAbort'][] = 'CentralAuthHooks::onRenameUserAbort';
—	—	@@ -127,6 +132,8 @@
128	133	$wgSpecialPages['CentralAuth'] = 'SpecialCentralAuth';
129	134	$wgSpecialPages['AutoLogin'] = 'SpecialAutoLogin';
130	135	$wgSpecialPages['MergeAccount'] = 'SpecialMergeAccount';
	136	+$wgSpecialPages['GlobalGroupMembership'] = 'SpecialGlobalGroupMembership';
	137	+$wgSpecialPages['GlobalGroupPermissions'] = 'SpecialGlobalGroupPermissions';
131	138	$wgSpecialPages['GlobalUsers'] = 'SpecialGlobalUsers';
132	139
133	140	$wgLogTypes[] = 'globalauth';
—	—	@@ -136,3 +143,7 @@
137	144	$wgLogActions['globalauth/lock'] = 'centralauth-log-entry-lock';
138	145	$wgLogActions['globalauth/unlock'] = 'centralauth-log-entry-unlock';
139	146
	147	+$wgLogTypes[] = 'gblrights';
	148	+$wgLogNames['gblrights'] = 'centralauth-rightslog-name';
	149	+$wgLogActions['gblrights/usergroups'] = 'centralauth-rightslog-entry-usergroups';
	150	+$wgLogActions['gblrights/groupperms'] = 'centralauth-rightslog-entry-groupperms';
\ No newline at end of file
Index: trunk/extensions/CentralAuth/SpecialGlobalGroupPermissions.php
—	—	@@ -0,0 +1,257 @@
	2	+<?php
	3	+
	4	+#This file is part of MediaWiki.
	5	+
	6	+#MediaWiki is free software: you can redistribute it and/or modify
	7	+#it under the terms of version 2 of the GNU General Public License
	8	+#as published by the Free Software Foundation.
	9	+
	10	+#MediaWiki is distributed in the hope that it will be useful,
	11	+#but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	+#GNU General Public License for more details.
	14	+
	15	+/**
	16	+ * Special page to allow managing global groups
	17	+ * Prototype for a similar system in core.
	18	+ *
	19	+ * @addtogroup Extensions
	20	+ */
	21	+
	22	+if ( !defined( 'MEDIAWIKI' ) ) {
	23	+ echo "CentralAuth extension\n";
	24	+ exit( 1 );
	25	+}
	26	+
	27	+
	28	+class SpecialGlobalGroupPermissions extends SpecialPage
	29	+{
	30	+ function __construct() {
	31	+ SpecialPage::SpecialPage('GlobalGroupPermissions', 'globalgrouppermissions');
	32	+ wfLoadExtensionMessages('SpecialCentralAuth');
	33	+ }
	34	+
	35	+ function userCanExecute($user) {
	36	+ $globalUser = CentralAuthUser::getInstance( $user );
	37	+
	38	+ ## Should be a global user
	39	+ if (!$globalUser->exists() \|\| !$globalUser->isAttached()) {
	40	+ return false;
	41	+ }
	42	+
	43	+ ## Permission MUST be gained from global rights.
