MediaWiki
MediaWiki (hereinafter, the Software) is a free and open-source wiki software. The Software was originally developed for Wikipedia, but now the Software runs on many websites and has become the dominant software in its category. The Software is written in the PHP programming language and stores the contents into a set of databases.
The software is optimized to efficiently handle large projects, which can have terabytes of content and hundreds of thousands of hits per second. According to MediaWiki, achieving scalability through multiple layers of caching and database replication has been a major concern for developers. The software has more than 900 configuration settings and more than 1,900 extensions available for enabling various features to be added or changed.
On Wikipedia alone, more than 1000 automated and semi-automated bots and other tools have been developed to assist in editing. It has also been deployed by some companies as an internal knowledge management system, and some educators have assigned students to use the Software for collaborative group projects.
Contents
Permitted user roles
Permitted user roles are specific access and ability permissions that can be assigned to customizable user groups.
List of permissions
The following user rights are available in the version of MediaWiki that is used for CNM Wikiware.
Right | Description | User groups that have this right | |
---|---|---|---|
Reading | |||
read | WhitelistRead> | *, user | |
Editing | |||
applychangetags | applychangetags | user | |
autocreateaccount | autocreateaccount - 210--> a more limited version of createaccount | — | |
createaccount | createaccount - register / registration | * | |
createpage | 1>edit</> right | *, user | |
createtalk | 1>edit</> right | *, user | |
edit | edit | *, user | |
editsemiprotected | editsemiprotected - 79--> without cascading protection | autoconfirmed | |
editprotected | editprotected - 78--> without cascading protection | sysop | |
move | 1>edit</> right | user | |
move-categorypages | 1>move</> right) | user | |
move-rootuserpages | 1>move</> right | user | |
move-subpages | 1>move</> right | user | |
movefile | 1>move</> right and <tvar|AllowImageMoving>{{ll|Manual:$wgAllowImageMoving|$wgAllowImageMoving</> to be true | user | |
reupload | 1>upload</> right | user | |
reupload-own | 1>upload</> right (note that this is not needed if the group already has the <tvar|reupload>reupload</> right) | — | |
reupload-shared | 1>upload</> right) | user | |
sendemail | sendemail | user | |
upload | 1>edit</> right | user | |
upload_by_url | 1>upload</> right | ||
Management | |||
bigdelete | bigdelete | sysop | |
block | block - 92--> Block options include preventing editing and registering new accounts, and autoblocking other users on the same IP address | sysop | |
blockemail | blockemail - 93--> allows preventing use of the Special:Emailuser interface when blocking | sysop | |
browsearchive | browsearchive - 89--> through Special:Undelete | sysop | |
changetags | changetags - 104--> currently unused by extensions | user | |
delete | 1>'undelete'</> right, see below | sysop | |
deletedhistory | deletedhistory | sysop | |
deletedtext | deletedtext | sysop | |
deletelogentry | deletelogentry - 121--> allows deleting/undeleting information (action text, summary, user who made the action) of specific log entries (not available by default) | — | |
deleterevision | deleterevision - 122--> allows deleting/undeleting information (revision text, edit summary, user who made the edit) of specific revisions 123--> Split into deleterevision and deletelogentry in 1.20 (not available by default) | — | |
editcontentmodel | editcontentmodel | ||
editinterface | editinterface - 106--> contains [[<tvar|man>Special:MyLanguage/Manual:Interface</>|interface messages]] | sysop, interface-admin | |
editmyoptions | editmyoptions | * | |
editmyprivateinfo | editmyprivateinfo | * | |
editmyusercss | editmyusercss | * | |
editmyuserjs | editmyuserjs | * | |
editmyuserjson | editmyuserjson | user | |
editmywatchlist | editmywatchlist | * | |
editsitecss | editsitecss | interface-admin | |
editsitejs | editsitejs | interface-admin | |
editsitejson | editsitejson | interface-admin | |
editusercss | editusercss | interface-admin | |
edituserjs | edituserjs | interface-admin | |
edituserjson | edituserjson | interface-admin | |
hideuser | HideUserContribLimit>{{wg|HideUserContribLimit</> to disable. | ||
markbotedits | markbotedits - 101--> see [[<tvar|man>Special:MyLanguage/Manual:Administrators#Rollback</>|Manual:Administrators#Rollback]] | sysop | |
