r37975 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r37974‎ | r37975 | r37976 >
Date:20:24, 23 July 2008
Author:vasilievvv
Status:old
Tags:
Comment:
* (bug 14556) Global groups defined for certain sets of wikis
This may be done via creating wiki sets and assigning them to specific global groups.
Still may need to do some cleanup, remove some strange logging-related notices and simplify SQL queries.
Modified paths:
  • /trunk/extensions/CentralAuth/CentralAuth.i18n.php (modified) (history)
  • /trunk/extensions/CentralAuth/CentralAuth.php (modified) (history)
  • /trunk/extensions/CentralAuth/CentralAuthUser.php (modified) (history)
  • /trunk/extensions/CentralAuth/SpecialGlobalGroupPermissions.php (modified) (history)
  • /trunk/extensions/CentralAuth/WikiSet.php (added) (history)
  • /trunk/extensions/CentralAuth/central-auth.sql (modified) (history)
  • /trunk/extensions/CentralAuth/db_patches/patch-wikisets.sql (added) (history)

Diff [purge]

Index: trunk/extensions/CentralAuth/WikiSet.php
@@ -0,0 +1,169 @@
 2+<?php
 3+
 4+class WikiSet {
 5+ const OPTIN = 'optin';
 6+ const OPTOUT = 'optout';
 7+ const VERSION = 1;
 8+
 9+ private $mId; //ID of the group
 10+ private $mName; //Display name of the group
 11+ private $mType; //Opt-in based or opt-out based
 12+ private $mWikis; //List of wikis
 13+ private $mVersion = self::VERSION; //Caching purposes
 14+
 15+ static $mCacheVars = array(
 16+ 'mId',
 17+ 'mName',
 18+ 'mType',
 19+ 'mWikis',
 20+ 'mVersion',
 21+ );
 22+
 23+ public function __construct( $name = '', $type = self::OPTIN, $wikis = array(), $id = 0 ) {
 24+ $this->mId = $id;
 25+ $this->mName = $name;
 26+ $this->mType = $type;
 27+ $this->mWikis = $wikis;
 28+ }
 29+
 30+ protected static function memcKey( $k ) { return "wikiset:{$k}"; }
 31+
 32+ public function getId() { return $this->mId; }
 33+ public function getName() { return $this->mName; }
 34+ public function setName( $n, $commit = false ) { return $this->setDbField( 'ws_name', $n, $commit ); }
 35+ public function getWikisRaw() { return $this->mWikis; }
 36+ public function setWikisRaw( $w, $commit = false ) { return $this->setDbField( 'ws_wikis', $w, $commit ); }
 37+ public function getType() { return $this->mType; }
 38+ public function setType( $t, $commit = false ) {
 39+ if( !in_array( $t, array( self::OPTIN, self::OPTOUT ) ) )
 40+ return false;
 41+ return $this->setDbField( 'ws_type', $t, $commit );
 42+ }
 43+ protected function setDbField( $field, $value, $commit ) {
 44+ $map = array( 'ws_name' => 'mName', 'ws_type' => 'mType', 'ws_wikis' => 'mWikis' );
 45+ $mname = $map[$field];
 46+ $this->$mname = $value;
 47+ if( $commit )
 48+ $this->commit();
 49+ }
 50+
 51+ public static function newFromRow( $row ) {
 52+ if( !$row ) return null;
 53+ return new WikiSet(
 54+ $row->ws_name,
 55+ $row->ws_type,
 56+ explode( ',', $row->ws_wikis ),
 57+ $row->ws_id
 58+ );
 59+ }
 60+
 61+ public static function newFromName( $id, $useCache = true ) {
 62+ if( $useCache ) {
 63+ global $wgMemc;
 64+ $data = $wgMemc->get( self::memcKey( "name:" . md5( $id ) ) );
 65+ if( $data ) {
 66+ if( $data['mVersion'] == self::VERSION ) {
 67+ $ws = new WikiSet( null, null, null );
 68+ foreach( $data as $name => $val )
 69+ $ws->$name = $val;
 70+ return $ws;
 71+ }
 72+ }
 73+ }
 74+ $dbr = CentralAuthUser::getCentralSlaveDB();
