You are here Home > Know-how > MediaWiki - CMS > Authentication / Authorization > Authorization
MediaWiki - CMS
  

7.3 Authorization

 15.06.2007
7.2 includes/AuthPlugin.php [  up  ] - [ A - Z ] - [ top ] 7.3.1 Restrict Access
7.1   Block anonymous Users
7.2   includes/AuthPlugin.php
7.3   Authorization
7.3.1   Restrict Access

How to protect files

Important   WikiSysop can also protect a file by setting its description page to the «protection view». Others cannot overwrite such files anymore. Other users will see such an error message:

Upload warning → Protected page

How to remove rights to specific actions

In the following example of includes/DefaultSettings.php a common user may not move pages or upload files anymore.

Important   Tip: You can also setup a read-only Wiki by out-commenting these lines: 
$wgGroupPermissions['*'    ]['read']   = true;
$wgGroupPermissions['*'    ]['edit']   = true;


/**
 * Permission keys given to users in each group.
 * All users are implicitly in the '*' group including anonymous visitors;
 * logged-in users are all implicitly in the 'user' group. These will be
 * combined with the permissions of all groups that a given user is listed
 * in in the user_groups table.
 *
 * This replaces wgWhitelistAccount and wgWhitelistEdit
 */
$wgGroupPermissions = array();

$wgGroupPermissions['*'    ]['createaccount']   = true;
$wgGroupPermissions['*'    ]['read']            = true;
$wgGroupPermissions['*'    ]['edit']            = true;

$wgGroupPermissions['user' ]['move']            = false;
$wgGroupPermissions['user' ]['read']            = true;
$wgGroupPermissions['user' ]['edit']            = true;
$wgGroupPermissions['user' ]['upload']          = false;

$wgGroupPermissions['bot'  ]['bot']             = true;

$wgGroupPermissions['sysop']['block']           = true;
$wgGroupPermissions['sysop']['createaccount']   = true;
$wgGroupPermissions['sysop']['delete']          = true;
$wgGroupPermissions['sysop']['editinterface']   = true;
$wgGroupPermissions['sysop']['import']          = true;
$wgGroupPermissions['sysop']['importupload']    = true;
$wgGroupPermissions['sysop']['move']            = true;
$wgGroupPermissions['sysop']['patrol']          = true;
$wgGroupPermissions['sysop']['protect']         = true;
$wgGroupPermissions['sysop']['rollback']        = true;
$wgGroupPermissions['sysop']['upload']          = true;

$wgGroupPermissions['bureaucrat']['userrights'] = true;
// Used by the Special:Renameuser extension
$wgGroupPermissions['bureaucrat']['renameuser'] = true;

Add your own group


Important   Since MediaWiki 1.5.3 you will not find the groups of your Wiki in the database anymore but in the DefaultSettings.php file.

Edit includes/DefaultSettings.php 
$wgGroupPermissions['foogroup' ]['move']            = true;
$wgGroupPermissions['foogroup' ]['read']            = true;
$wgGroupPermissions['foogroup' ]['edit']            = true;
$wgGroupPermissions['foogroup' ]['upload']          = true;
Then, assign your new group to specific users:
localhost/wiki/index.php/Special:Userrights

See also:
Authentication authorization
meta.wikimedia.org/wiki/Page_access_restriction_with_MediaWiki


7.2 includes/AuthPlugin.php       A - Z Index       Top       Disclaimer       7.3.1 Restrict Access


$Id: authorization.html,v 1.85 2007/06/15 11:49:14 webcms Exp $
copyright © 2005-2007 by reto