Extension:NSFileRepo

This page is a translated version of the page Extension:NSFileRepo and the translation is 60% complete.
MediaWiki扩展手册
NSFileRepo
发行状态: 稳定版
实现 用户权限
描述 Implements per-namespace group permissions for image and file rights protection
作者 Jack D. Pond, Robert Vogel
维护者 Robert Vogel (Hallo Welt! GmbH)
最新版本 1.35.0
MediaWiki 1.27, 1.35
许可协议 GNU通用公眾授權條款2.0或更新版本
下載
  • $wgNamespaceBlacklist
  • $wgNamespaceThreshold
  • $wgForceDownload
  • $wgSkipTalk
季度下載量 6 (Ranked 131st)
前往translatewiki.net翻譯NSFileRepo扩展
問題 开启的任务 · 报告错误

The NSFileRepo extension restricts access to upload and read files and images to a given set of user groups associated with protected namespaces. Using this extension (within the security limitations noted above), you can protect not only pages and areas of your wiki, but also any uploaded images or files within those namespaces.

Namespaces are mechanism for grouping/separating wiki pages.

  • See Help:Namespaces for more user help documentation on what they are and how they are used.
  • See Manual:Namespace for system administration details on MediaWiki's namespace feature
  • See Project:Namespaces for an explanation of how namespaces are used on mediawiki.org

用法

Generically, you use the same syntax as a normal file reference link, adding the namespace between the file specifier ("File", "Image" or "Media") and the file name:

[[{FILE_NS}:{Namespace}:{Filename}]]

Example (where Private is the protected namespace and Filename.jpg is the file to which you wish to limit access):

[[File:Private:Filename.jpg]]

The standard for accessing files is generally:

[[File:Filename.jpg]]
[[Image:Filename.jpg]]
[[Media:Filename.jpg]]

This extension allows you to protect access to files by adding the namespace text identifier after the file namespace identifier, for example (where Private is the protected namespace and Filename.jpg is the file to which you wish to limit access):

[[File:Private:Filename.jpg]]
[[Image:Private:Filename.jpg]]
[[Media:Private:Filename.jpg]]

It may be helpful to understand the default security model used by MediaWiki using the instructions below:

Limitations of security are the same as for Extension:Lockdown. To review these limitations, see here.

To use the full capabilities of this extension (for example, specific namespace protections) you will need to install and use the namespace protections provided through Extension:Lockdown.

This extension was made possible by the introduction of Repository Classes by Tim Starling - an elegant and brilliant implementation. It uses a new Local Repository class mechanism. Technical details on how this extension works can be found here.

安裝

This extension requires the Lockdown extension to be installed first.


  • 下载文件,并将解压后的NSFileRepo文件夹移动到extensions/目录中。
    开发者和代码贡献人员应从Git安装扩展,输入:cd extensions/
    git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/NSFileRepo
  • 将下列代码放置在您的LocalSettings.php 的底部:
    wfLoadExtension( 'NSFileRepo' );
    
  • Activate the Image authorization according to instructions found in Image authorization
  • Configure at your convenience
  •   完成 – 在您的wiki上导航至Special:Version,以验证已成功安装扩展。

When working with REL1_27 and later, you will need to create a symlink of nsfr_img_auth.php within your mediawiki installation directory

On Linux use

ln -s extensions/NSFileRepo/nsfr_img_auth.php

On Windows use

mklink nsfr_img_auth.php extensions\NSFileRepo\nsfr_img_auth.php

Also make sure to set a proper value for $wgUploadPath. E.G.:

$wgUploadPath = "$wgScriptPath/nsfr_img_auth.php";

配置

The user rights and configuration requiremements are are the same as described in Extension Lockdown.

You will need to read and understand two other required enhancements to MediaWiki:

Troubleshooting IIS / UTF-8 encoding

In some unspecified constellations you will have problems by opening files with special characters using nsfr_img_auth.php. The problem was seen by using Windows Server 2012 R2 with IIS 8.5 and PHP 7.2.14. It seems to be a problem with UTF-8 encoding.

You can use this hook as workaround to solve this:

$wgHooks['ImgAuthBeforeCheckFileExists'][] = function( &$path, &$name, &$filename ) {
	$path = utf8_encode( $path );
	$name = utf8_encode( $name );
	$filename = utf8_encode( $filename );
	return true;
};

Just put it in the LocalSettings.php and the problem should be solved.

发行说明

Release Changes
1.27.0 This major update includes changes for compatibility to MediaWiki REL1_27
  • Build upon FileBackend architecture by Aaron Schulz
1.7 This major update includes a refactoring of the code and is the base for further development, such as a Special:Upload integration.
1.6 This major version updated the I18n to json-files.
1.5 This is a major update to incorporate several evolved changes to the core FileRepo modules into the extension and to bring the extension up to current coding and core standards. Specifically:
  • Bug Fix for 47364 - Fixed Move/Relocate issue and cleared result array for Title
  • Synchronized with changes made to the core FileRepo classes and methods. It now reflects fixes and upgrades as of 2013-2-27
  • Updated for Documentation (doxygen)
  • Cleared result array for userCan hook (NSFileRepolockdownUserCan) since Title now takes anything in that array to be an affirmative (user can)

Should be backward compatible, but only tested with HEAD, 1.19 and 1.20

Release 1.5 is available through gerrit and is tagged as NSFileRepoREL1_05

1.4
  • Bug Fixes - Thumbnails did not display properly in History (and even in uploads of past files). The problem is fixed with 1.16 (and the current trunk version of NSFileRepo), but in versions of MW before 1.16, archived thumbnails still break because LocalFile.php uses hard-coded class of OldLocalFile instead of $repo->oldFileFactory which would instantiate the correct NSLocalFile class.
  • Works with all namespaces > 1000 (used to only work with NS >=11 and <1000)
  • Use NS_IMAGE instead of NS_FILE for backward compatibility
  • Upgrades - Now works completely with >1.16. Changes were made for 100% backward compatibility. Even though it can be used all the way back to 1.13, the thumbnails probably will not display correctly because of issues with FileRepo before 1.16. This is a cosmetic versus a functional issue - if it bothers you, just disable thumbnails. If you're not using automatically generated thumbnails, you wouldn't notice the difference.
1.3 Allow files with namespace protection (e.g. File:ns:yourfile.txt) to be whitelisted using standard $wgWhitelistRead in localsettings.
1.2
  • Fixed bug with reuploads and versioning
  • Added protection to archived files and thumbs
  • Known bug - deleted files are removed from protected Namespace and can be accessed - working on fix, but for now, recommend do not delete files.
1.1
  • First fully tested version, works with MW 1.13.1, 1.14.1, 1.15.1 with patches
  • Works with 1.16.0 (trunk) without patches.

外部链接