 75+ $row = $dbr->selectRow(
 76+ 'wikiset', '*', array( 'ws_name' => $id ), __METHOD__
 77+ );
 78+ if( !$row )
 79+ return null;
 80+ $ws = self::newFromRow( $row );
 81+ $ws->saveToCache();
 82+ return $ws;
 83+ }
 84+
 85+ public static function newFromID( $id, $useCache = true ) {
 86+ if( $useCache ) {
 87+ global $wgMemc;
 88+ $data = $wgMemc->get( self::memcKey( $id ) );
 89+ if( $data ) {
 90+ if( $data['mVersion'] == self::VERSION ) {
 91+ $ws = new WikiSet( null, null, null );
 92+ foreach( $data as $name => $val )
 93+ $ws->$name = $val;
 94+ return $ws;
 95+ }
 96+ }
 97+ }
 98+ $dbr = CentralAuthUser::getCentralSlaveDB();
 99+ $row = $dbr->selectRow(
 100+ 'wikiset', '*', array( 'ws_id' => $id ), __METHOD__
 101+ );
 102+ if( !$row )
 103+ return null;
 104+ $ws = self::newFromRow( $row );
 105+ $ws->saveToCache();
 106+ return $ws;
 107+ }
 108+
 109+ public function commit() {
 110+ $dbw = CentralAuthUser::getCentralDB();
 111+ $dbw->replace( 'wikiset', array( 'ws_id' ),
 112+ array(
 113+ 'ws_id' => $this->mId,
 114+ 'ws_name' => $this->mName,
 115+ 'ws_type' => $this->mType,
 116+ 'ws_wikis' => implode( ',', $this->mWikis ),
 117+ ), __METHOD__
 118+ );
 119+ $dbw->commit();
 120+ $this->purge();
 121+ return (bool)$dbw->affectedRows();
 122+ }
 123+
 124+ public function purge() {
 125+ global $wgMemc;
 126+ $wgMemc->delete( self::memcKey( $this->mId ) );
 127+ $wgMemc->delete( self::memcKey( "name:" . md5( $this->mName ) ) );
 128+ }
 129+
 130+ public function saveToCache() {
 131+ global $wgMemc;
 132+ $data = array();
 133+ foreach( self::$mCacheVars as $var ) {
 134+ $data[$var] = $this->$var;
 135+ }
 136+ $wgMemc->set( self::memcKey( $this->mId ), $data );
 137+ }
 138+
 139+ public function getWikis() {
 140+ if( $this->mType == self::OPTIN )
 141+ return $this->mWikis;
 142+ else
 143+ return array_diff( CentralAuthUser::getWikiList(), $this->mWikis );
 144+ }
 145+
 146+ public function inSet( $wiki = '' ) {
 147+ if( !$wiki )
 148+ $wiki = wfWikiID();
 149+ return in_array( $wiki, $this->getWikis() );
 150+ }
 151+
 152+ public static function getAllWikiSets() {
 153+ $dbr = CentralAuthUser::getCentralSlaveDB();
 154+ $res = $dbr->select( 'wikiset', '*', false, __METHOD__ );
 155+ $result = array();
 156+ while( $row = $dbr->fetchObject( $res ) )
 157+ $result[] = self::newFromRow( $row );
 158+ return $result;
 159+ }
 160+
 161+ public static function getWikiSetForGroup( $group ) {
 162+ $dbr = CentralAuthUser::getCentralSlaveDB();
 163+ $res = $dbr->selectRow( 'global_group_restrictions', '*', array( 'ggr_group' => $group ), __METHOD__ );
 164+ return $res ? $res->ggr_set : 0;
 165+ }
 166+
 167+ public static function formatType( $type ) {
 168+ return wfMsgHtml( "centralauth-rightslog-set-{$type}" );
 169+ }
 170+}
Property changes on: trunk/extensions/CentralAuth/WikiSet.php
___________________________________________________________________
Added: svn:eol-style
1171 + native
Index: trunk/extensions/CentralAuth/CentralAuth.i18n.php
@@ -235,12 +235,20 @@
236236 'centralauth-log-entry-unhide' => 'unhid global account "<nowiki>$1</nowiki>"',
237237 'centralauth-log-entry-lockandhide' => 'locked and hid global account "<nowiki>$1</nowiki>"',
238238
239 - 'centralauth-rightslog-name' => 'Global rights log',
240 - 'centralauth-rightslog-entry-usergroups' => 'changed global group membership for $1 from $2 to $3',
