Last modified: 2010-05-15 15:33:48 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T5605, the corresponding Phabricator task for complete and up-to-date bug report information.

Bug 3605 - wgWhitelistEdit


Summary:	wgWhitelistEdit

Status:	RESOLVED FIXED

Product:	MediaWiki
Classification:	Unclassified
Component:	Page editing (Other open bugs)
Version:	1.4.x
Hardware:	Macintosh Linux

Importance:	Normal normal (vote)
Target Milestone:	---
Assigned To:	Nobody - You can work on this!

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2005-10-04 23:33 UTC by Robert Carter
Modified:	2010-05-15 15:33 UTC (History)
CC List:	1 user (show)

See Also:
Web browser:	---
Mobile Platform:	---
Assignee Huggle Beta Tester:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Robert Carter 2005-10-04 23:33:18 UTC

It appears that the wgWhitelistEdit directive fails to have any effect in
MediaWiki 1.4.10.

I have tracked the problem to EditPage.php

Lines: 55
		if ( !$wgUser->getID() && $wgWhitelistEdit ) {
			$this->userNotLoggedInPage();
			return;
Lines: 206
			if ( !$wgUser->getID() && $wgWhitelistEdit ) {
				$this->userNotLoggedInPage();
				return;

It seems that the boolean should use || rather than && to have the desired
effect. I have modified my version of the scipt and it seems to work. Prior to
this I could edit regardless of whether I was logged in or not.

Running on Red Hat Linux.
    MediaWiki (http://wikipedia.sf.net/): 1.4.10 
    PHP (http://www.php.net/): 4.3.9 (apache) 
    MySQL (http://www.mysql.com/): 4.0.23a-log

Comment 1 Brion Vibber 2005-10-04 23:40:24 UTC

Those lines look correct; using || would be incorrect.

Here's the truth matrix:

Is anon, whitelist off: can edit
Not anon, whitelist off: can edit
Is anon, whitelist on: can't edit -> show 'not logged in' page
Not anon, whitelist on: can edit

As you can see this is a boolean 'and' operation.

Can you detail the exact settings you tried and exactly what you tried that "fails to 
have any effect"?

Comment 2 Robert Carter 2005-10-05 00:03:03 UTC

Here is the modified lines from my LocalSettings file:

# -------------- Manual changes ----------------
$wgDisableAnonTalk = true;
$wgDisableUploads = false; # Uploads have to be specially set up to be secure
$wgCheckCopyrightUpload = true;
$wgRawHtml = true;
$wgUserHtml = true;
# See the implimentation of this class for hooks to UoA LDAP
require_once(
'/afs/.ec.auckland.ac.nz/service/www/www.cs/administration/handbook/2006/includes/AuthPlugin.php'
);
$wgAuth = new AuthPlugin();
$wgWhitelistEdit = true;   # true = user must login to edit.
# -------------- End manual changes ----------------

I'm also running a MediaWiki 1.4.4 on another web site and the WhiteList
function works ok on that one. When I grep for the wgWhitelistEdit on both
versions I get the same code.

I've also checked for global scope but that seems ok.

Could SpecialSitesettings.php have any effect? It seems to be disconnected at
present.

Comment 3 Brion Vibber 2005-10-05 00:14:16 UTC

I tried pasting the above settings into my 1.4 test wiki's configuration,
replacing the require_once for your authentication plugin with a reference
to the built-in includes/AuthPlugin.php.

It appears to work as expected: trying to edit a page when not logged in,
I receive the 'Login required to edit' prompt.

Can you try it without the custom auth plugin? Also check that your plugin
works correctly; you seem to be creating an instance of the base AuthPlugin
class. Is that your intention?

Comment 4 Robert Carter 2005-10-05 00:20:04 UTC

With the new instance of the AuthClass removed the wiki behaves as expected.
Thank you for your help.

Wikimedia Bugzilla is closed!

Search

Personal tools

Navigation

Links