Extension:NSFileRepo/ja
ページの全体または一部のアクセスを制限する必要がある場合、適切なコンテンツ管理パッケージをインストールすることをお勧めします。 MediaWiki はページごとの制限を提供するためには書かれていませんし、インストールを強く推奨しているハックやパッチにもたいていどこかに欠陥があるものです。すなわち、機密データの流出を招くおそれがあります。 流出したとしても開発者は責任を負いません。
For further details, see Security issues with authorisation extensions |
NSFileRepo リリースの状態: 安定 |
|
---|---|
実装 | 利用者権限 |
説明 | Implements per-namespace group permissions for image and file rights protection |
作者 | Jack D. Pond, Robert Vogel |
メンテナー | Robert Vogel (Hallo Welt! GmbH) |
最新バージョン | 1.35.0 |
MediaWiki | 1.27, 1.35 |
ライセンス | GNU 一般公衆利用許諾書 2.0 以降 |
ダウンロード | |
|
|
四半期ごとのダウンロード数 | 4 (Ranked 125th) |
translatewiki.net で翻訳を利用できる場合は、NSFileRepo 拡張機能の翻訳にご協力ください | |
問題点 | 未解決のタスク · バグを報告 |
The NSFileRepo extension restricts access to upload and read files and images to a given set of user groups associated with protected namespaces. Using this extension (within the security limitations noted above), you can protect not only pages and areas of your wiki, but also any uploaded images or files within those namespaces.
Namespaces are mechanism for grouping/separating wiki pages.
- See Help:Namespaces for more user help documentation on what they are and how they are used.
- See Manual:Namespace for system administration details on MediaWiki's namespace feature
- See Project:Namespaces for an explanation of how namespaces are used on mediawiki.org
使用法
Generically, you use the same syntax as a normal file reference link, adding the namespace between the file specifier ("File", "Image" or "Media") and the file name:
[[{FILE_NS}:{Namespace}:{Filename}]]
Example (where Private
is the protected namespace and Filename.jpg
is the file to which you wish to limit access):
[[File:Private:Filename.jpg]]
The standard for accessing files is generally:
[[File:Filename.jpg]] [[Image:Filename.jpg]] [[Media:Filename.jpg]]
This extension allows you to protect access to files by adding the namespace text identifier after the file namespace identifier, for example (where Private
is the protected namespace and Filename.jpg
is the file to which you wish to limit access):
[[File:Private:Filename.jpg]] [[Image:Private:Filename.jpg]] [[Media:Private:Filename.jpg]]
It may be helpful to understand the default security model used by MediaWiki using the instructions below:
Limitations of security are the same as for Extension:Lockdown. To review these limitations, see here.
To use the full capabilities of this extension (for example, specific namespace protections) you will need to install and use the namespace protections provided through Extension:Lockdown.
This extension was made possible by the introduction of Repository Classes by Tim Starling - an elegant and brilliant implementation. It uses a new Local Repository class mechanism. Technical details on how this extension works can be found here.
インストール
- ダウンロードして、ファイルを
extensions/
フォルダー内のNSFileRepo
という名前のディレクトリ内に配置します。
開発者とコード寄稿者は、上記の代わりに以下を使用してGitからインストールします:cd extensions/
git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/NSFileRepo - 以下のコードを LocalSettings.php ファイルの末尾に追加します:
wfLoadExtension( 'NSFileRepo' );
- Activate the Image authorization according to instructions found in Image authorization
- Configure at your convenience
- 完了 – ウィキの「Special:Version」に移動して、拡張機能が正しくインストールされたことを確認します。
When working with REL1_27
and later, you will need to create a symlink of nsfr_img_auth.php
within your mediawiki installation directory
On Linux use
ln -s extensions/NSFileRepo/nsfr_img_auth.php
On Windows use
mklink nsfr_img_auth.php extensions\NSFileRepo\nsfr_img_auth.php
Also make sure to set a proper value for $wgUploadPath
. E.G.:
$wgUploadPath = "$wgScriptPath/nsfr_img_auth.php";
設定
The user rights and configuration requiremements are are the same as described in Extension Lockdown.
Troubleshooting IIS / UTF-8 encoding
In some unspecified constellations you will have problems by opening files with special characters using nsfr_img_auth.php. The problem was seen by using Windows Server 2012 R2 with IIS 8.5 and PHP 7.2.14. It seems to be a problem with UTF-8 encoding.
You can use this hook as workaround to solve this:
$wgHooks['ImgAuthBeforeCheckFileExists'][] = function( &$path, &$name, &$filename ) {
$path = utf8_encode( $path );
$name = utf8_encode( $name );
$filename = utf8_encode( $filename );
return true;
};
Just put it in the LocalSettings.php and the problem should be solved.
Release notes
Release | Changes |
---|---|
1.27.0 | This major update includes changes for compatibility to MediaWiki REL1_27
|
1.7 | This major update includes a refactoring of the code and is the base for further development, such as a Special:Upload integration. |
1.6 | This major version updated the I18n to json-files. |
1.5 | This is a major update to incorporate several evolved changes to the core FileRepo modules into the extension and to bring the extension up to current coding and core standards. Specifically:
Should be backward compatible, but only tested with HEAD, 1.19 and 1.20 Release 1.5 is available through gerrit and is tagged as NSFileRepoREL1_05 |
1.4 |
|
1.3 | Allow files with namespace protection (e.g. File:ns:yourfile.txt) to be whitelisted using standard $wgWhitelistRead in localsettings. |
1.2 |
|
1.1 |
|
外部リンク
- Extension reference: NSFileRepo
この拡張機能は以下のウィキ ファーム/ウィキ ホスト/パッケージに含まれています: これは正式な一覧ではありません。 一部のウィキ ファーム/ウィキ ホスト/パッケージは、ここに記載されていなくてもこの拡張機能を含んでいる場合があります。 必ずご利用のウィキ ファーム、ウィキ ホスト、バンドルで確認してください。 |
- Page specific user rights extensions/ja
- Stable extensions/ja
- User rights extensions/ja
- GPL licensed extensions/ja
- Extensions in Wikimedia version control/ja
- BeforePageDisplay extensions/ja
- GetPreferences extensions/ja
- ImgAuthBeforeStream extensions/ja
- MWStakeCommonWebAPIsQueryStoreResult extensions/ja
- SkinTemplateNavigation::Universal extensions/ja
- UploadForm:BeforeProcessing extensions/ja
- UploadFormInitDescriptor extensions/ja
- UploadVerifyFile extensions/ja
- GetUserPermissionsErrors extensions/ja
- All extensions/ja
- Extensions included in MyWikis/ja
- View page extensions/ja
- Edit extensions/ja
- Namespace extensions/ja
- File repository extensions/ja
- Extensions by HalloWelt/ja