<?php
- /*
- * Copyright (C) 2010 Roland Mas, Olaf Lenz
- *
- * This file is part of FusionForge.
- *
- * FusionForge is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * FusionForge is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with FusionForge; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
- /** This contains the local settings for Mediawiki as used in the
- * Mediawiki plugin of FusionForge.
- */
-
-require_once dirname(__FILE__) . '/../../env.inc.php';
+/*
+ * Copyright (C) 2010 Roland Mas, Olaf Lenz
+ *
+ * This file is part of FusionForge.
+ *
+ * FusionForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * FusionForge is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+/** This contains the local settings for Mediawiki as used in the
+ * Mediawiki plugin of FusionForge.
+ */
+
+/* C style inclusion guard. Yes, I know. Don’t comment on it. */
+if (!isset($fusionforge_plugin_mediawiki_LocalSettings_included)) {
+$fusionforge_plugin_mediawiki_LocalSettings_included = true;
+
+require_once dirname(__FILE__) . '/../../../www/env.inc.php';
require_once $gfcommon.'include/pre.php';
+require_once $gfcommon.'include/RBACEngine.class.php';
+sysdebug_lazymode(true);
$IP = forge_get_config('master_path', 'mediawiki');
if (!isset ($fusionforgeproject)) {
- $fusionforgeproject = 'siteadmin' ;
+ $gr=new Group(1);
+ $fusionforgeproject=$gr->getUnixName();
}
+
$exppath = explode ('/', $_SERVER['PHP_SELF']) ;
# determine $fusionforgeproject from the URL
while (count ($exppath) >= 4) {
- if (($exppath[0] == 'plugins') && ($exppath[1] == 'mediawiki') && ($exppath[2] == 'wiki') && ($exppath[4] == 'index.php')) {
+ if (($exppath[0] == 'plugins') &&
+ ($exppath[1] == 'mediawiki') &&
+ ($exppath[2] == 'wiki') &&
+ (($exppath[4] == 'index.php') || ($exppath[4] == 'api.php'))
+ ) {
$fusionforgeproject = $exppath[3] ;
break ;
} else {
}
}
-$project_dir = forge_get_config('projects_path', 'mediawiki') . "/"
+$gconfig_dir = forge_get_config('mwdata_path', 'mediawiki');
+$project_dir = forge_get_config('projects_path', 'mediawiki') . "/"
. $fusionforgeproject ;
if (!is_dir($project_dir)) {
- exit_error (sprintf(_('Mediawiki for project %s not created yet, please wait for a few minutes.'), $fusionforgeproject)) ;
+ exit_error (sprintf(_('Mediawiki for project %s not created yet, please wait for a few minutes.'), $fusionforgeproject.':'.$project_dir)) ;
}
$path = array( $IP, "$IP/includes", "$IP/languages" );
set_include_path( implode( PATH_SEPARATOR, $path ) . PATH_SEPARATOR . get_include_path() );
+require_once( "$IP/includes/AutoLoader.php" );
require_once( "$IP/includes/DefaultSettings.php" );
if ( $wgCommandLineMode ) {
die( "This script must be run from the command line\n" );
}
}
+
+class DatabaseForge extends DatabasePostgres {
+ function __construct($server=false, $user=false, $password=false,
+ $dbName=false, $failFunction=false, $flags=0) {
+ global $wgDBtype;
+
+ $wgDBtype = "postgres";
+ return parent::__construct($server, $user,
+ $password, $dbName, $failFunction, $flags);
+ }
+
+ function tableName($name, $format='quoted') {
+ switch ($name) {
+ case 'interwiki':
+ return 'public.interwiki';
+ default:
+ return DatabasePostgres::tableName($name, $format);
+ }
+ }
+}
+
$g = group_get_object_by_name($fusionforgeproject) ;
$wgSitename = $g->getPublicName() . " Wiki";
$wgScriptPath = "/plugins/mediawiki/wiki/$fusionforgeproject" ;
