| Index: trunk/extensions/Lockdown/Lockdown.php |
| — | — | @@ -60,7 +60,9 @@ |
| 61 | 61 | $result = null; |
| 62 | 62 | |
| 63 | 63 | // don't impose extra restrictions on UI pages |
| 64 | | - if ( $title->isCssJsSubpage() ) return true; |
| | 64 | + if ( $title->isCssJsSubpage() ) { |
| | 65 | + return true; |
| | 66 | + } |
| 65 | 67 | |
| 66 | 68 | if ( $action == 'read' && $wgWhitelistRead ) { |
| 67 | 69 | // don't impose read restrictions on whitelisted pages |
| — | — | @@ -75,8 +77,7 @@ |
| 76 | 78 | if ( $action != 'read' ) { |
| 77 | 79 | $result = false; |
| 78 | 80 | return true; |
| 79 | | - } |
| 80 | | - else { |
| | 81 | + } else { |
| 81 | 82 | foreach ( $wgSpecialPageLockdown as $page => $g ) { |
| 82 | 83 | if ( !$title->isSpecial( $page ) ) continue; |
| 83 | 84 | $groups = $g; |
| — | — | @@ -86,12 +87,20 @@ |
| 87 | 88 | } |
| 88 | 89 | else { |
| 89 | 90 | $groups = @$wgNamespacePermissionLockdown[$ns][$action]; |
| 90 | | - if ( $groups === null ) $groups = @$wgNamespacePermissionLockdown['*'][$action]; |
| 91 | | - if ( $groups === null ) $groups = @$wgNamespacePermissionLockdown[$ns]['*']; |
| | 91 | + if ( $groups === null ) { |
| | 92 | + $groups = @$wgNamespacePermissionLockdown['*'][$action]; |
| | 93 | + } |
| | 94 | + if ( $groups === null ) { |
| | 95 | + $groups = @$wgNamespacePermissionLockdown[$ns]['*']; |
| | 96 | + } |
| 92 | 97 | } |
| 93 | 98 | |
| 94 | | - if ( $groups === null ) return true; |
| 95 | | - if ( count( $groups ) == 0 ) return false; |
| | 99 | + if ( $groups === null ) { |
| | 100 | + return true; |
| | 101 | + } |
| | 102 | + if ( count( $groups ) == 0 ) { |
| | 103 | + return false; |
| | 104 | + } |
| 96 | 105 | |
| 97 | 106 | # print "<br />nsAccessUserCan(".$title->getPrefixedDBkey().", ".$user->getName().", $action)<br />\n"; |
| 98 | 107 | # print_r($groups); |
| — | — | @@ -107,8 +116,7 @@ |
| 108 | 117 | # group is allowed - keep processing |
| 109 | 118 | $result = null; |
| 110 | 119 | return true; |
| 111 | | - } |
| 112 | | - else { |
| | 120 | + } else { |
| 113 | 121 | # print "<br />DENY<br />\n"; |
| 114 | 122 | # group is denied - abort |
| 115 | 123 | $result = false; |
| — | — | @@ -121,24 +129,33 @@ |
| 122 | 130 | |
| 123 | 131 | $action = $wiki->getAction( $request ); |
| 124 | 132 | |
| 125 | | - if ( !isset( $wgActionLockdown[$action] ) ) return true; |
| | 133 | + if ( !isset( $wgActionLockdown[$action] ) ) { |
| | 134 | + return true; |
| | 135 | + } |
| 126 | 136 | |
| 127 | 137 | $groups = $wgActionLockdown[$action]; |
| 128 | | - if ( $groups === null ) return true; |
| 129 | | - if ( count( $groups ) == 0 ) return false; |
| | 138 | + if ( $groups === null ) { |
| | 139 | + return true; |
| | 140 | + } |
| | 141 | + if ( count( $groups ) == 0 ) { |
| | 142 | + return false; |
| | 143 | + } |
| 130 | 144 | |
| 131 | 145 | $ugroups = $user->getEffectiveGroups(); |
| 132 | 146 | $match = array_intersect( $ugroups, $groups ); |
| 133 | 147 | |
| 134 | | - if ( $match ) return true; |
| 135 | | - else return false; |
| | 148 | + if ( $match ) { |
| | 149 | + return true; |
| | 150 | + } else { |
| | 151 | + return false; |
| | 152 | + } |
| 136 | 153 | } |
| 137 | 154 | |
| 138 | 155 | function lockdownSearchableNamespaces($arr) { |
| 139 | 156 | global $wgUser, $wgNamespacePermissionLockdown; |
| 140 | 157 | |
| 141 | | - //don't continue if $wgUser's name and id are both false (bug 28842) |
| 142 | | - if ( $wgUser->getId() === NULL && $wgUser->getName() === NULL ) { |
| | 158 | + //don't continue if $wgUser's name and id are both null (bug 28842) |
| | 159 | + if ( $wgUser->getId() === null && $wgUser->getName() === null ) { |
| 143 | 160 | return true; |
| 144 | 161 | } |
| 145 | 162 | |
| — | — | @@ -146,12 +163,18 @@ |
| 147 | 164 | |
| 148 | 165 | foreach ( $arr as $ns => $name ) { |
| 149 | 166 | $groups = @$wgNamespacePermissionLockdown[$ns]['read']; |
| 150 | | - if ( $groups === NULL ) $groups = @$wgNamespacePermissionLockdown['*']['read']; |