241 - 'centralauth-rightslog-entry-groupperms' => 'changed group permissions for $1 from $2 to $3',
 239+ 'centralauth-rightslog-name' => 'Global rights log',
 240+ 'centralauth-rightslog-entry-usergroups' => 'changed global group membership for $1 from $2 to $3',
 241+ 'centralauth-rightslog-entry-groupperms' => 'changed group permissions for $1 from $2 to $3',
242242 'centralauth-rightslog-entry-groupperms2' => 'changed group permissions for $1. Added $2; Removed $3',
243 - 'centralauth-rightslog-header' => 'This log contains operations on global groups: membership and permissions changes',
 243+ 'centralauth-rightslog-entry-groupperms3' => 'changed group restricted wikis set for $1 from $2 to $3',
 244+ 'centralauth-rightslog-header' => 'This log contains operations on global groups: membership and permissions changes',
244245
 246+ 'centralauth-rightslog-entry-newset' => 'created $2 wiki set $1 with following wikis: $3',
 247+ 'centralauth-rightslog-entry-setrename' => 'renamed wiki set "$2" to "$1"',
 248+ 'centralauth-rightslog-entry-setnewtype' => 'changed type of "$1" from $2 to $3',
 249+ 'centralauth-rightslog-entry-setchange' => 'changed wikis in "$1": added: $2; removed: $3',
 250+ 'centralauth-rightslog-set-optin' => 'opt-in based',
 251+ 'centralauth-rightslog-set-optout' => 'opt-out based',
 252+
245253 // Global group membership
246254 'globalgroupmembership' => 'Membership in global groups',
247255
@@ -249,7 +257,7 @@
250258 'centralauth-globalgroupperms-grouplist' => 'The following global groups have been configured.
251259 You may view and edit the permissions assigned to any group.
252260 A group may be deleted by removing all rights from it.',
253 - 'centralauth-globalgroupperms-grouplistitem' => '$1 ([[Special:GlobalGroupPermissions/$2|View and edit permissions]])',
 261+ 'centralauth-globalgroupperms-grouplistitem' => '$1 ([[Special:GlobalGroupPermissions/$2|view/edit]])',
254262 'centralauth-existinggroup-legend' => 'Existing groups',
255263 'centralauth-newgroup-legend' => 'Create a new group',
256264 'centralauth-newgroup-intro' => 'You can use this form to assign permissions to a new group.
@@ -265,16 +273,40 @@
266274 'centralauth-editgroup-member-edit' => '$2 ([[MediaWiki:Group-$1-member|edit]])',
267275 'centralauth-editgroup-members' => 'Member list:',
268276 'centralauth-editgroup-members-link' => '[[Special:Globalusers/$1|List of users with $2 rights]]',
 277+ 'centralauth-editgroup-restrictions' => 'Set of wikis where this group is active:',
 278+ 'centralauth-editgroup-noset' => '(none)',
269279 'centralauth-editgroup-submit' => 'Save changes to group permissions',
270280 'centralauth-editgroup-perms' => 'Assigned permissions:',
271281 'centralauth-editgroup-reason' => 'Reason for change:',
272282 'centralauth-editgroup-success' => 'Group permissions changed',
273283 'centralauth-editgroup-success-text' => 'You have successfully changed the group permissions for the $1 group.
274284 [[Special:GlobalGroupPermissions|Return to group management]]',
275 - 'centralauth-globalgrouppermissions-knownwiki' => "Select a wiki on which they have an account:",
 285+ 'centralauth-globalgrouppermissions-knownwiki' => "Wiki on which they have an account:",
276286 'centralauth-globalgroupmembership-badknownwiki' => "The global user '''$1''' is not active on the wiki you specified ('' $2 '').
