Hi all,
We have setup a mediawiki with some extensions (LDAP authentication, FlaggedRevs, etc.) It basically works fine, but we have the problem, that specifc permissions, assigned to the group are not applied correctly.
We have three groups (admin, contributor and readonly) - and the readonly group, doesn't apply it's desiganted permissions correctly:
// Most extra permission abilities go to this group $wgGroupPermissions['admins']['block'] = true; $wgGroupPermissions['admins']['createaccount'] = true; $wgGroupPermissions['admins']['delete'] = true; $wgGroupPermissions['admins']['deletedhistory'] = true; // can view deleted history entries, but not see or restore the text $wgGroupPermissions['admins']['editinterface'] = true; $wgGroupPermissions['admins']['import'] = true; $wgGroupPermissions['admins']['importupload'] = true; $wgGroupPermissions['admins']['move'] = true; $wgGroupPermissions['admins']['patrol'] = true; $wgGroupPermissions['admins']['autopatrol'] = true; $wgGroupPermissions['admins']['protect'] = true; $wgGroupPermissions['admins']['proxyunbannable'] = true; $wgGroupPermissions['admins']['rollback'] = true; $wgGroupPermissions['admins']['trackback'] = true; $wgGroupPermissions['admins']['reupload'] = true; $wgGroupPermissions['admins']['upload'] = true; $wgGroupPermissions['admins']['reupload-shared'] = true; $wgGroupPermissions['admins']['unwatchedpages'] = true; $wgGroupPermissions['admins']['autoconfirmed'] = true; $wgGroupPermissions['admins']['upload_by_url'] = true; $wgGroupPermissions['admins']['ipblock-exempt'] = true; $wgGroupPermissions['admins']['review'] = true;
// Implicit group for all logged-in accounts $wgGroupPermissions['contributor']['move'] = true; $wgGroupPermissions['contributor']['read'] = true; $wgGroupPermissions['contributor']['edit'] = true; $wgGroupPermissions['contributor']['createpage'] = true; $wgGroupPermissions['contributor']['createtalk'] = true; $wgGroupPermissions['contributor']['upload'] = true; $wgGroupPermissions['contributor']['minoredit'] = true;
// Implicit group for all logged-in accounts $wgGroupPermissions['readonly']['read'] = true; $wgGroupPermissions['readonly']['move'] = false; $wgGroupPermissions['readonly']['edit'] = false; $wgGroupPermissions['readonly']['createpage'] = false; $wgGroupPermissions['readonly']['createtalk'] = false; $wgGroupPermissions['readonly']['upload'] = false; $wgGroupPermissions['readonly']['minoredit'] = false;
As you can see, readonly group, should only have read permissions. But when logging in with a readonly account, the account still has permissions to create a new page or move an existing page. I have absolutely no idea, why this isn't working and therefore asking now for some help.
Anything helpful will be much appreciated, and I'm also open to provide some more information, if required.
Thanks and all the best, Simon