$wgEmergencyContact = forge_get_config('admin_email');
$wgPasswordSender = forge_get_config('admin_email');
-$wgDBtype = "postgres";
+$wgDBtype = "forge";
$wgDBserver = forge_get_config('database_host') ;
-$wgDBname = forge_get_config('database_name');
+if (forge_get_config('mw_dbtype', 'mediawiki')=='mysql'){
+ // At the time writing schema in mysql is synonym for database
+ $wgDBname = 'plugin_mediawiki_'.$fusionforgeproject;
+ $wgDBprefix = 'mw';
+} else {
+ $wgDBname = forge_get_config('database_name');
+}
$wgDBuser = forge_get_config('database_user') ;
$wgDBpassword = forge_get_config('database_password') ;
$wgDBadminuser = forge_get_config('database_user') ;
$wgLocalInterwiki = $wgSitename;
$wgShowExceptionDetails = true ;
-$wgLanguageCode = "en";
+$wgLanguageCode = strtolower(forge_get_config('default_country_code'));
+
$wgDefaultSkin = 'fusionforge';
+/* DEBUG
+$wgDebugLogFile = '/tmp/wiki.log';
+$wgDebugLogPrefix = '';
+$wgDebugRedirects = true;
+$wgDebugRawPage = true;
+$wgDebugComments = true;
+$wgLogQueries = true;
+$wgDebugDumpSql = true;
+$wgDebugLogGroups = array();
+$wgShowDebug = true;
+$wgSpecialVersionShowHooks = true;
+$wgShowSQLErrors = true;
+$wgColorErrors = true;
+$wgShowExceptionDetails = true;
+$wgShowHostnames = true;
+*/
+
+
$GLOBALS['sys_dbhost'] = forge_get_config('database_host') ;
$GLOBALS['sys_dbport'] = forge_get_config('database_port') ;
$GLOBALS['sys_dbname'] = forge_get_config('database_name') ;
$GLOBALS['sys_lang'] = forge_get_config('default_language') ;
$GLOBALS['sys_urlroot'] = forge_get_config('url_root');
$GLOBALS['sys_session_key'] = forge_get_config('session_key');
-$GLOBALS['sys_session_expire'] = $sys_session_expire;
+$GLOBALS['sys_session_expire'] = forge_get_config('session_expire');
$GLOBALS['REMOTE_ADDR'] = getStringFromServer('REMOTE_ADDR') ;
$GLOBALS['HTTP_USER_AGENT'] = getStringFromServer('HTTP_USER_AGENT') ;
+require_once("$IP/includes/Exception.php");
+require_once("$IP/includes/db/Database.php");
+if (forge_get_config('mw_dbtype', 'mediawiki')=='mysql'){
+ require_once("DatabaseForgeMysql.php");
+}else{
+ require_once("DatabaseForgePgsql.php");
+}
+
+function FusionForgeRoleToMediawikiGroupName ($role, $project) {
+ if ($role instanceof RoleAnonymous) {
+ return '*';
+ } elseif ($role instanceof RoleLoggedIn) {
+ return 'user';
+ } elseif ($role->getHomeProject() == NULL) {
+ return sprintf ('ForgeRole:%s [global]',
+ $role->getName ()) ;
+ } elseif ($role->getHomeProject()->getID() != $project->getID()) {
+ return sprintf ('ForgeRole:%s [project %s]',
+ $role->getName (),
+ $role->getHomeProject()->getUnixName()) ;
+ } else {
+ return sprintf ('ForgeRole:%s',
+ $role->getName ()) ;
+ }
+}
+
function FusionForgeMWAuth( $user, &$result ) {
- global $fusionforgeproject ;
+ global $fusionforgeproject, $wgGroupPermissions ;
- $cookie = getStringFromCookie ('session_ser') ;
- if ($cookie != '') {
- $s = session_check_session_cookie ($cookie);
- } else {
- $s = false ;
- }
- if ($s) {
- $u = user_get_object ($s);
+ session_set();
+
+ if (session_loggedin()) {
+ $u = session_get_user();
$g = group_get_object_by_name ($fusionforgeproject) ;
- $perm =& $g->getPermission ();
- $r =& $u->getRole($g) ;
$mwname = ucfirst($u->getUnixName ()) ;
$mwu = User::newFromName ($mwname);
$user->loadGroups() ;
$current_groups = $user->getGroups() ;
- // Role-based access control
- if (!isset ($r) || !$r || $r->isError()) {
- $rname = '' ;
- } else {