	44	+ return $globalUser->hasGlobalPermission( 'globalgrouppermissions' );
	45	+ }
	46	+
	47	+ function execute( $subpage ) {
	48	+ global $wgRequest,$wgOut,$wgUser;
	49	+
	50	+ if (!$this->userCanExecute($wgUser)) {
	51	+ $this->displayRestrictionError();
	52	+ return;
	53	+ }
	54	+
	55	+ $wgOut->setPageTitle( wfMsg( 'globalgrouppermissions' ) );
	56	+ $wgOut->setRobotpolicy( "noindex,nofollow" );
	57	+ $wgOut->setArticleRelated( false );
	58	+ $wgOut->enableClientCache( false );
	59	+
	60	+ if ($subpage == '' ) {
	61	+ $subpage = $wgRequest->getVal( 'wpGroup' );
	62	+ }
	63	+
	64	+ if ($subpage != '' && $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) )) {
	65	+ $this->doSubmit($subpage);
	66	+ } else if ($subpage != '') {
	67	+ $this->buildGroupView($subpage);
	68	+ } else {
	69	+ $this->buildMainView();
	70	+ }
	71	+ }
	72	+
	73	+ function buildMainView() {
	74	+ global $wgOut,$wgUser,$wgInvitationTypes;
	75	+ $sk = $wgUser->getSkin();
	76	+
	77	+ $groups = CentralAuthUser::availableGlobalGroups();
	78	+
	79	+ // Existing groups
	80	+ $html = Xml::openElement( 'fieldset' );
	81	+ $html .= Xml::element( 'legend', null, wfMsg( 'centralauth-existinggroup-legend' ) );
	82	+
	83	+ $wgOut->addHtml( $html );
	84	+
	85	+ if (count($groups)) {
	86	+ $wgOut->addWikitext( wfMsg( 'centralauth-globalgroupperms-grouplist' ) );
	87	+ $wgOut->addHTML( '<ul>' );
	88	+
	89	+ foreach ($groups as $group) {
	90	+ $text = wfMsgExt( 'centralauth-globalgroupperms-grouplistitem', array( 'parseinline' ), User::getGroupName($group), $group );
	91	+
	92	+ $wgOut->addHTML( "<li> $text </li>" );
	93	+ }
	94	+
	95	+ $wgOut->addHTML( '</ul>' );
	96	+ } else {
	97	+ $wgOut->addWikitext( wfMsg( 'centralauth-globalgroupperms-nogroups' ) );
	98	+ }
	99	+
	100	+ $wgOut->addHtml( Xml::closeElement( 'fieldset' ) );
	101	+
	102	+ // "Create a group" prompt
	103	+ $html = Xml::openElement( 'fieldset' ) . Xml::element( 'legend', null, wfMsg( 'centralauth-newgroup-legend' ) );
	104	+ $html .= wfMsgExt( 'centralauth-newgroup-intro', array( 'parse' ) );
	105	+ $html .= Xml::openElement( 'form', array( 'method' => 'post', 'action' => $wgScript, 'name' => 'centralauth-globalgroups-newgroup' ) );
	106	+ $html .= Xml::hidden( 'title', SpecialPage::getTitleFor('GlobalGroupPermissions')->getPrefixedText() );
	107	+ $html .= Xml::hidden( 'wpEditToken', $wgUser->editToken() );
	108	+
	109	+ $fields = array( 'centralauth-globalgroupperms-newgroupname' => wfInput( 'wpGroup' ) );
	110	+
	111	+ $html .= wfBuildForm( $fields, 'centralauth-globalgroupperms-creategroup-submit' );
	112	+ $html .= Xml::closeElement( 'fieldset' );
	113	+
	114	+ $wgOut->addHtml( $html );
	115	+ }
	116	+
	117	+ function buildGroupView( $group ) {
	118	+ global $wgOut, $wgUser;
	119	+
	120	+ $wgOut->setSubtitle( wfMsg( 'centralauth-editgroup-subtitle', $group ) );
	121	+
	122	+ $html = Xml::openElement( 'fieldset' ) . Xml::element( 'legend', null, wfMsg( 'centralauth-editgroup-fieldset', $group ) );
