[Mediawiki-l] adding namespaces and rights
Jack D. Pond
jack.pond at psitex.com
Tue Sep 8 16:27:44 UTC 2009
Andre -
When using lockdown and namespace, I generally try to follow a set pattern
that always works - even if it's a bit verbose:
1. Define the namespace
2. If using SemanticMediawiki, define whether or not that namespace is
searchable
3. Define groups and add them to the namespaces
4. Indicate whether or not the namespaces are allowed content
5. Add user group accounts
6. Set default privileges for non-custom namespaces
7. Include lockdown (and NSFileRepo if using file lockdowns too)
8. Set lockdown permissions on namespace
Example Follows:
#
# 1. Add namepace reference, must start with >100, standard usage is even
for namespace and odd for talk namespace
#
define('NS_TEST', 100);
define('NS_TEST_talk', 101);
# Semantic MediaWiki requires 10 namespaces starting at the first available.
# This will move the smw namespaces to start at the namespace below, and
will run through this plus 9.
# Once this has been initialized for this wiki, it should never be changed.
The next available namspace if you want to add
# more custom namepaces should start at this + 10.
$smwgNamespaceIndex = 102;
#define('NS_NEXTAVAILABLE', 112);
# 2. If you wish an added namespace to be enabled for semantic links, it
must be added to this array
# Must be done before including both lockdown and the
$smwgNamespacesWithSemanticLinksAdd = array(NS_TEST => true, NS_TESTDENIED
=> true);
#
# 3. Give the groups their names and add them to the custom namespaces
#
$wgExtraNamespaces[NS_TEST] = "TEST";
$wgExtraNamespaces[NS_TEST_talk] = "TEST_talk";
#
# 4. Indicate these namespaces are actually eligible to have content
#
$wgContentNamespaces[] = NS_TEST;
$wgContentNamespaces[] = NS_TEST_talk;
# 5. Add new user group accounts - usually patterned after default 'user'
privileges
# test accounts - establish account
$wgGroupPermissions['test']['read'] = true;
# 6. Set default privileges for non-custom namespaces
# Set implicit groups for all visitors
$wgGroupPermissions['*']['createaccount'] = true;
$wgGroupPermissions['*']['read'] = false;
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createpage'] = false;
$wgGroupPermissions['*']['createtalk'] = false;
$wgGroupPermissions['*']['upload'] = false;
$wgGroupPermissions['*']['reupload'] = false;
$wgGroupPermissions['*']['reupload-shared'] = false;
$wgGroupPermissions['*']['minoredit'] = false;
# Implicit group for all logged-in accounts
$wgGroupPermissions['user']['createaccount'] = true;
$wgGroupPermissions['user']['move'] = false;
$wgGroupPermissions['user']['read'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['user']['createpage'] = false;
$wgGroupPermissions['user']['createtalk'] = false;
$wgGroupPermissions['user']['upload'] = false;
$wgGroupPermissions['user']['reupload'] = false;
$wgGroupPermissions['user']['reupload-shared'] = false;
$wgGroupPermissions['user']['minoredit'] = false;
# Approved accounts
$wgGroupPermissions['approved']['move'] = true;
$wgGroupPermissions['approved']['read'] = true;
$wgGroupPermissions['approved']['edit'] = true;
$wgGroupPermissions['approved']['create'] = true;
$wgGroupPermissions['approved']['createpage'] = true;
$wgGroupPermissions['approved']['createtalk'] = true;
$wgGroupPermissions['approved']['upload'] = true;
$wgGroupPermissions['approved']['reupload'] = true;
$wgGroupPermissions['approved']['reupload-shared'] = true;
$wgGroupPermissions['approved']['minoredit'] = true;
# Sysops
$wgGroupPermissions['sysop']['move'] = true;
$wgGroupPermissions['sysop']['read'] = true;
$wgGroupPermissions['sysop']['edit'] = true;
$wgGroupPermissions['sysop']['create'] = true;
$wgGroupPermissions['sysop']['delete'] = true;
$wgGroupPermissions['sysop']['createpage'] = true;
$wgGroupPermissions['sysop']['createtalk'] = true;
$wgGroupPermissions['sysop']['upload'] = true;
$wgGroupPermissions['sysop']['reupload'] = true;
$wgGroupPermissions['sysop']['reupload-shared'] = true;
$wgGroupPermissions['sysop']['minoredit'] = true;
$wgGroupPermissions['sysop']['deleteuser'] = true;
# 7. Include lockdown extensions
require_once("$IP/extensions/Lockdown/Lockdown.php");
require_once("$IP/extensions/NSFileRepo/NSFileRepo.php"); // for file/image