mergehistory | mergehistory | sysop | |
pagelang | PageLanguageUseDB>{{ll|Manual:$wgPageLanguageUseDB|$wgPageLanguageUseDB</> must be true | ||
patrol | UseRCPatrol>{{ll|Manual:$wgUseRCPatrol|$wgUseRCPatrol</> must be true | sysop | |
patrolmarks | patrolmarks | ||
protect | protect | sysop | |
rollback | rollback | sysop | |
suppressionlog | suppressionlog | ||
suppressrevision | suppressrevision - 119--> Prior to 1.13 this right was named hiderevision (not available by default) | ||
unblockself | unblockself - 96--> Without it, an administrator that has the capability to block cannot unblock themselves if blocked by another administrator | sysop | |
undelete | undelete | sysop | |
userrights | userrights - 97--> allows the assignment or removal of all* groups to any user. 98-->
|
bureaucrat | |
userrights-interwiki | userrights-interwiki | ||
viewmyprivateinfo | viewmyprivateinfo | * | |
viewmywatchlist | viewmywatchlist | * | |
viewsuppressed | viewsuppressed - 120--> i.e. a more narrow alternative to "suppressrevision" (not available by default) | ||
Administration | |||
autopatrol | UseRCPatrol>{{ll|Manual:$wgUseRCPatrol|$wgUseRCPatrol</> must be true | bot, sysop | |
import | import - 126--> “transwiki” | sysop | |
importupload | importupload - 128--> This right was called 'importraw' in and before version 1.5 | sysop | |
managechangetags | managechangetags - 132--> currently unused by extensions | sysop | |
siteadmin | siteadmin - 124--> which blocks all interactions with the web site except viewing. 125--> Disabled by default | ||
unwatchedpages | unwatchedpages - 131--> lists pages that no user has watchlisted | sysop | |
196--> Technical | |||
apihighlimits | apihighlimits | bot, sysop | |
autoconfirmed | autoconfirmed - 145--> used for the 'autoconfirmed' group, see the other table below for more information | autoconfirmed, bot, sysop | |
bot | bot - 134--> can optionally be viewed | bot | |
ipblock-exempt | ipblock-exempt | sysop | |
minoredit | minoredit | user | |
nominornewtalk | nominornewtalk - 137--> requires minor edit right | bot | |
noratelimit | noratelimit - 138--> not affected by [[<tvar|man>Special:MyLanguage/Manual:$wgRateLimits</>|rate limits]] (prior to the introduction of this right, the configuration variable <tvar|RateLimitsExcludedGroups>{{ll|Manual:$wgRateLimitsExcludedGroups|$wgRateLimitsExcludedGroups</> was used for this purpose) | sysop, bureaucrat | |
purge | purge - 135--> [[<tvar|man>Special:MyLanguage/Manual:URL</>|URL parameter]] "&action=purge "
|
user | |
suppressredirect | suppressredirect | bot, sysop | |
writeapi | writeapi | *, user, bot |
List of groups
The following groups are available in the version of MediaWiki that is used for CNM Wikiware.
Group | Description | Default rights |
---|---|---|
* | <translate> all users (including anonymous).</translate> | createaccount, createpage, createtalk, edit, editmyoptions, editmyprivateinfo, editmyusercss, editmyuserjs, editmywatchlist, read, viewmyprivateinfo, viewmywatchlist, writeapi |
user | <translate> registered accounts.</translate> | applychangetags, changetags, createpage, createtalk, edit, minoredit, move, move-categorypages, move-rootuserpages, move-subpages, movefile, purge, read, reupload, reupload-shared, sendemail, upload, writeapi |
autoconfirmed | AutoConfirmAge>Template:Ll</> and having at least as many edits as <tvar|AutoConfirmCount>Template:Ll</>.</translate> | autoconfirmed, editsemiprotected |
bot | <translate> accounts with the bot right (intended for automated scripts).</translate> | autoconfirmed, autopatrol, apihighlimits, bot, editsemiprotected, nominornewtalk, suppressredirect, writeapi |
sysop | <translate> users who by default can delete and restore pages, block and unblock users, et cetera.</translate> | apihighlimits, autoconfirmed, autopatrol, bigdelete, block, blockemail, browsearchive, createaccount, delete, deletedhistory, deletedtext, editinterface, editprotected, editsemiprotected, editusercss, edituserjs, import, importupload, ipblock-exempt, managechangetags, markbotedits, mergehistory, move, move-categorypages, move-rootuserpages, move-subpages, movefile, noratelimit, patrol, protect, proxyunbannable, reupload, reupload-shared, rollback, suppressredirect, unblockself, undelete, unwatchedpages, upload, upload_by_url |
bureaucrat | <translate> users who by default can change other users' rights.</translate> | noratelimit, userrights |
Security
As any open-source software, the Wiki is vulnerable to external attacks:
- https://www.mediawiki.org/wiki/Manual:Security
- https://www.mediawiki.org/wiki/Security_for_developers