	123	+ $html .= Xml::openElement( 'form', array( 'method' => 'post', 'action' => $wgScript, 'name' => 'centralauth-globalgroups-newgroup' ) );
	124	+ $html .= Xml::hidden( 'title', SpecialPage::getTitleFor('GlobalGroupPermissions')->getPrefixedText() );
	125	+ $html .= Xml::hidden( 'wpGroup', $group );
	126	+ $html .= Xml::hidden( 'wpEditToken', $wgUser->editToken() );
	127	+
	128	+ $fields = array();
	129	+
	130	+ $fields['centralauth-editgroup-name'] = $group;
	131	+ $fields['centralauth-editgroup-display'] = wfMsgExt( 'centralauth-editgroup-display-edit', array( 'parseinline' ), $group, User::getGroupName( $group ) );
	132	+ $fields['centralauth-editgroup-member'] = wfMsgExt( 'centralauth-editgroup-member-edit', array( 'parseinline' ), $group, User::getGroupMember( $group ) );
	133	+ $fields['centralauth-editgroup-members'] = wfMsgExt( 'centralauth-editgroup-members-link', array( 'parseinline' ), $group, User::getGroupMember( $group ) );
	134	+ $fields['centralauth-editgroup-perms'] = $this->buildCheckboxes($group);
	135	+ $fields['centralauth-editgroup-reason'] = wfInput( 'wpReason' );
	136	+
	137	+ $html .= wfBuildForm( $fields, 'centralauth-editgroup-submit' );
	138	+
	139	+ $html .= Xml::closeElement( 'form' );
	140	+ $html .= Xml::closeElement( 'fieldset' );
	141	+
	142	+ $wgOut->addHtml( $html );
	143	+
	144	+ $this->showLogFragment( $group, $wgOut );
	145	+ }
	146	+
	147	+ function buildCheckboxes( $group ) {
	148	+ $html = '<ul>';
	149	+
	150	+ $rights = wfGetAvailableRights();
	151	+ $assignedRights = $this->getAssignedRights( $group );
	152	+
	153	+ foreach( $rights as $right ) {
	154	+ # Build a checkbox.
	155	+ $checked = in_array( $right, $assignedRights );
	156	+
	157	+ $checkbox = wfCheckLabel( wfMsg( "right-$right" ), "wpRightAssigned-$right", "wpRightAssigned-$right", $checked );
	158	+
	159	+ $html .= "<li>$checkbox</li>";
	160	+ }
	161	+
	162	+ $html .= '</ul>';
	163	+
	164	+ return $html;
	165	+ }
	166	+
	167	+ function getAssignedRights( $group ) {
	168	+ return CentralAuthUser::globalGroupPermissions( $group );
	169	+ }
	170	+
	171	+ function doSubmit( $group ) {
	172	+ global $wgRequest,$wgOut;
	173	+
	174	+ $newRights = array();
	175	+ $addRights = array();
	176	+ $removeRights = array();
	177	+ $oldRights = $this->getAssignedRights( $group );
	178	+ $allRights = wfGetAvailableRights();
	179	+
	180	+ $reason = $wgRequest->getVal( 'wpReason', '' );
	181	+
	182	+ foreach ($allRights as $right) {
	183	+ $alreadyAssigned = in_array( $right, $oldRights );
	184	+
	185	+ if ($wgRequest->getCheck( "wpRightAssigned-$right" )) {
	186	+ $newGroups[] = $right;
	187	+ }
	188	+
	189	+ if (!$alreadyAssigned && $wgRequest->getCheck( "wpRightAssigned-$right" )) {
	190	+ $addRights[] = $right;
	191	+ } else if ($alreadyAssigned && !$wgRequest->getCheck( "wpRightAssigned-$right" ) ) {
	192	+ $removeRights[] = $right;
	193	+ } # Otherwise, do nothing.
	194	+ }
	195	+
	196	+ // Assign the rights.