277287 You may be attempting to assign rights to the wrong user!",
278288
 289+ // Wiki sets editing
 290+ 'centralauth-editset' => 'Edit wiki sets',
 291+ 'centralauth-editset-legend' => 'Edit or create wiki set',
 292+ 'centralauth-editset-intro' => 'The following wiki sets have already been created. You may view and modify any of them, or create a new set.',
 293+ 'centralauth-editset-item' => '$1 ([[Special:EditWikiSets/$2|view/edit]])',
 294+ 'centralauth-editset-new' => 'Create a new set',
 295+ 'centralauth-editset-notfound' => 'Wiki set "$1" not found.',
 296+ 'centralauth-editset-optin' => 'Opt-in based (includes only specified wikis)',
 297+ 'centralauth-editset-optout' => 'Opt-out based (includes all wikis except specified)',
 298+ 'centralauth-editset-legend-edit' => 'Editing wiki set "$1"',
 299+ 'centralauth-editset-legend-new' => 'Creating new wiki set',
 300+ 'centralauth-editset-name' => 'Name:',
 301+ 'centralauth-editset-type' => 'Type:',
 302+ 'centralauth-editset-wikis' => 'Wikis:',
 303+ 'centralauth-editset-reason' => 'Reason:',
 304+ 'centralauth-editset-submit' => 'Submit',
 305+ 'centralauth-editset-badname' => 'Invalid or empty set name.',
 306+ 'centralauth-editset-badtype' => 'Invalid set type.',
 307+ 'centralauth-editset-nowikis' => 'No wikis specified.',
 308+ 'centralauth-editset-badwikis' => 'Following wikis do not exist: $1.',
 309+ 'centralauth-editset-success' => 'Successfully changed wiki set.',
 310+
279311 // User rights
280312 'right-globalgroupmembership' => 'Edit membership to global groups',
281313 'right-centralauth-admin' => 'Administrate global accounts',
Index: trunk/extensions/CentralAuth/central-auth.sql
@@ -134,3 +134,33 @@
135135 KEY (ggp_group),
136136 KEY (ggp_permission)
137137 ) /*$wgDBTableOptions*/;
 138+
 139+-- Sets of wikis (for things like restricting global groups)
 140+-- May be defined in two ways: only specified wikis or all wikis except opt-outed
 141+CREATE TABLE wikiset (
 142+ -- ID of wikiset
 143+ ws_id int auto_increment,
 144+ -- Display name of wikiset
 145+ ws_name varchar(255) not null,
 146+ -- Type of set: opt-in or opt-out
 147+ ws_type enum ('optin', 'optout'),
 148+ -- Wikis in that set. Why isn't it a seperate table?
 149+ -- Because we can just use such simple list, we don't need complicated queries on it
 150+ -- Let's suppose that max length of db name is 31 (32 with ","), then we have space for
 151+ -- 2048 wikis. More than we need
 152+ ws_wikis varbinary(65536) not null,
 153+
 154+ PRIMARY KEY ws_id (ws_id),
 155+ UNIQUE ws_name (ws_name)
 156+) /*$wgDBTableOptions*/;
 157+
 158+-- Allow certain global groups to have their permissions only on certain wikis
 159+CREATE TABLE global_group_restrictions (
 160+ -- Group to restrict
 161+ ggr_group varchar(255) not null,
 162+ -- Wikiset to use
 163+ ggr_set int not null,
 164+
 165+ PRIMARY KEY (ggr_group),
 166+ KEY (ggr_set)
 167+) /*$wgDBTableOptions*/;
Index: trunk/extensions/CentralAuth/db_patches/patch-wikisets.sql
@@ -0,0 +1,29 @@
 2+-- Sets of wikis (for things like restricting global groups)
 3+-- May be defined in two ways: only specified wikis or all wikis except opt-outed
 4+CREATE TABLE wikiset (
 5+ -- ID of wikiset
 6+ ws_id int auto_increment,
 7+ -- Display name of wikiset
 8+ ws_name varchar(255) not null,
 9+ -- Type of set: opt-in or opt-out
 10+ ws_type enum ('optin', 'optout'),
 11+ -- Wikis in that set. Why isn't it a seperate table?
 12+ -- Because we can just use such simple list, we don't need complicated queries on it
 13+ -- Let's suppose that max length of db name is 31 (32 with ","), then we have space for
 14+ -- 2048 wikis. More than we need
 15+ ws_wikis varbinary(65536) not null,
 16+
 17+ PRIMARY KEY ws_id (ws_id),
 18+ UNIQUE ws_name (ws_name)
 19+) /*$wgDBTableOptions*/;
 20+
 21+-- Allow certain global groups to have their permissions only on certain wikis
 22+CREATE TABLE global_group_restrictions (
 23+ -- Group to restrict
 24+ ggr_group varchar(255) not null,
 25+ -- Wikiset to use
 26+ ggr_set int not null,
 27+
 28+ PRIMARY KEY (ggr_group),
 29+ KEY (ggr_set)
 30+) /*$wgDBTableOptions*/;
\ No newline at end of file
Property changes on: trunk/extensions/CentralAuth/db_patches/patch-wikisets.sql
___________________________________________________________________
Added: svn:eol-style
131 + native
Index: trunk/extensions/CentralAuth/CentralAuthUser.php
@@ -18,7 +18,7 @@
1919 */
2020 /*private*/ var $mName;
2121 /*private*/ var $mStateDirty = false;
22 - /*private*/ var $mVersion = 1;
 22+ /*private*/ var $mVersion = 2;
2323 /*private*/ var $mDelayInvalidation = 0;
2424
2525 static $mCacheVars = array(
@@ -153,26 +153,40 @@
154154 return;
155155 }
156156 // We need the user id from the database, but this should be checked by the getId accessor.
