Last modified: 2010-05-15 15:37:47 UTC
The new group permission mechanism allows the possible extension to supporting "protected" namespaces. Pages in such a namespace can only be accessed by people who are members of specific groups. While this is in some way counter to the "open" spirit of wikis, it is very useful in, for example, an enterprise environment where there may be some information which should not be completely publicly accessible. A simple patch to Title.php (attached) shows a possible implementation.
Created attachment 776 [details] Patch to implement protected namespaces This patch affects only includes/Title.php. It introduces a new global variable, $wgProtectedNamespaces. If this is set, it should be a list of namespaces whose pages are to be specially protected. For each namespace, e.g. "Foo", in the list only people who are members of the group "ns-Foo" will be able to access pages within that namespace. To give a concrete example, additions to LocalSettings.php might be: $wgExtraNamespaces = array(100 => "Foo", 101 => "Foo_talk"); $wgGroupPermissions['ns-Foo']['read'] = true; $wgGroupPermissions['ns-Foo_talk']['read'] = true; $wgProtectedNamespaces = array('Foo', 'Foo_talk'); Now only users who are members of the group 'ns-Foo' will be able to access pages in the 'Foo' namespace. Note that to access 'Foo_talk' pages they must also be members of 'ns-Foo_talk', there is no implicit association. The permission used in $wgGroupPermissions (here 'read') is largely irrelevant as it is only the membership of the group that is important. Using 'read' will generally be safe because a user is going to need that globally anyway! There is a very small overhead added on normal page reads (the addition of an existence check on $wgProtectedPages). I hope this is acceptable.
*** This bug has been marked as a duplicate of 2073 ***