	197	+ if (count($addRights)>0)
	198	+ $this->grantRightsToGroup( $group, $addRights );
	199	+ if (count($removeRights)>0)
	200	+ $this->revokeRightsFromGroup( $group, $removeRights );
	201	+
	202	+ // Log it
	203	+ if (!(count($addRights)==0 && count($removeRights)==0))
	204	+ $this->addLogEntry( $group, $oldRights, $newRights, $reason );
	205	+
	206	+ // Display success
	207	+ $wgOut->setSubTitle( wfMsg( 'centralauth-editgroup-success' ) );
	208	+ $wgOut->addWikitext( wfMsg( 'centralauth-editgroup-success-text' ) );
	209	+ }
	210	+
	211	+ function revokeRightsFromGroup( $group, $rights ) {
	212	+ $dbw = CentralAuthUser::getCentralDB();
	213	+
	214	+ # Delete from the DB
	215	+ $dbw->delete( 'global_group_permissions', array( 'ggp_group' => $group, 'ggp_permission' => $rights), __METHOD__ );
	216	+ }
	217	+
	218	+ function grantRightsToGroup( $group, $rights ) {
	219	+ $dbw = CentralAuthUser::getCentralDB();
	220	+
	221	+ if (!is_array($rights)) {
	222	+ $rights = array($rights);
	223	+ }
	224	+
	225	+ $insert_rows = array();
	226	+ foreach( $rights as $right ) {
	227	+ $insert_rows[] = array( 'ggp_group' => $group, 'ggp_permission' => $right );
	228	+ }
	229	+
	230	+ # Replace into the DB
	231	+ $dbw->replace( 'global_group_permissions', array( 'ggp_group', 'ggp_permission' ), $insert_rows, __METHOD__ );
	232	+ }
	233	+
	234	+ protected function showLogFragment( $group, $output ) {
	235	+ $title = SpecialPage::getTitleFor( 'ListUsers', $group );
	236	+ $output->addHtml( Xml::element( 'h2', null, LogPage::logName( 'gblrights' ) . "\n" ) );
	237	+ LogEventsList::showLogExtract( $output, 'globalrights', $title->getPrefixedText() );
	238	+ }
	239	+
	240	+ function addLogEntry( $group, $oldRights, $newRights, $reason ) {
	241	+ global $wgRequest;
	242	+
	243	+ $log = new LogPage( 'gblrights' );
	244	+
	245	+ $log->addEntry( 'groupperms',
	246	+ SpecialPage::getTitleFor( 'ListUsers', $group ),
	247	+ $reason,
	248	+ array(
	249	+ $this->makeRightsList( $oldRights ),
	250	+ $this->makeRightsList( $newRights )
	251	+ )
	252	+ );
	253	+ }
	254	+
	255	+ function makeRightsList( $ids ) {
	256	+ return implode( ', ', $ids );
	257	+ }
	258	+}
\ No newline at end of file
Property changes on: trunk/extensions/CentralAuth/SpecialGlobalGroupPermissions.php
___________________________________________________________________
Added: svn:eol-style
1	259	+ native
Index: trunk/extensions/CentralAuth/CentralAuthHooks.php
—	—	@@ -345,4 +345,20 @@
346	346	}
347	347	return true;
348	348	}
	349	+
	350	+ static function onUserGetRights( $user, &$rights ) {
	351	+ $centralUser = CentralAuthUser::getInstance( $user );
	352	+
	353	+ if ($centralUser->exists()) {
	354	+ $extraRights = $centralUser->getGlobalRights();
	355	+
	356	+ $rights = array_merge( $extraRights, $rights );
	357	+ }
	358	+ return true;
	359	+ }
	360	+
	361	+ static function onGetAvailableRights( &$rights ) {
	362	+ $rights = array_unique( array_merge( $rights, CentralAuthUser::getUsedRights() ));
	363	+ return true;
	364	+ }
349	365	}
Index: trunk/extensions/CentralAuth/CentralAuth.i18n.php
—	—	@@ -194,11 +194,46 @@
195	195	'centralauth-account-exists' => 'Cannot create account: the requested username is already taken in the unified login system.',
196	196
197	197	// Logging
198		~~- 'centralauth-log-name' => 'Global account management log',~~
199		~~- 'centralauth-log-header' => 'This log contains operations under global accounts: deletions, locking and unlocking.',~~
