How can I protect Special:Special_pages to only registered user read? I already have $wgGroupPermissions['*']['edit'] = false; but I don't want everyone see Special pages
Topic on Project:Support desk/Flow
$wgGroupPermissions['*']['read'] = false; prevents viewing the complete wiki for anonymous users. What you need might be possible based on Namespaces. See Manual:Namespace.
I don't want to block all pages to anonymous, I just want to block Special pages. I read this Manual:Namespace, and I want to block anonymous to view "Special" with namespace -1. How can I do that?
Now that you have described so clearly what you want, I think this is possible with a hook.
Check the list Manual:Hooks and pick the one, which is executed, when a user tries to view a page. Then inside this hook you can check, if the current page is in namespace "-1" and if the user is currently logged in. If the page is in namespace "-1" and the user is not logged in, set permission to view the page to false.
I read Manual:Hooks but I cant find what I want, sorry...I just found a ArticleViewHeader option, in this case I can use like this: $wgHooks['ArticleViewHeader'][] = array( 'namespace -1 view = false' );. Is this? How can I write that code?
Manual:Special pages has a link to a message that shows how to making a few SpecialPages restricted. Maybe that would help you?
Manual:Special_pages#Restricting_page_access This is exact what I want! but I don't know how use in my wiki, I have to add this on my LocalSettings: function __construct() {
parent::__construct( 'MyExtension', 'editinterface' ); // restrict to sysops
}
?
That code snippet is for writing your own special page. You need to look at the code on the link I provided or further down on Special pages. Adding something like this to your LocalSettings.php should work, but I haven't tested this:
function disableAllSpecialPages(&$list) { global $wgUser; if(!$wgUser->isAllowed('editinterface')) { $list = array(); } return true; } $wgHooks['SpecialPage_initList'][]='disableAllSpecialPages';
The above code snippet by Mark works great! Just some difference:
- Use isLoggedIn instead of isAllowed
- Enable the "Login Page" (that is a Special page)
So you can do it adding this row:
function disableAllSpecialPages(&$list) { global $wgUser; if(!$wgUser->isLoggedIn()) { $list = array(); // Enable Login page $list['Userlogin'] = "LoginForm"; } return true; } $wgHooks['SpecialPage_initList'][]='disableAllSpecialPages';
This works like a charm! only login is allowed even the user knows the special pages names and paths!
Thanks a lot!
David
Unfortunately, whilst hiding special pages, UserLogin now returns an internal error - Fatal exception of type "Wikimedia\Assert\ParameterAssertionException"
The above hack is 4 years old and might not work as is.
Would be easier to simply use Extension:Lockdown.