Extension:FlaggedRevs/Restricting unapproved revisions

Warning:

This page is not updated since 2014; you may want Extension:Moderation instead if you want to make unapproved revisions private.

This page describes how to only give read access to the stable versions of articles to anonymous users for MediaWiki 1.17+.

Basic idea

This approach works as follows:

(i) Make all pages unreadable and uneditable by non-users (that is, readable only for users)
(ii) But make the stable version of pages an exception in that they are readable to non-users

The details to do this are described in the next few sections.

Making the site readable only by users

See Manual:Preventing_access#Restrict_viewing_of_all_pages and Manual:Preventing_access#Restrict_editing_of_all_pages

Add these lines to your LocalSettings.php file:

# Disable reading by anonymous users
$wgGroupPermissions['*']['read'] = false;
$wgGroupPermissions['*']['edit'] = false;

# But allow them to read e.g., these pages:
$wgWhitelistRead =  array ( "Main Page", "Special:Userlogin", "Help:Contents");
 
# Like previous, but for French (be careful of encoding! save file as UTF-8!)
# $wgWhitelistRead = array( ":Page Principale", "Special:Userlogin", "Aide en français");

Adding stable version as exemption for non-users

Add the following to LocalSettings.php:

	 # Flagged revisions are always visible to users with rights below. 	 
	 # Use '*' for non-user accounts. This is for read-restricted wikis. 	 
	 $wgFlaggedRevsVisible = array( '*' );

$wgFlaggedRevsVisible is an array of user groups. Setting it to array('*') will let all visitors be able to see the stable version of pages. Setting it to array('supergroup') will make the stable versions visible to users in the group 'supergroup'.

You also don't have to use these global variables and can just hard code whatever is needed into the efFlaggedRevsHooks_userCanView function mentioned below.

MediaWiki >= 1.19

Add the following code to LocalSettings.php (or an appropriate custom start-up config file):

$wgHooks['TitleReadWhitelist'][] = 'efFlaggedRevsHooks_userCanView';

...and then define the following function:

function efFlaggedRevsHooks_userCanView( Title $title, $user, &$result ) {
    global $wgFlaggedRevsVisible, $wgTitle;
    if ( empty( $wgFlaggedRevsVisible ) ) {
        return true;
    }
    # Admin may set this to false, rather than array()...
    $groups = $user->getGroups();
    $groups[] = '*';
    if ( !array_intersect( $groups, $wgFlaggedRevsVisible ) ) {
        return true;
    }
    # See if there is a stable version. Also, see if, given the page
    # config and URL params, the page can be overridden. The later
    # only applies on page views of $title.
    if ( !empty( $wgTitle ) && $wgTitle->equals( $title ) ) {
        $view = FlaggablePageView::singleton();
        // Cache stable version while we are at it.
        if ( $view->showingStable() ) {
            $result = true;
        }
    } else {
        // Search and such need to know that the reader can view this page
        if ( FlaggedRevision::newFromStable( $title ) ) {
            $result = true;
        }
    }
    return true;
}

MediaWiki <= 1.18

Add the following code to localsettings.php (or an appropriate custom start-up config file):

$wgHooks['userCan'][] = 'efFlaggedRevsHooks_userCanView';

...and then define the following function:

function efFlaggedRevsHooks_userCanView( Title $title, $user, $action, &$result ) {
    global $wgFlaggedRevsVisible, $wgTitle;
    # Assume $action may still not be set, in which case, treat it as 'view'...
    # Return out if $result set to false by some other hooked call.
    if ( $action !== 'read' || $result === false || empty( $wgFlaggedRevsVisible ) ) {
        return true;
    }
    # Check if user is in a group that at least lets them see stable versions
    $groups = array_merge( $user->getGroups(), array( '*' ) );
    if ( !array_intersect( $groups, $wgFlaggedRevsVisible ) ) {
        return true;
    }
    # See if there is a stable version. Also, see if, given the page 
    # config and URL params, the page can be overridden. The later
    # only applies on page views of $title.
    if ( !empty( $wgTitle ) && $wgTitle->equals( $title ) ) {
        $view = FlaggedArticleView::singleton();
        // Cache stable version while we are at it.
        if ( $view->showingStable() ) {
            $result = true;
        }
    } else {
        // Search and such need to know that the reader can view this page
        if ( FlaggedRevision::newFromStable( $title ) ) {
            $result = true;
        }
    }
    return true;
}

Caveats

Warning:

This does not work well with img_auth.php, as non-user viewers will not be able to see images. You will probably just want to leave images public but under hashed directories to make them harder to find. This is acceptable if there are no private files and the main concern is just not to release unverified content.

Warning:

The search index is still based on the current version of pages, but only results for pages with stable versions are displayed at Special:Search. If a stable version is out of date then unreviewed content for that page becomes theoretically discoverable by brute force searching.

This will probably be useless without having $wgFlaggedRevsOverride = true.

Make sure that $wgWhitelistRead is set properly. You will at least want something like $wgWhitelistRead = array( 'Main Page', 'Special:Search' ). You may also want visible directory or category pages. Otherwise, the wiki will be hard to browse for readers.

You will probably want to edit MediaWiki:loginreqpagetext to make it more detailed. It will come up in various situations and thus should explain the approval system setup.

Whitelisting non-reviewed pages per namespace

Instead of using the $wgWhitelistRead setting to whitelist particular non-reviewed pages that should remain readable, one can whitelist selected namespaces. With this approach, one can for example whitelist:

Only NS_SPECIAL – the bare minimum for usability with this approach.
All namespaces for which FlaggedRevs is not enabled.

To do the latter of these, one can modify the code for LocalSettings.php provided further above (either version), adding the below immediately above the line with the "See if there is a stable version. [...]" comment:

    global $wgFlaggedRevsNamespaces;
    # Whitelist page if not in a reviewed namespace
    if ( !in_array( $wgTitle->getNamespace(),
        $wgFlaggedRevsNamespaces ) ) {
        $result = true;
        return true;
    }

The use of the $wgFlaggedRevsNamespaces array in the above code can be replaced with any other array of namespace entries. In this way, one can freely configure which namespaces to whitelist.

The above approach can also be combined with the use of the $wgWhitelistRead setting – this allows whitelisting only particular unreviewed pages in certain namespaces, while also fully whitelisting other namespaces.

By whitelisting pages inside a function, it is also possible to check pages according to other criteria than their namespaces, if needed for a particular wiki. More advanced checks might use other data provided by MediaWiki, and/or by other MediaWiki extensions.