Last modified: 2011-03-13 18:04:55 UTC
The proposed enhancement: * does not disrupt the stock MediaWiki * allows for extensions to handle rights management at a more granular level. Proposed change to User.php: <source lang=php> function isAllowed($action='', $ns = null /*optional*/, $title = null /* optional */ ) { if ( $action === '' ) // In the spirit of DWIM return true; // CHANGE begin{{ $result = null; wfRunHooks('UserIsAllowed', array( &$this, $ns, $title, &$action, &$result ) ); if ( $result !== null ) return $result; // CHANGE end }} return in_array( $action, $this->getRights() ); } </source> Of course it does not address the policing issues of the whole MediaWiki platform but updating this method could open up the path to enhancements to the rights management sub-system i.e. do it piece-by-piece maybe? I know I have seen discussion around 'using more' the 'Title::userCan' method but, in retrospect, after delving for many hours in the bowels of MW, I now could argue 'more intelligently' that this wouldn't be, IMO, a course of action I would follow; e.g. there are 'title/namespace' level rights and there are 'title independent' rights to manage here.
Seems to duplicate existing code?
Well, until an extension hooks up to the new hook 'UserIsAllowed', the above code does not change the current MediaWiki behavior. The point is to add a hook that does not disturb the current Mediawiki whilst allowing incremental changes in the direction of better rights management.
We already have the getUserPermissionsErrors hook (and its old version userCan) that passes a Title object in its arguments. Adding those parameters User::isAllowed() would only duplicate code as Brion said.