157 -
 157+
158158 wfDebugLog( 'CentralAuth', "Loading groups for global user {$this->mName}" );
159 -
 159+
160160 $dbr = self::getCentralDB(); // We need the master.
161 -
 161+
162162 $res = $dbr->select(
163163 array( 'global_group_permissions', 'global_user_groups' ),
164164 array( 'ggp_permission', 'ggp_group' ),
165165 array( 'ggp_group=gug_group', 'gug_user' => $this->getId() ),
166 - __METHOD__ );
167 -
 166+ __METHOD__
 167+ );
 168+
 169+ $resSets = $dbr->select(
 170+ array( 'global_user_groups', 'global_group_restrictions', 'wikiset' ),
 171+ array( 'ggr_group', 'ws_id', 'ws_name', 'ws_type', 'ws_wikis' ),
 172+ array( 'ggr_group=gug_group', 'ggr_set=ws_id', 'gug_user' => $this->getId() ),
 173+ __METHOD__
 174+ );
 175+
 176+ $sets = array();
 177+ while( $row = $dbr->fetchObject( $resSets ) ) {
 178+ $sets[$row->ggr_group] = WikiSet::newFromRow( $row );
 179+ }
 180+
168181 // Grab the user's rights/groups.
169182 $rights = array();
170183 $groups = array();
171 -
172 - while ($row = $dbr->fetchObject( $res ) ) {
173 - $rights[] = $row->ggp_permission;
 184+
 185+ while( $row = $dbr->fetchObject( $res ) ) {
 186+ $set = @$sets[$row->ggp_group];
 187+ $rights[] = array( 'right' => $row->ggp_permission, 'set' => $set ? $set->getID() : false );
174188 $groups[$row->ggp_group] = 1;
175189 }
176 -
 190+
177191 $this->mRights = $rights;
178192 $this->mGroups = array_keys($groups);
179193 }
@@ -1620,7 +1634,18 @@
16211635 function getGlobalRights() {
16221636 $this->loadGroups();
16231637
1624 - return $this->mRights;
 1638+ $rights = array();
 1639+ $sets = array();
 1640+ foreach( $this->mRights as $right ) {
 1641+ if( $right['set'] ) {
 1642+ $set = isset( $sets[$right['set']] ) ? $sets[$right['set']] : WikiSet::newFromID( $right['set'] );
 1643+ if( $set->inSet() )
 1644+ $rights[] = $right['right'];
 1645+ } else {
 1646+ $rights[] = $right['right'];
 1647+ }
 1648+ }
 1649+ return $rights;
16251650 }
16261651
16271652 function removeFromGlobalGroups( $groups ) {
Index: trunk/extensions/CentralAuth/CentralAuth.php
@@ -136,12 +136,14 @@
137137 $wgAutoloadClasses['CentralAuthHooks'] = "$caBase/CentralAuthHooks.php";
138138 $wgAutoloadClasses['WikiMap'] = "$caBase/WikiMap.php";
139139 $wgAutoloadClasses['WikiReference'] = "$caBase/WikiMap.php";
 140+$wgAutoloadClasses['WikiSet'] = "$caBase/WikiSet.php";
140141 $wgAutoloadClasses['SpecialAutoLogin'] = "$caBase/SpecialAutoLogin.php";
141142 $wgAutoloadClasses['CentralAuthUserArray'] = "$caBase/CentralAuthUserArray.php";
142143 $wgAutoloadClasses['CentralAuthUserArrayFromResult'] = "$caBase/CentralAuthUserArray.php";
143144 $wgAutoloadClasses['SpecialGlobalGroupMembership'] = "$caBase/SpecialGlobalGroupMembership.php";
144145 $wgAutoloadClasses['CentralAuthGroupMembershipProxy'] = "$caBase/CentralAuthGroupMembershipProxy.php";
145146 $wgAutoloadClasses['SpecialGlobalGroupPermissions'] = "$caBase/SpecialGlobalGroupPermissions.php";
 147+$wgAutoloadClasses['SpecialEditWikiSets'] = "$caBase/SpecialEditWikiSets.php";
146148
147149 $wgExtensionMessagesFiles['SpecialCentralAuth'] = "$caBase/CentralAuth.i18n.php";
148150
@@ -182,6 +184,7 @@
183185 $wgSpecialPages['MergeAccount'] = 'SpecialMergeAccount';
