Difference between revisions of "MediaWiki"

From CNM Wiki
Jump to: navigation, search
(List of permissions)
(List of permissions)
Line 54: Line 54:
 
|editsemiprotected - 79--> without cascading protection
 
|editsemiprotected - 79--> without cascading protection
 
|autoconfirmed
 
|autoconfirmed
|1.22+
 
 
|-
 
|-
 
|editprotected
 
|editprotected
Line 128: Line 127:
 
|delete '''1.5–1.11:''' 82--> allows the deletion or undeletion of pages.<br />'''1.12+:''' 83--> allows the deletion of pages. 84--> For undeletions, there is now the <tvar|1>'undelete'</> right, see below
 
|delete '''1.5–1.11:''' 82--> allows the deletion or undeletion of pages.<br />'''1.12+:''' 83--> allows the deletion of pages. 84--> For undeletions, there is now the <tvar|1>'undelete'</> right, see below
 
|sysop
 
|sysop
|[[rev:9367|1.5+]]
 
 
|-
 
|-
 
|deletedhistory
 
|deletedhistory
 
|deletedhistory
 
|deletedhistory
 
|sysop
 
|sysop
|[[rev:12241|1.6+]]
 
 
|-
 
|-
 
|deletedtext
 
|deletedtext
Line 143: Line 140:
 
|deletelogentry - 121--> allows deleting/undeleting information (action text, summary, user who made the action) of specific log entries (''not available by default'')
 
|deletelogentry - 121--> allows deleting/undeleting information (action text, summary, user who made the action) of specific log entries (''not available by default'')
 
|—
 
|—
|[[gerrit:12889|1.20+]]
 
 
|-
 
|-
 
|deleterevision
 
|deleterevision
Line 159: Line 155:
 
|editmyoptions
 
|editmyoptions
 
|*
 
|*
|1.22+
 
 
|-
 
|-
 
|editmyprivateinfo
 
|editmyprivateinfo
 
|editmyprivateinfo
 
|editmyprivateinfo
 
|*
 
|*
|1.22+
 
 
|-
 
|-
 
|editmyusercss
 
|editmyusercss
 
|editmyusercss
 
|editmyusercss
 
|*
 
|*
|1.22+
 
 
|-
 
|-
 
|editmyuserjs
 
|editmyuserjs
 
| editmyuserjs
 
| editmyuserjs
 
|*
 
|*
|1.22+
 
 
|-
 
|-
 
|editmyuserjson
 
|editmyuserjson
 
|editmyuserjson
 
|editmyuserjson
 
|user
 
|user
|[[gerrit:408940|1.31+]]
 
 
|-
 
|-
 
|editmywatchlist
 
|editmywatchlist
 
|editmywatchlist
 
|editmywatchlist
 
|*
 
|*
|1.22+
 
 
|-
 
|-
 
|editsitecss
 
|editsitecss
 
|editsitecss
 
|editsitecss
 
|interface-admin
 
|interface-admin
|[[gerrit:421121|1.32+]]
 
 
|-
 
|-
 
|editsitejs
 
|editsitejs
 
|editsitejs
 
|editsitejs
 
|interface-admin
 
|interface-admin
|[[gerrit:421121|1.32+]]
 
 
|-
 
|-
 
|editsitejson
 
|editsitejson

Revision as of 02:49, 1 October 2018

MediaWiki (hereinafter, the Software) is a free and open-source wiki software. The Software was originally developed for Wikipedia, but now the Software runs on many websites and has become the dominant software in its category. The Software is written in the PHP programming language and stores the contents into a set of databases.

The software is optimized to efficiently handle large projects, which can have terabytes of content and hundreds of thousands of hits per second. According to MediaWiki, achieving scalability through multiple layers of caching and database replication has been a major concern for developers. The software has more than 900 configuration settings and more than 1,900 extensions available for enabling various features to be added or changed.

On Wikipedia alone, more than 1000 automated and semi-automated bots and other tools have been developed to assist in editing. It has also been deployed by some companies as an internal knowledge management system, and some educators have assigned students to use the Software for collaborative group projects.


Permitted user roles

Permitted user roles are specific access and ability permissions that can be assigned to customizable user groups.

List of permissions

The following user rights are available in the version of MediaWiki that is used as CNM Wikiware.