- $rname = "ForgeRole:".$r->getName () ;
+ $available_roles = RBACEngine::getInstance()->getAvailableRoles() ;
+ $rs = array () ;
+ foreach ($available_roles as $r) {
+ $linked_projects = $r->getLinkedProjects () ;
+
+ if ($r->hasGlobalPermission('forge_admin')) {
+ $rs[] = $r ;
+ continue ;
+ }
+
+ foreach ($linked_projects as $lp) {
+ if ($lp->getID() == $g->getID()) {
+ $rs[] = $r ;
+ continue ;
+ }
+ }
+ }
+
+ // Sync MW groups for current user with FF roles
+ $rnames = array () ;
+ foreach ($rs as $r) {
+ $rnames[] = FusionForgeRoleToMediawikiGroupName ($r, $g) ;
}
$role_groups = preg_grep ("/^ForgeRole:/", $current_groups) ;
- foreach ($role_groups as $cg) {
- if ($cg != $rname) {
- $user->removeGroup ($cg) ;
+
+ foreach ($rnames as $rname) {
+ if (!in_array ($rname, $current_groups)) {
+ $user->addGroup ($rname) ;
}
}
- if (!in_array ($rname, $current_groups)) {
- $user->addGroup ($rname) ;
+ foreach ($role_groups as $cg) {
+ if (!in_array ($cg, $rnames)) {
+ $user->removeGroup ($cg) ;
+ }
}
- // Previous (group-based) access control
- $current_groups = $user->getGroups() ;
- if ($perm && is_object($perm) && $perm->isAdmin()) {
- if (!in_array ('sysop', $current_groups)) {
- $user->addGroup ('sysop') ;
- }
- if (!in_array ('Members', $current_groups)) {
- $user->addGroup ('Members') ;
- }
- if (!in_array ('ForgeUsers', $current_groups)) {
- $user->addGroup ('ForgeUsers') ;
- }
- } elseif ($perm && is_object($perm) && $perm->isMember()) {
- if (in_array ('sysop', $current_groups)) {
- $user->removeGroup ('sysop') ;
- }
- if (!in_array ('Members', $current_groups)) {
- $user->addGroup ('Members') ;
- }
- if (!in_array ('ForgeUsers', $current_groups)) {
- $user->addGroup ('ForgeUsers') ;
- }
- } else {
- if (in_array ('sysop', $current_groups)) {
- $user->removeGroup ('sysop') ;
- }
- if (in_array ('Members', $current_groups)) {
- $user->removeGroup ('Members') ;
- }
- if (!in_array ('ForgeUsers', $current_groups)) {
- $user->addGroup ('ForgeUsers') ;
- }
- }
-
$user->setCookies ();
$user->saveSettings ();
wfSetupSession ();
return true ;
}
-//function NoLogoutLinkOnMainPage(&$personal_urls){unset($personal_urls['logout']);return true;}
-//$wgHooks['PersonalUrls']['logout']='NoLogoutLinkOnMainPage';
-//function NoLoginLinkOnMainPage(&$personal_urls){unset($personal_urls['anonlogin']);return true;}
-//$wgHooks['PersonalUrls']['anonlogin']='NoLoginLinkOnMainPage';
+function SetupPermissionsFromRoles () {
+ global $fusionforgeproject, $wgGroupPermissions ;
+
+ $g = group_get_object_by_name ($fusionforgeproject) ;
+ // Setup rights for all roles referenced by project
+ $rids = $g->getRolesID() ;
+ $e = RBACEngine::getInstance();
+ $grs = $e->getGlobalRoles();
+ foreach ($grs as $r) {
+ $rids[] = $r->getID();
+ }
+ $rids = array_unique($rids);
+ $rs = array();
+ foreach ($rids as $rid) {
+ $rs[] = $e->getRoleById($rid);
+ }
+
+ foreach ($rs as $r) {
+ $gr = FusionForgeRoleToMediawikiGroupName ($r, $g) ;
+
+ // Read access
+ $wgGroupPermissions[$gr]['read'] = $r->hasPermission ('plugin_mediawiki_read', $g->getID()) ;
+
+ // Day-to-day edit privileges
+ $wgGroupPermissions[$gr]['edit'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editexisting') ;
+ $wgGroupPermissions[$gr]['writeapi'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editexisting') ;
+ $wgGroupPermissions[$gr]['createpage'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editnew') ;