200		~~- 'centralauth-log-entry-delete' => 'deleted global account "<nowiki>$1</nowiki>"',~~
201		~~- 'centralauth-log-entry-lock' => 'locked global account "<nowiki>$1</nowiki>"',~~
202		~~- 'centralauth-log-entry-unlock' => 'unlocked global account "<nowiki>$1</nowiki>"',~~
	198	+ 'centralauth-log-name' => 'Global account management log',
	199	+ 'centralauth-log-header' => 'This log contains operations under global accounts: deletions, locking and unlocking.',
	200	+ 'centralauth-log-entry-delete' => 'deleted global account "<nowiki>$1</nowiki>"',
	201	+ 'centralauth-log-entry-lock' => 'locked global account "<nowiki>$1</nowiki>"',
	202	+ 'centralauth-log-entry-unlock' => 'unlocked global account "<nowiki>$1</nowiki>"',
	203	+
	204	+ 'centralauth-rightslog-name' => 'Global rights log',
	205	+ 'centralauth-rightslog-entry-usergroups' => 'changed global group membership for $1 from $2 to $3',
	206	+ 'centralauth-rightslog-entry-groupperms' => 'changed group permissions for $1 from $2 to $3',
	207	+
	208	+ // Global group membership
	209	+ 'globalgroupmembership' => 'Membership in global groups',
	210	+
	211	+ // Global group permissions
	212	+ 'globalgrouppermissions' => 'Global group management',
	213	+ 'centralauth-globalgroupperms-grouplist' => 'The following global groups have been configured. You may view and edit the permissions assigned to any group.',
	214	+ 'centralauth-globalgroupperms-grouplistitem' => '$1 ([[Special:GlobalGroupPermissions/$2\|View and edit permissions]])',
	215	+ 'centralauth-existinggroup-legend' => 'Existing groups',
	216	+ 'centralauth-newgroup-legend' => 'Create a new group',
	217	+ 'centralauth-newgroup-intro' => 'You can use this form to assign permissions to a new group. Note that a group does not exist unless it has permissions assigned to it.',
	218	+ 'centralauth-globalgroupperms-newgroupname' => 'New group name:',
	219	+ 'centralauth-globalgroupperms-creategroup-submit' => 'Assign permissions',
	220	+ 'centralauth-editgroup-subtitle' => 'Editing $1',
	221	+ 'centralauth-editgroup-fieldset' => 'Permissions for $1',
	222	+ 'centralauth-editgroup-name' => 'Name of group:',
	223	+ 'centralauth-editgroup-display' => 'Localised name of group:',
	224	+ 'centralauth-editgroup-display-edit' => '$2 ([[MediaWiki:group-$1\|edit]])',
	225	+ 'centralauth-editgroup-member' => 'Localised name of group members:',
	226	+ 'centralauth-editgroup-member-edit' => '$2 ([[MediaWiki:group-$1-member\|edit]])',
	227	+ 'centralauth-editgroup-members' => 'Member list:',
	228	+ 'centralauth-editgroup-members-link' => '[[Special:Listusers/$1\|List of users with $2 rights]]',
	229	+ 'centralauth-editgroup-submit' => 'Save changes to group permissions',
	230	+ 'centralauth-editgroup-perms' => 'Assigned permissions:',
	231	+ 'centralauth-editgroup-reason' => 'Reason for change:',
	232	+
	233	+ // User rights
	234	+ 'right-globalgroupmembership' => 'Edit membership to global groups',
	235	+ 'right-centralauth-admin' => 'Administrate global accounts',
	236	+ 'right-centralauth-merge' => 'Merge their account',
	237	+ 'right-globalgrouppermissions' => 'Manage global groups',
203	238	);
204	239
205	240	/** Afrikaans (Afrikaans)

Follow-up revisions

Revision	Commit summary	Author	Date
r33833	Revert r33832. That was code in my working copy not yet ready to commit.	werdna	12:56, 24 April 2008
r33926	Remove files accidentally committed in r33832	brion	23:04, 26 April 2008

Status & tagging log

15:26, 12 September 2011 Meno25 (talk | contribs) changed the status of r33832 [removed: ok added: old]