Right Description User groups that have this right
192--> Reading
read WhitelistRead> *, user
193--> Editing
applychangetags applychangetags user
autocreateaccount autocreateaccount - 210--> a more limited version of createaccount
createaccount createaccount - register / registration *
createpage 1>edit</> right *, user
createtalk 1>edit</> right *, user
edit edit *, user
editsemiprotected editsemiprotected - 79--> without cascading protection autoconfirmed
editprotected editprotected - 78--> without cascading protection sysop
move 1>edit</> right user
move-categorypages 1>move</> right) user
move-rootuserpages 1>move</> right user
move-subpages 1>move</> right user
movefile 1>move</> right and <tvar|AllowImageMoving>{{ll|Manual:$wgAllowImageMoving|$wgAllowImageMoving</> to be true user
reupload 1>upload</> right user
reupload-own 1>upload</> right (note that this is not needed if the group already has the <tvar|reupload>reupload</> right)
reupload-shared 1>upload</> right) user
sendemail sendemail user
upload 1>edit</> right user
upload_by_url 1>upload</> right
194--> Management
bigdelete bigdelete sysop
block block - 92--> Block options include preventing editing and registering new accounts, and autoblocking other users on the same IP address sysop
blockemail blockemail - 93--> allows preventing use of the Special:Emailuser interface when blocking sysop
browsearchive browsearchive - 89--> through Special:Undelete sysop
changetags changetags - 104--> currently unused by extensions user
delete 1>'undelete'</> right, see below sysop
deletedhistory deletedhistory sysop
deletedtext deletedtext sysop
deletelogentry deletelogentry - 121--> allows deleting/undeleting information (action text, summary, user who made the action) of specific log entries (not available by default)
deleterevision deleterevision - 122--> allows deleting/undeleting information (revision text, edit summary, user who made the edit) of specific revisions 123--> Split into deleterevision and deletelogentry in 1.20 (not available by default)
editcontentmodel editcontentmodel
editinterface editinterface - 106--> contains [[<tvar|man>Special:MyLanguage/Manual:Interface</>|interface messages]] sysop, interface-admin
editmyoptions editmyoptions *
editmyprivateinfo editmyprivateinfo *
editmyusercss editmyusercss *
editmyuserjs editmyuserjs *
editmyuserjson editmyuserjson user
editmywatchlist editmywatchlist *
editsitecss editsitecss interface-admin
editsitejs editsitejs interface-admin
editsitejson editsitejson interface-admin 1.32+
editusercss editusercss interface-admin 1.16+
edituserjs edituserjs interface-admin 1.16+
edituserjson edituserjson interface-admin 1.31+
hideuser hideuser - 94-->

(not available by default)

212--> Only users with 1000 edits or less can be suppressed by default. 213--> Use <tvar|HideUserContribLimit>{{wg|HideUserContribLimit</> to disable.

1.10+
markbotedits markbotedits - 101--> see [[<tvar|man>Special:MyLanguage/Manual:Administrators#Rollback</>|Manual:Administrators#Rollback]] sysop 1.12+
mergehistory mergehistory sysop 1.12+
pagelang PageLanguageUseDB>{{ll|Manual:$wgPageLanguageUseDB|$wgPageLanguageUseDB</> must be true 1.24+
patrol UseRCPatrol>{{ll|Manual:$wgUseRCPatrol|$wgUseRCPatrol</> must be true sysop 1.5+
patrolmarks patrolmarks 1.16+
protect protect sysop 1.5+
rollback rollback sysop 1.5+
suppressionlog suppressionlog 1.6+
suppressrevision suppressrevision - 119--> Prior to 1.13 this right was named hiderevision (not available by default) 1.6+
unblockself unblockself - 96--> Without it, an administrator that has the capability to block cannot unblock themselves if blocked by another administrator sysop 1.17+
undelete undelete sysop 1.12+
userrights userrights - 97--> allows the assignment or removal of all* groups to any user.
98-->
  • With <tvar|AddGroups>{{ll|Manual:$wgAddGroups|$wgAddGroups</> and <tvar|RemoveGroups>{{ll|Manual:$wgRemoveGroups|$wgRemoveGroups</> you can set the possibility to add/remove certain groups instead of all
bureaucrat 1.5+
userrights-interwiki userrights-interwiki 1.12+
viewmyprivateinfo viewmyprivateinfo * 1.22+
viewmywatchlist viewmywatchlist * 1.22+
viewsuppressed viewsuppressed - 120--> i.e. a more narrow alternative to "suppressrevision" (not available by default) 1.24+
195--> Administration
autopatrol UseRCPatrol>{{ll|Manual:$wgUseRCPatrol|$wgUseRCPatrol</> must be true bot, sysop 1.9+
import import - 126--> “transwiki” sysop 1.5+
importupload importupload - 128--> This right was called 'importraw' in and before version 1.5 sysop 1.5+
managechangetags managechangetags - 132--> currently unused by extensions sysop 1.25+
siteadmin siteadmin - 124--> which blocks all interactions with the web site except viewing. 125--> Disabled by default 1.5+
unwatchedpages unwatchedpages - 131--> lists pages that no user has watchlisted sysop 1.6+
196--> Technical
apihighlimits apihighlimits bot, sysop 1.12+
autoconfirmed autoconfirmed - 145--> used for the 'autoconfirmed' group, see the other table below for more information autoconfirmed, bot, sysop 1.6+
bot bot - 134--> can optionally be viewed bot 1.5+
ipblock-exempt ipblock-exempt sysop 1.9+
minoredit minoredit user 1.6+
nominornewtalk nominornewtalk - 137--> requires minor edit right bot 1.9+
noratelimit noratelimit - 138--> not affected by [[<tvar|man>Special:MyLanguage/Manual:$wgRateLimits</>|rate limits]] (prior to the introduction of this right, the configuration variable <tvar|RateLimitsExcludedGroups>{{ll|Manual:$wgRateLimitsExcludedGroups|$wgRateLimitsExcludedGroups</> was used for this purpose) sysop, bureaucrat 1.13+
purge purge - 135--> [[<tvar|man>Special:MyLanguage/Manual:URL</>|URL parameter]] "&action=purge" user 1.10+
suppressredirect suppressredirect bot, sysop 1.12+
writeapi writeapi *, user, bot