+ $wgGroupPermissions[$gr]['createtalk'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editnew') ;
+ $wgGroupPermissions[$gr]['minoredit'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editnew') ;
+ $wgGroupPermissions[$gr]['move'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editmove') ;
+ $wgGroupPermissions[$gr]['move-subpages'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editmove') ;
+ $wgGroupPermissions[$gr]['move-rootuserpages'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editmove') ;
+ $wgGroupPermissions[$gr]['delete'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editmove') ;
+ $wgGroupPermissions[$gr]['undelete'] = $r->hasPermission ('plugin_mediawiki_edit', $g->getID(), 'editmove') ;
+
+ // File upload privileges
+ $wgGroupPermissions[$gr]['upload'] = $r->hasPermission ('plugin_mediawiki_upload', $g->getID(), 'upload') ;
+ $wgGroupPermissions[$gr]['reupload-own'] = $r->hasPermission ('plugin_mediawiki_upload', $g->getID(), 'upload') ;
+ $wgGroupPermissions[$gr]['reupload'] = $r->hasPermission ('plugin_mediawiki_upload', $g->getID(), 'reupload') ;
+ $wgGroupPermissions[$gr]['reupload-shared'] = $r->hasPermission ('plugin_mediawiki_upload', $g->getID(), 'reupload') ;
+ $wgGroupPermissions[$gr]['upload_by_url'] = $r->hasPermission ('plugin_mediawiki_upload', $g->getID(), 'reupload') ;
+
+ // Administrative tasks
+ $wgGroupPermissions[$gr]['editinterface'] = $r->hasPermission ('plugin_mediawiki_admin', $g->getID()) ;
+ $wgGroupPermissions[$gr]['import'] = $r->hasPermission ('plugin_mediawiki_admin', $g->getID()) ;
+ $wgGroupPermissions[$gr]['importupload'] = $r->hasPermission ('plugin_mediawiki_admin', $g->getID()) ;
+ $wgGroupPermissions[$gr]['siteadmin'] = $r->hasPermission ('plugin_mediawiki_admin', $g->getID()) ;
+
+ // Interwiki management restricted to forge admins
+ $wgGroupPermissions[$gr]['interwiki'] = $r->hasGlobalPermission ('forge_admin') ;
+ }
+}
+
function NoLinkOnMainPage(&$personal_urls){
unset($personal_urls['anonlogin']);
unset($personal_urls['anontalk']);
}
$wgHooks['PersonalUrls'][]='NoLinkOnMainPage';
-function DisableLogInOut(&$mList) {
- unset($mList['Userlogin']);
- unset($mList['CreateAccount']);
- unset($mList['Resetpass']);
- unset($mList['Userlogout']);
- return true;
+if (isset($_SERVER['SERVER_SOFTWARE'])) {
+ class SpecialForgeRedir extends SpecialPage {
+ var $dstappendself = false;
+
+ function getTitle($subpage="") {
+ return 'SpecialForgeRedir';
+ }
+
+ function getRedirect($subpage="") {
+ return $this;
+ }
+
+ function getRedirectQuery() {
+ return $this;
+ }
+
+ function getFullUrl() {
+ $u = $this->dst;
+ if ($this->dstappendself) {
+ $u .= urlencode(getStringFromServer('REQUEST_URI'));
+ }
+ return util_make_url($u);
+ }
+ }
+
+ class SpecialForgeRedirLogin extends SpecialForgeRedir {
+ var $dstappendself = true;
+ var $dst = '/account/login.php?return_to=';
+ }
+
+ class SpecialForgeRedirCreateAccount extends SpecialForgeRedir {
+ var $dst = '/account/register.php';
+ }
+
+ class SpecialForgeRedirResetPass extends SpecialForgeRedir {
+ var $dst = '/account/lostpw.php';
+ }
+
+ class SpecialForgeRedirLogout extends SpecialForgeRedir {
+ var $dstappendself = true;
+ var $dst = '/account/logout.php?return_to=';
+ }
+
+ function DisableLogInOut(&$mList) {
+ $mList['Userlogin'] = 'SpecialForgeRedirLogin';
+ $mList['CreateAccount'] = 'SpecialForgeRedirCreateAccount';
+ $mList['Resetpass'] = 'SpecialForgeRedirResetPass';
