Category:Access Control
overview
Pages marked by these category:Access Control categories are subject to access control privilege checks.
The access control mechanism is provided by customisations of
Restrict access by category and group[1] extension originally developed by Andrés Orencio Ramirez Perez.
The original code is a callback that provided a yes/no access decision to view a page based solely on correlating page category markings to various privilege groups. The $access type was ignored and the grant was assumed for read privileges.
read access
Pages containing these read access control categories are [[:category:private]] and not accessible by a user unless the user is assigned to at least one of the corresponding privilege groups by an administrator, or the page has been marked with category:public, or the page is a white-listed page (e.g. Special:Login, Special:Logout).
The group privileges are setup in LocalSettings.php and groups are assigned to users from Special:UserRights pages.
The category:public is an inclusive privacy marking that makes the page visible to all users, including unauthenticated users.
Only authenticated users who are assigned to at least one group, and administrators, may access pages that are not marked with any Category marking.
Pages marked with any other read category:Access Control markings are only accessible to authenticated users who have been assigned the corresponding group. In this way those categories work like an inclusive-or] where they are not exclusive markings (such as private or User:).
The special category [[some-category:user:<name>]] followed by a user name is a marking that provides that user with an exclusion from other users accessing their page, except for the [[sysop]] [[administrator]], or except when the page is also marked with another user's [[some-category:user:<other-user-name>]] mark.
The category:private and special user: categories are exclusive, and the user must be a member of the private group, or be one of the users marked on the page, or a sysop respectively.
unauthenticated users
🚩 Anonymous users are only able to Access:
- pages containing the [[category:public|public]] privilege, and
- Special: pages:
- [[Special:Login]]
- [[Special:Logout]]
- [[Special:UserLogin]]
- [[Special:UserLogout]]
- [[Special:Badtitle]]
- [[Special:Random]]
- [[Special:RecentChanges]]
- [[Special:Version]]
- [[Special:AllPages]]
edit access
Access control markings have been extended to include the edit action (and may be extended to other actions in the future). Where the action follows the category: prefix.
The specialisations involve [[category:edit:user:]] and [[category:edit:]] markings, where group is a synonym of the category marking. e.g. [[category:edit:user:ralph]] or [[category:edit:trainer]]
Some examples follow:
- [[category:edit:user:ralph]] will permit the page to be edited by [[user:ralph]] or a [[sysop]]
- [[:category:edit:trainer]] will permit the page to be edited by a user that has been assigned to the group [[trainer]].
references
categories
This page is marked as category:public so the public (anonymous users) may access/view the page.
Pages in category "Access Control"
The following 2 pages are in this category, out of 2 total.