List of groups

The following groups are available in the latest version of MediaWiki.</translate> <translate> If you are using an older version then some of these may not be implemented. </translate>

Template:Hl2 | <translate> Group</translate> Template:Hl2 | <translate> Description</translate> Template:Hl2 | <translate> Default rights</translate> Template:Hl2 | <translate> Versions</translate>
* <translate> all users (including anonymous).</translate> createaccount, createpage, createtalk, edit, editmyoptions, editmyprivateinfo, editmyusercss, editmyuserjs, editmywatchlist, read, viewmyprivateinfo, viewmywatchlist, writeapi 1.5+
user <translate> registered accounts.</translate> applychangetags, changetags, createpage, createtalk, edit, minoredit, move, move-categorypages, move-rootuserpages, move-subpages, movefile, purge, read, reupload, reupload-shared, sendemail, upload, writeapi
autoconfirmed AutoConfirmAge>Template:Ll</> and having at least as many edits as <tvar|AutoConfirmCount>Template:Ll</>.</translate> autoconfirmed, editsemiprotected 1.6+
bot <translate> accounts with the bot right (intended for automated scripts).</translate> autoconfirmed, autopatrol, apihighlimits, bot, editsemiprotected, nominornewtalk, suppressredirect, writeapi 1.5+
sysop <translate> users who by default can delete and restore pages, block and unblock users, et cetera.</translate> apihighlimits, autoconfirmed, autopatrol, bigdelete, block, blockemail, browsearchive, createaccount, delete, deletedhistory, deletedtext, editinterface, editprotected, editsemiprotected, editusercss, edituserjs, import, importupload, ipblock-exempt, managechangetags, markbotedits, mergehistory, move, move-categorypages, move-rootuserpages, move-subpages, movefile, noratelimit, patrol, protect, proxyunbannable, reupload, reupload-shared, rollback, suppressredirect, unblockself, undelete, unwatchedpages, upload, upload_by_url 1.5+
bureaucrat <translate> users who by default can change other users' rights.</translate> noratelimit, userrights 1.5+

<translate> From MW 1.12, you can create your own groups into which users are automatically promoted (as with autoconfirmed and emailconfirmed) using <tvar|AutoPromote>Template:Ll</>.</translate> <translate> You can even create any custom group by just assigning rights to them.

Default rights

The default rights are defined in <tvar|DefaultSettings>Template:Ll</>.</translate> <translate>

<translate>

<translate>

  • Additional rights: you should be able to list all the permissions available on your wiki by running <tvar|getAllRights>User::getAllRights()</>.

</translate>

Template:Anchor <translate>

Adding new rights

</translate> <translate> Information for coders only follows.</translate>

<translate> If you're adding a new right in core, for instance to [[<tvar|man>Special:MyLanguage/Manual:Special pages</>|control a new special page]], you are required to add it to the list of available rights in <tvar|User>Template:Ll</>, $mCoreRights ([<tvar|url>https://gerrit.wikimedia.org/r/#/c/135312/73/includes/User.php</> example]).</translate> <translate> If you're {{<tvar|man>ll|Manual:Developing extensions</>|doing so in an extension}}, you instead need to use <tvar|AvailableRights>Template:Ll</>.

You probably also want to assign it to some user group by editing <tvar|GroupPermissions>Template:Ll</> described above.

If you want this right to be accessible to external applications by <tvar|OAuth>Template:Ll</> or by [[<tvar|botpasswords>Manual:Bot passwords</>|bot passwords]], then you will need to add it to a grant by editing <tvar|GrantPermissions>Template:Ll</>.</translate>

<source lang="php"> // create ninja-powers right $wgAvailableRights[] = 'ninja-powers';

//add ninja-powers to the ninja-group $wgGroupPermissions['ninja']['ninja-powers'] = true;

//add ninja-powers to the 'basic' grant so we can use our ninja powers over an API request $wgGrantPermissions['basic']['ninja-powers'] = true; </source>

Security

As any open-source software, the Wiki is vulnerable to external attacks:

Getting started