From: Jie B. <ba...@cs...> - 2008-08-28 23:14:49
|
Hi all There is a need in our wiki to protect some sensitive pages. We use a namespace and group based approach. E.g., all pages in the "xyz" name space is only accessible by users in the group "abc". However, people out of the "abc" group can still query about triples of "xyz" pages. For example, a page "xyz:page1" may have [[category:x]] [[has title:something you can't know]]. Then a user can query it using {{#ask: [[category:x]] [[has title::*]] }} This query can be put on any page the user has access to, or even be previewed (hence the admin has no trace of who is naughty) Is there a way to filter out, in the result of a query, the triples a user are forbidden to read? Or is there a plan to add this feature in the near future? Thanks -- Jie http://www.cs.rpi.edu/~baojie |
From: Daniel F. <dan...@te...> - 2008-08-29 00:32:12
|
MediaWiki wasn't designed to hide content. The only supported method of content hiding is hiding content on the entire wiki. Per-page, per-namespace, per-whatever hiding isn't supported. I'd recommend attempting to hide sensitive information even if SMW did support that, you noticed SMW not supporting it. But even inside of MediaWiki itself methods of bypassing view restrictions keep popping up. Templates, export, dumps, feeds, recentchanges, and a fair number of other things are known for breaking partial view restriction in the past. Some of them are fixed, but it's likely that there may be more methods of bypassing view restriction that we either don't know about now, or will be introduced by a new feature. Though when it comes to SMW, to be frank I don't think it should be SMW's job to handle this. SMW is made to query the info, it's not an access restriction extension and it's programmers shouldn't be required to program portions of an access restriction extension into it. Adding access restriction likely is even going to complicate queries and perhaps rob performance. That kind of stuff might even make it harder to get wikimedia to accept it. ~Daniel Friesen(Dantman, Nadir-Seen-Fire) of: -The Nadir-Point Group (http://nadir-point.com) --It's Wiki-Tools subgroup (http://wiki-tools.com) --The ElectronicMe project (http://electronic-me.org) --Games-G.P.S. (http://ggps.org) -And Wikia ACG on Wikia.com (http://wikia.com/wiki/Wikia_ACG) --Animepedia (http://anime.wikia.com) --Narutopedia (http://naruto.wikia.com) Jie Bao wrote: > Hi all > > There is a need in our wiki to protect some sensitive pages. We use a > namespace and group based approach. E.g., all pages in the "xyz" name > space is only accessible by users in the group "abc". > > However, people out of the "abc" group can still query about triples > of "xyz" pages. For example, a page "xyz:page1" may have > [[category:x]] [[has title:something you can't know]]. > > Then a user can query it using > > {{#ask: > [[category:x]] > [[has title::*]] > }} > > This query can be put on any page the user has access to, or even be > previewed (hence the admin has no trace of who is naughty) > > Is there a way to filter out, in the result of a query, the triples a > user are forbidden to read? Or is there a plan to add this feature in > the near future? Thanks > |