Santosh Krishnan wrote:
Hi Everyone,
I've used an older version of MediaWiki and I've seen how powerful it can
be. I have a few questions, which I've been unable to answer and am hoping
that you can do so.
My concerns are chiefly around security and user access.
Since I'm not trying to use it to create a user editable Wiki, I would want
to disallow the general user to be able to create any content within the
deployed implementation. I would want only my designated personnel to
create and maintain documents within it. I don't know if it's possible to
restrict it on this level.
It's quite easy if done in an all-of-nothing fashion. You could for
instance forbid anoynmous users to edit or create accounts.
Or in your case, allow editing just for those in a given group.
Second, I wouldn't want it to look like Wikipedia,
and specifically, I would
want it to have a visual look and feel in line with the remainder of my
website. I know that we can implement skins on MediaWiki, but I don't know
how versatile it is.
It can be done. It mosly depends on how versatile is the guy you have
creating your skin.
Third, I would want to be able to restrict certain
pages from being viewed
without someone having logged in (and I would want those user IDs to be
controlled by my personnel so that only if one of my guys provides a user ID
will that page be accessible - meaning that perhaps we have private
information and we must first validate that the person who wishes to view it
is first vetted by my team and then my team member will create a user ID for
that person). Is this possible?
It's easy to only let your team to create accounts. It's also easy to
restrict the whole wiki so that it is only viewable for registered users
(with the ability to except a handful of pages).
If you want to make it so that some pages can only be viewed by some
users, and several of them they unable to view each others private
pages, then MediaWiki has no support for that. You need to enter into
the world of security extensions. Doesn't look hard, but there's always
the case that it doesn't take into account some loophole through which
it's possible to access that kind of page which you were not supposed to.