184186 $wgSpecialPages['GlobalGroupMembership'] = 'SpecialGlobalGroupMembership';
185187 $wgSpecialPages['GlobalGroupPermissions'] = 'SpecialGlobalGroupPermissions';
 188+$wgSpecialPages['EditWikiSets'] = 'SpecialEditWikiSets';
186189 $wgSpecialPages['GlobalUsers'] = 'SpecialGlobalUsers';
187190 $wgSpecialPageGroups['GlobalUsers'] = 'users';
188191
@@ -195,9 +198,25 @@
196199 $wgLogActions['globalauth/unhide'] = 'centralauth-log-entry-unhide';
197200 $wgLogActions['globalauth/lockandhid'] = 'centralauth-log-entry-lockandhide';
198201
199 -$wgLogTypes[] = 'gblrights';
200 -$wgLogNames['gblrights'] = 'centralauth-rightslog-name';
201 -$wgLogHeaders['gblrights'] = 'centralauth-rightslog-header';
202 -$wgLogActions['gblrights/usergroups'] = 'centralauth-rightslog-entry-usergroups';
203 -$wgLogActions['gblrights/groupperms'] = 'centralauth-rightslog-entry-groupperms';
204 -$wgLogActions['gblrights/groupperms2'] = 'centralauth-rightslog-entry-groupperms2';
 202+$wgLogTypes[] = 'gblrights';
 203+$wgLogNames['gblrights'] = 'centralauth-rightslog-name';
 204+$wgLogHeaders['gblrights'] = 'centralauth-rightslog-header';
 205+$wgLogActions['gblrights/usergroups'] = 'centralauth-rightslog-entry-usergroups';
 206+$wgLogActions['gblrights/groupperms'] = 'centralauth-rightslog-entry-groupperms';
 207+$wgLogActions['gblrights/groupperms2'] = 'centralauth-rightslog-entry-groupperms2';
 208+$wgLogActions['gblrights/groupperms3'] = 'centralauth-rightslog-entry-groupperms3';
 209+foreach( array( 'newset', 'setrename', 'setnewtype', 'setchange' ) as $type )
 210+ $wgLogActionsHandlers["gblrights/{$type}"] = 'efHandleWikiSetLogEntry';
 211+
 212+function efHandleWikiSetLogEntry( $type, $action, $title, $skin, $params, $filterWikilinks = false ) {
 213+ $link = $skin ? $skin->makeLinkObj( $title, $params[0] ) : $params[0];
 214+ if( $action == 'newset' )
 215+ $args = array( WikiSet::formatType( $params[1] ), $params[2] );
 216+ if( $action == 'setrename' )
 217+ $args = array( $params[1] );
 218+ if( $action == 'setnewtype' )
 219+ $args = array( WikiSet::formatType( $params[1] ) );
 220+ if( $action == 'setchange' )
 221+ $args = array( $params[1] ? $params[1] : wfMsg( 'rightsnone' ), $params[2] ? $params[2] : wfMsg( 'rightsnone' ) );
 222+ return wfMsgReal( "centralauth-rightslog-entry-{$action}", array_merge( array( $link ), $args ), true, !$skin );
 223+}
\ No newline at end of file
Index: trunk/extensions/CentralAuth/SpecialGlobalGroupPermissions.php
@@ -112,7 +112,7 @@
113113 }
114114
115115 function buildGroupView( $group ) {
116 - global $wgOut, $wgUser,$wgScript;
 116+ global $wgOut, $wgUser, $wgScript;
117117
118118 $wgOut->setSubtitle( wfMsg( 'centralauth-editgroup-subtitle', $group ) );
119119
@@ -127,6 +127,7 @@
128128 $fields['centralauth-editgroup-display'] = wfMsgExt( 'centralauth-editgroup-display-edit', array( 'parseinline' ), $group, User::getGroupName( $group ) );
129129 $fields['centralauth-editgroup-member'] = wfMsgExt( 'centralauth-editgroup-member-edit', array( 'parseinline' ), $group, User::getGroupMember( $group ) );
130130 $fields['centralauth-editgroup-members'] = wfMsgExt( 'centralauth-editgroup-members-link', array( 'parseinline' ), $group, User::getGroupMember( $group ) );