lockdown only
require_once("$IP/extensions/SemanticMediaWiki/includes/SMW_Settings.php");
if (isset($smwgNamespacesWithSemanticLinksAdd))
{
foreach($smwgNamespacesWithSemanticLinksAdd as $taddlinkkey =>
$taddlink)
$smwgNamespacesWithSemanticLinks[$taddlinkkey] = $taddlink;
}
enableSemantics('wiki.montcopa.org');
require_once('extensions/SemanticForms/includes/SF_Settings.php');
require_once("$IP/extensions/SemanticResultFormats/SRF_Settings.php");
#
# Allow everyone to read everything, just protecting writes and updates - do
not put this in if you want only the first page public
#
$wgGroupPermissions['*']['read'] = true;
# 8. Set up namespace lockdown protections
$wgNamespacePermissionLockdown[NS_TEST]['read'] = array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST]['edit'] = array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST]['move'] = array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST]['createpage'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST]['createtalk'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST]['upload'] = array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST]['reupload'] = array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST]['reupload-shared'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST]['minoredit'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['read'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['edit'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['move'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['createpage'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['createtalk'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['upload'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['reupload'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['reupload-shared'] =
array('test','sysop');
$wgNamespacePermissionLockdown[NS_TEST_talk]['minoredit'] = array('test');
> -----Original Message-----
> From: mediawiki-l-bounces at lists.wikimedia.org
> [mailto:mediawiki-l-bounces at lists.wikimedia.org] On Behalf Of
> André Meunier
> Sent: Friday, September 04, 2009 5:58 AM
> To: mediawiki-l at lists.wikimedia.org
> Subject: [Mediawiki-l] adding namespaces and rights
>
> Hello,
>
> I already had configured a namespace with certain rights
> defined for users in that group :
>
> $wgGroupPermissions['bac2008']['read'] = true;
> $wgGroupPermissions['bac2008']['edit'] = true;
> $wgGroupPermissions['bac2008']['createpage']= true;
> $wgGroupPermissions['bac2008']['upload']= true;
> $wgGroupPermissions['bac2008']['createtalk']= true;
> $wgExtraNamespaces = array(100 => "bac2008", 101 => "bac2008_talk" );
>
> $wgGroupPermissions['root']['editroot'] = true;
>
> $wgNamespaceProtection[NS_MAIN] =
> $wgNamespaceProtection[NS_USER] =
> $wgNamespaceProtection[NS_PROJECT] =
> $wgNamespaceProtection[NS_IMAGE] =
> $wgNamespaceProtection[NS_TEMPLATE] =
> $wgNamespaceProtection[NS_HELP] =
> $wgNamespaceProtection[NS_CATEGORY] = array( 'editroot' );
>
> $wgGroupPermissions['bac2008']['editbac2008'] = true;
> $wgNamespaceProtection[ 100 ] = array( 'editbac2008' );
>
>
> I want to add another namespace, with other rights for other
> users. I tried adding :
>
> $wgGroupPermissions['gt_acc']['read'] = true;
> $wgGroupPermissions['gt_acc']['edit'] = true;
> $wgGroupPermissions['gt_acc']['createpage']= true;
> $wgGroupPermissions['gt_acc']['upload']= true;
> $wgGroupPermissions['gt_acc']['createtalk']= true;
> $wgExtraNamespaces = array(200 => "gt_acc", 201 => "gt_acc_talk" );
>
> $wgGroupPermissions['gt_acc']['editgt_acc'] = true;
> $wgNamespaceProtection[ 200 ] = array( 'editgt_acc' );
>
>
> But then, pages from my first namespace [bac2008] doesn't
> work. Pages I had made for that namespace are marked as not created.
> I'll need to make several more namespaces, for different
> groups using the wiki (some groups who can only access their
> namespace, some groups who can access several namespaces).
>
> What I am doing wrong? Is there any way easier than this one?
>
> Thanks
>
> André
>
>
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l at lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
More information about the MediaWiki-l
mailing list