Then, at authentication time the $wgGroupPermissions
array could be
populated based on whether or not the user is in these groups like:
foreach ($myGroupMap as $mwGroup => $adGroup) {
if (plexcel_is_member_of($adGroup)) {
$wgGroupPermissions[$mwGroup] = ???
}
}
It seems dynamically adding people to MW groups does not degrade the
existing security mechansims of MW.
Of course the '???' part is a blur - are there any hooks for
this sort of thing?
Are you trying to add a user to MediaWiki groups, or are you trying to
add permissions to a group?
It looks like you are trying to add permissions. Why not instead
synchronize the user's groups from AD, to MediaWiki? Then admins can
assign permissions to LDAP groups via MediaWiki like they normally do.
See the LDAP Authentication plugin, specifically the "setGroups"
function.
V/r,
Ryan Lane