| 151 | | - if ( $groups === NULL ) $groups = @$wgNamespacePermissionLockdown[$ns]['*']; |
| | 167 | + if ( $groups === null ) { |
| | 168 | + $groups = @$wgNamespacePermissionLockdown['*']['read']; |
| | 169 | + } |
| | 170 | + if ( $groups === null ) { |
| | 171 | + $groups = @$wgNamespacePermissionLockdown[$ns]['*']; |
| | 172 | + } |
| 152 | 173 | |
| 153 | | - if ( $groups === NULL ) continue; |
| | 174 | + if ( $groups === null ) { |
| | 175 | + continue; |
| | 176 | + } |
| 154 | 177 | |
| 155 | | - if ( ( count( $groups ) == 0 ) || !array_intersect($ugroups, $groups) ) { |
| | 178 | + if ( ( count( $groups ) == 0 ) || !array_intersect( $ugroups, $groups ) ) { |
| 156 | 179 | unset( $arr[$ns] ); |
| 157 | 180 | } |
| 158 | 181 | } |
| — | — | @@ -164,10 +187,16 @@ |
| 165 | 188 | $ugroups = $wgUser->getEffectiveGroups(); |
| 166 | 189 | |
| 167 | 190 | $groups = @$wgNamespacePermissionLockdown[$title->getNamespace()]['read']; |
| 168 | | - if ( $groups === NULL ) $groups = @$wgNamespacePermissionLockdown['*']['read']; |
| 169 | | - if ( $groups === NULL ) $groups = @$wgNamespacePermissionLockdown[$title->getNamespace()]['*']; |
| | 191 | + if ( $groups === null ) { |
| | 192 | + $groups = @$wgNamespacePermissionLockdown['*']['read']; |
| | 193 | + } |
| | 194 | + if ( $groups === null ) { |
| | 195 | + $groups = @$wgNamespacePermissionLockdown[$title->getNamespace()]['*']; |
| | 196 | + } |
| 170 | 197 | |
| 171 | | - if ( $groups === NULL ) return false; |
| | 198 | + if ( $groups === null ) { |
| | 199 | + return false; |
| | 200 | + } |
| 172 | 201 | |
| 173 | 202 | if ( ( count( $groups ) == 0 ) || !array_intersect($ugroups, $groups) ) { |
| 174 | 203 | $title = null; |
| — | — | @@ -178,12 +207,12 @@ |
| 179 | 208 | } |
| 180 | 209 | |
| 181 | 210 | #Stop a Go search for a hidden title to send you to the login required page. Will show a no such page message instead. |
| 182 | | -function lockdownSearchGetNearMatchComplete($searchterm, $title) { |
| | 211 | +function lockdownSearchGetNearMatchComplete( $searchterm, $title ) { |
| 183 | 212 | return lockdownTitle( $title ); |
| 184 | 213 | } |
| 185 | 214 | |
| 186 | 215 | #Protect against namespace prefixes, explicit ones and <searchall> ('all:'-queries). |
| 187 | | -function lockdownSearchEngineReplacePrefixesComplete($searchEngine, $query, $parsed) { |
| | 216 | +function lockdownSearchEngineReplacePrefixesComplete( $searchEngine, $query, $parsed ) { |
| 188 | 217 | global $wgUser, $wgNamespacePermissionLockdown; |
| 189 | 218 | if ( $searchEngine->namespaces === null ) { #null means all namespaces. |
| 190 | 219 | $searchEngine->namespaces = array_keys( SearchEngine::searchableNamespaces() ); #Use the namespaces... filtered |
| — | — | @@ -194,17 +223,23 @@ |
| 195 | 224 | |
| 196 | 225 | foreach ( $searchEngine->namespaces as $key => $ns ) { |
| 197 | 226 | $groups = @$wgNamespacePermissionLockdown[$ns]['read']; |
| 198 | | - if ( $groups === NULL ) $groups = @$wgNamespacePermissionLockdown['*']['read']; |
| 199 | | - if ( $groups === NULL ) $groups = @$wgNamespacePermissionLockdown[$ns]['*']; |
| | 227 | + if ( $groups === null ) { |
| | 228 | + $groups = @$wgNamespacePermissionLockdown['*']['read']; |
| | 229 | + } |
| | 230 | + if ( $groups === null ) { |
| | 231 | + $groups = @$wgNamespacePermissionLockdown[$ns]['*']; |
| | 232 | + } |
| 200 | 233 | |
| 201 | | - if ( $groups === NULL ) continue; |
| | 234 | + if ( $groups === null ) { |
| | 235 | + continue; |
| | 236 | + } |
| 202 | 237 | |
| 203 | | - if ( ( count( $groups ) == 0 ) || !array_intersect($ugroups, $groups) ) { |
| | 238 | + if ( ( count( $groups ) == 0 ) || !array_intersect( $ugroups, $groups ) ) { |
| 204 | 239 | unset( $searchEngine->namespaces[$key] ); |
| 205 | 240 | } |
| 206 | 241 | } |
| 207 | 242 | |
| 208 | | - if (count($searchEngine->namespaces) == 0) { |
| | 243 | + if ( count( $searchEngine->namespaces ) == 0 ) { |
| 209 | 244 | $searchEngine->namespaces = array_keys( SearchEngine::searchableNamespaces() ); |
| 210 | 245 | } |
| 211 | 246 | return true; |