Sans objet
Fri Sep 2 16:33:14 UTC 2011
> If a member has multiple groups, they get the highest permission of any groups.
> ...
> all registered users are in the 'user' group.
I'd guess that all your logged-in user are part of the 'user' group, which has permission to edit.
I suppose that you could replace all the 'readonly' with 'user' and obtain the desired results.
Hope it helps,
Alexis
On 29/11/11 10:38, Simon Reber wrote :
> Hi all,
>
> We have setup a mediawiki with some extensions (LDAP authentication,
> FlaggedRevs, etc.)
> It basically works fine, but we have the problem, that specifc
> permissions, assigned to the group are not applied correctly.
>
> We have three groups (admin, contributor and readonly) - and the
> readonly group, doesn't apply it's desiganted permissions correctly:
>
> // Most extra permission abilities go to this group
> $wgGroupPermissions['admins']['block'] = true;
> $wgGroupPermissions['admins']['createaccount'] = true;
> $wgGroupPermissions['admins']['delete'] = true;
> $wgGroupPermissions['admins']['deletedhistory'] = true; // can view
> deleted history entries, but not see or restore the text
> $wgGroupPermissions['admins']['editinterface'] = true;
> $wgGroupPermissions['admins']['import'] = true;
> $wgGroupPermissions['admins']['importupload'] = true;
> $wgGroupPermissions['admins']['move'] = true;
> $wgGroupPermissions['admins']['patrol'] = true;
> $wgGroupPermissions['admins']['autopatrol'] = true;
> $wgGroupPermissions['admins']['protect'] = true;
> $wgGroupPermissions['admins']['proxyunbannable'] = true;
> $wgGroupPermissions['admins']['rollback'] = true;
> $wgGroupPermissions['admins']['trackback'] = true;
> $wgGroupPermissions['admins']['reupload'] = true;
> $wgGroupPermissions['admins']['upload'] = true;
> $wgGroupPermissions['admins']['reupload-shared'] = true;
> $wgGroupPermissions['admins']['unwatchedpages'] = true;
> $wgGroupPermissions['admins']['autoconfirmed'] = true;
> $wgGroupPermissions['admins']['upload_by_url'] = true;
> $wgGroupPermissions['admins']['ipblock-exempt'] = true;
> $wgGroupPermissions['admins']['review'] = true;
>
> // Implicit group for all logged-in accounts
> $wgGroupPermissions['contributor']['move'] = true;
> $wgGroupPermissions['contributor']['read'] = true;
> $wgGroupPermissions['contributor']['edit'] = true;
> $wgGroupPermissions['contributor']['createpage'] = true;
> $wgGroupPermissions['contributor']['createtalk'] = true;
> $wgGroupPermissions['contributor']['upload'] = true;
> $wgGroupPermissions['contributor']['minoredit'] = true;
>
> // Implicit group for all logged-in accounts
> $wgGroupPermissions['readonly']['read'] = true;
> $wgGroupPermissions['readonly']['move'] = false;
> $wgGroupPermissions['readonly']['edit'] = false;
> $wgGroupPermissions['readonly']['createpage'] = false;
> $wgGroupPermissions['readonly']['createtalk'] = false;
> $wgGroupPermissions['readonly']['upload'] = false;
> $wgGroupPermissions['readonly']['minoredit'] = false;
>
>
> As you can see, readonly group, should only have read permissions. But
> when logging in with a readonly account, the account still has
> permissions to create a new page or move an existing page.
> I have absolutely no idea, why this isn't working and therefore asking
> now for some help.
>
> Anything helpful will be much appreciated, and I'm also open to provide
> some more information, if required.
>
> Thanks and all the best,
> Simon
More information about the MediaWiki-l
mailing list