Manuel:Accroches/UserGetRights
UserGetRights | |
---|---|
Disponible depuis version 1.11.0 Dynamically adds to or removes from a user the rights implied by their group membership | |
Fonction à définir : | public static function onUserGetRights( User $user, array &$aRights ) { ... }
|
Attacher l'accroche : | Dans extension.json :
{
"Hooks": {
"UserGetRights": "MediaWiki\\Extension\\MyExtension\\Hooks::onUserGetRights"
}
}
|
Appelé de : | Fichier(s) : Permissions/PermissionManager.php Fonction(s) : getUserPermissions |
Interface : | UserGetRightsHook.php |
Pour plus d'information sur l'ajout des accroches (hooks), voir Manuel:Accroches .
Pour des exemples d'extensions utilisant cette accroche, voir Category:UserGetRights extensions/fr .
Détails
- $user - object User
- $aRights - array of user rights
Cas d'utilisation
The UserGetRights
hook permits the implementation of a user rights scheme along side of MediaWiki's built-in group-based permissions architecture.
It can be used to create extensions that
- implement a hierarchical group system where groups can inherit rights from a collection of groups.
- implement an exclude rights rule - users are associated with groups whose rights the do not have.
- add or exclude rights associated with a user rather than a group
- define context based rights - e.g. the same user might have different rights depending on whether they are accessing the wiki via :localhost:, via a VPN, or via the public internet.
- any other scheme available to the programmer's imagination
Background
MediaWiki's built-in permissions architecture uses group-based permissions. Users are assigned to groups; groups are assigned rights; users inherit rights from every group to which they are assigned. This hook can be used to override or supplement the core permissions architecture.
Usage
Hooks modify the rights available to the user by adding or removing elements to $aRights
.
The hook should always return true
so that other functions attached to this hook will have a chance to run.
Removing rights with this hook can be problematic as there is no guarantee another hook handler won't re-add them. The UserGetRightsRemove hook, called immediately after UserGetRights, can be used for that.
See also
- UserGetRightsRemove - for removing rights
- userCan - for more fine-grained permission checks