MWX/Invite/notes: Difference between revisions

From Woozle Writes Code
< MWX‎ | Invite
Jump to navigation Jump to search
No edit summary
m (Woozle moved page Special-Invite/notes to MWX/Invite/notes: reorganizing MW extensions)
 
(11 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Notes==
==MediaWiki API issues==
===related discussions===
* [[mw:Anonymous editor acquisition/Signup invites]]
===selectively enabling account creation===
The tricky part of this is the interface with MediaWiki to selectively allow a visitor (i.e. one who has a valid invite code) to request an account when visitors are not generally allowed to access that page.
The tricky part of this is the interface with MediaWiki to selectively allow a visitor (i.e. one who has a valid invite code) to request an account when visitors are not generally allowed to access that page.


The class for creating pages based on the "Create account" page is apparently [https://doc.wikimedia.org/mediawiki-core/master/php/classLoginSignupSpecialPage.html  LoginSignupSpecialPage]... except [[mw:Manual:LoginSignupSpecialPage.php|the documentation]] says "This feature was removed completely in version 1.33." (...and yet the file is still present in 1.34.2)
The class for creating pages based on the "Create account" page is apparently [https://doc.wikimedia.org/mediawiki-core/master/php/classLoginSignupSpecialPage.html  LoginSignupSpecialPage]... except [[mw:Manual:LoginSignupSpecialPage.php|the documentation]] says "This feature was removed completely in version 1.33." (...and yet the file is still present in 1.34.2)
The ''actual'' class for handling account requests appears to be [https://doc.wikimedia.org/mediawiki-core/master/php/classSpecialCreateAccount.html SpecialCreateAccount] ...which descends from LoginSignupSpecialPage. (Honestly, guys, I think that class is still in use.)
Posts:
* '''2020-09-06''' posted a [https://toot.cat/@woozle/104819648051582653 call for help] on Mastodon
* '''2020-09-07''' and then in desperation, [https://www.mediawiki.org/wiki/Topic:Vtk1jmnjcfz71wq1 submitted a help-desk request]
Attempts:
* [[/take 1]]: descending from SpecialCreateAccount was a dead end
* [[/take 2]]: hook interception works and is simpler (but don't forget to declare all hooks)
===checking for admin permission===
This bit (where you check whether the user can access the admin interface) was easier, but I did find several ways to do it. There's an obvious best way; the others may be useful in future.
First you get the object for the current User. SpecialPages have a built-in function so you don't have to use the $wgUser global:
<source lang=php>$mwoUser = $this->getUser();</source>
The obvious best way to find out if the user has permission to create other accounts:
<source lang=php>$mwoUser->isAllowedToCreateAccount();</source>
Other ways:
<source lang=php>
// 1. get groups for user, then get perms for those groups
$arGroups = $mwoUser->getEffectiveGroups();
$arPerms = \User::getGroupPermissions($arGroups);
           
// 2. get perms for user
$arPerms = $mwoUser->getRights();
// 3. get flag for whether the user has the "create account" permission
$canMakeUsers = $mwoUser->isAllowed('createaccount');
</source>

Latest revision as of 00:31, 17 April 2022

MediaWiki API issues

related discussions

selectively enabling account creation

The tricky part of this is the interface with MediaWiki to selectively allow a visitor (i.e. one who has a valid invite code) to request an account when visitors are not generally allowed to access that page.

The class for creating pages based on the "Create account" page is apparently LoginSignupSpecialPage... except the documentation says "This feature was removed completely in version 1.33." (...and yet the file is still present in 1.34.2)

The actual class for handling account requests appears to be SpecialCreateAccount ...which descends from LoginSignupSpecialPage. (Honestly, guys, I think that class is still in use.)

Posts:

Attempts:

  • /take 1: descending from SpecialCreateAccount was a dead end
  • /take 2: hook interception works and is simpler (but don't forget to declare all hooks)

checking for admin permission

This bit (where you check whether the user can access the admin interface) was easier, but I did find several ways to do it. There's an obvious best way; the others may be useful in future.

First you get the object for the current User. SpecialPages have a built-in function so you don't have to use the $wgUser global:

$mwoUser = $this->getUser();

The obvious best way to find out if the user has permission to create other accounts:

$mwoUser->isAllowedToCreateAccount();

Other ways:

// 1. get groups for user, then get perms for those groups
$arGroups = $mwoUser->getEffectiveGroups();
$arPerms = \User::getGroupPermissions($arGroups);
            
// 2. get perms for user
$arPerms = $mwoUser->getRights();

// 3. get flag for whether the user has the "create account" permission
$canMakeUsers = $mwoUser->isAllowed('createaccount');