 131+ $fields['centralauth-editgroup-restrictions'] = $this->buildWikiSetSelector($group);
131132 $fields['centralauth-editgroup-perms'] = $this->buildCheckboxes($group);
132133 $fields['centralauth-editgroup-reason'] = wfInput( 'wpReason' );
133134
@@ -139,7 +140,19 @@
140141
141142 $this->showLogFragment( $group, $wgOut );
142143 }
143 -
 144+
 145+ function buildWikiSetSelector( $group ) {
 146+ $sets = WikiSet::getAllWikiSets();
 147+ $default = WikiSet::getWikiSetForGroup( $group );
 148+
 149+ $select = new XmlSelect( 'set', 'wikiset', $default );
 150+ $select->addOption( wfMsg( 'centralauth-editgroup-noset' ), '0' );
 151+ foreach( $sets as $set ) {
 152+ $select->addOption( $set->getName(), $set->getID() );
 153+ }
 154+ return $select->getHTML();
 155+ }
 156+
144157 function buildCheckboxes( $group ) {
145158
146159 $rights = User::getAllRights();
@@ -221,7 +234,15 @@
222235 // Log it
223236 if (!(count($addRights)==0 && count($removeRights)==0))
224237 $this->addLogEntry( $group, $addRights, $removeRights, $reason );
225 -
 238+
 239+ // Change set
 240+ $current = WikiSet::getWikiSetForGroup( $group );
 241+ $new = $wgRequest->getVal( 'set' );
 242+ if( $current != $new ) {
 243+ $this->setRestrictions( $group, $new );
 244+ $this->addLogEntry2( $group, $current, $new, $reason );
 245+ }
 246+
226247 $this->invalidateRightsCache( $group );
227248
228249 // Display success
@@ -262,8 +283,6 @@
263284 global $wgRequest;
264285
265286 $log = new LogPage( 'gblrights' );
266 -
267 - $added =
268287
269288 $log->addEntry( 'groupperms2',
270289 SpecialPage::getTitleFor( 'GlobalUsers', $group ),
@@ -278,7 +297,40 @@
279298 function makeRightsList( $ids ) {
280299 return (bool)count($ids) ? implode( ', ', $ids ) : wfMsgForContent( 'rightsnone' );
281300 }
282 -
 301+
 302+ function setRestrictions( $group, $set ) {
 303+ $dbw = CentralAuthUser::getCentralDB();
 304+ if( $set == 0 ) {
 305+ $dbw->delete( 'global_group_restrictions', array( 'ggr_group' => $group ), __METHOD__ );
 306+ } else {
 307+ $dbw->replace( 'global_group_restrictions', array( 'ggr_group' ),
 308+ array( 'ggr_group' => $group, 'ggr_set' => $set, ), __METHOD__ );
 309+ }
 310+ return (bool)$dbw->affectedRows();
 311+ }
 312+
 313+ function addLogEntry2( $group, $old, $new, $reason ) {
 314+ global $wgRequest;
 315+
 316+ $log = new LogPage( 'gblrights' );
 317+
 318+ $log->addEntry( 'groupperms3',
 319+ SpecialPage::getTitleFor( 'GlobalUsers', $group ),
 320+ $reason,
 321+ array(
 322+ $this->getWikiSetName( $old ),
 323+ $this->getWikiSetName( $new ),
 324+ )
 325+ );
 326+ }
 327+
 328+ function getWikiSetName( $id ) {
 329+ if( $id )
 330+ return WikiSet::newFromID( $id )->getName();
 331+ else
 332+ return wfMsgForContent( 'centralauth-editgroup-noset' );
 333+ }
 334+
283335 function invalidateRightsCache( $group ) {
284336 global $wgMemc;
285337

Follow-up revisions

RevisionCommit summaryAuthorDate
r38118Revert another part of r37975 pending review (new tables etc)brion05:15, 28 July 2008
r38292* (bug 14556) Global groups defined for certain sets of wikis. Fixed with all...vasilievvv14:32, 31 July 2008

Status & tagging log