+ $mList['Userlogout'] = 'SpecialForgeRedirLogout';
+ return true;
+ }
+ $GLOBALS['wgHooks']['SpecialPage_initList'][] = 'DisableLogInOut';
}
-$GLOBALS['wgHooks']['SpecialPage_initList'][] = 'DisableLogInOut';
$GLOBALS['wgHooks']['UserLoadFromSession'][]='FusionForgeMWAuth';
-$g = group_get_object_by_name ($fusionforgeproject) ;
-$roles = $g->getRoles () ;
-foreach ($roles as $role) {
- $gr = "ForgeRole:".$role->getName () ;
- switch ($role->getVal('plugin_mediawiki_edit', 0)) {
- case 0:
- $wgGroupPermissions[$gr]['edit'] = false;
- $wgGroupPermissions[$gr]['createpage'] = false;
- $wgGroupPermissions[$gr]['createtalk'] = false;
- break ;
- case 1:
- $wgGroupPermissions[$gr]['edit'] = true;
- $wgGroupPermissions[$gr]['createpage'] = false;
- $wgGroupPermissions[$gr]['createtalk'] = false;
- break ;
- case 2:
- $wgGroupPermissions[$gr]['edit'] = true;
- $wgGroupPermissions[$gr]['createpage'] = true;
- $wgGroupPermissions[$gr]['createtalk'] = true;
- break ;
- }
+$zeroperms = array ('read', 'writeapi', 'edit', 'move-subpages', 'move-rootuserpages', 'reupload-shared', 'createaccount');
+
+foreach ($zeroperms as $i) {
+ $wgGroupPermissions['user'][$i] = false;
+ $wgGroupPermissions['*'][$i] = false;
}
-$wgGroupPermissions['ForgeUsers']['createaccount'] = false;
-$wgGroupPermissions['ForgeUsers']['edit'] = false;
-$wgGroupPermissions['ForgeUsers']['createpage'] = false;
-$wgGroupPermissions['ForgeUsers']['createtalk'] = false;
-
-$wgGroupPermissions['user']['createaccount'] = false;
-$wgGroupPermissions['user']['edit'] = false;
-$wgGroupPermissions['user']['createpage'] = false;
-$wgGroupPermissions['user']['createtalk'] = false;
-
-$wgGroupPermissions['*']['createaccount'] = false;
-$wgGroupPermissions['*']['edit'] = false;
-$wgGroupPermissions['*']['createpage'] = false;
-$wgGroupPermissions['*']['createtalk'] = false;
-
-$res = db_query_params("SELECT is_public from groups where unix_group_name=$1", array($fusionforgeproject)) ;
-$row = db_fetch_array($res);
-$public = $row['is_public'];
-if ($public) {
- // Disable read permissions for non-members
- $wgGroupPermissions['Members']['read'] = true;
- $wgGroupPermissions['ForgeUsers']['read'] = true;
- $wgGroupPermissions['user']['read'] = true;
- $wgGroupPermissions['*']['read'] = true;
-} else {
- // Disable read permissions for non-members
- $wgGroupPermissions['Members']['read'] = true;
- $wgGroupPermissions['ForgeUsers']['read'] = false;
- $wgGroupPermissions['user']['read'] = false;
- $wgGroupPermissions['*']['read'] = false;
-}
+SetupPermissionsFromRoles();
$wgFavicon = '/images/icon.png' ;
$wgBreakFrames = false ;
-ini_set ('memory_limit', '50M') ;
+ini_set ('memory_limit', '100M') ;
-// LOAD THE SITE-WIDE AND PROJECT-SPECIFIC EXTRA-SETTINGS
+// LOAD THE SITE-WIDE AND PROJECT-SPECIFIC EXTRA-SETTINGS
if (is_file(forge_get_config('config_path')."/plugins/mediawiki/LocalSettings.php")) {
include(forge_get_config('config_path')."/plugins/mediawiki/LocalSettings.php");
}
$wgLogo = "$wgScriptPath/images/.wgLogo.png";
}
+// forge global settings
+if (is_file("$gconfig_dir/ForgeSettings.php")) {
+ include ("$gconfig_dir/ForgeSettings.php") ;
+}
// project specific settings
if (is_file("$project_dir/ProjectSettings.php")) {
include ("$project_dir/ProjectSettings.php") ;
-}
+}
// Local Variables:
// mode: php
// c-file-style: "bsd"
// End:
+
+/* !isset($fusionforge_plugin_mediawiki_LocalSettings_included) */
+}