MediaWiki

From CNM Wiki
Revision as of 02:32, 1 October 2018 by Gary (talk | contribs) (List of permissions)
Jump to: navigation, search

MediaWiki (hereinafter, the Software) is a free and open-source wiki software. The Software was originally developed for Wikipedia, but now the Software runs on many websites and has become the dominant software in its category. The Software is written in the PHP programming language and stores the contents into a set of databases.

The software is optimized to efficiently handle large projects, which can have terabytes of content and hundreds of thousands of hits per second. According to MediaWiki, achieving scalability through multiple layers of caching and database replication has been a major concern for developers. The software has more than 900 configuration settings and more than 1,900 extensions available for enabling various features to be added or changed.

On Wikipedia alone, more than 1000 automated and semi-automated bots and other tools have been developed to assist in editing. It has also been deployed by some companies as an internal knowledge management system, and some educators have assigned students to use the Software for collaborative group projects.


Permitted user roles

Permitted user roles are specific access and ability permissions that can be assigned to customizable user groups.

List of permissions

The following user rights are available in the version of MediaWiki that is used as CNM Wikiware.

Right Description User groups that have this right
192--> Reading
read WhitelistRead> *, user
193--> Editing
applychangetags applychangetags user
autocreateaccount autocreateaccount - 210--> a more limited version of createaccount
createaccount createaccount - register / registration *
createpage 1>edit</> right *, user
createtalk 1>edit</> right *, user 1.6+
edit edit *, user 1.5+
editsemiprotected editsemiprotected - 79--> without cascading protection autoconfirmed 1.22+
editprotected editprotected - 78--> without cascading protection sysop 1.13+
move 1>edit</> right user 1.5+
move-categorypages 1>move</> right) user 1.25+
move-rootuserpages 1>move</> right user 1.14+
move-subpages 1>move</> right user 1.13+
movefile 1>move</> right and <tvar|AllowImageMoving>{{ll|Manual:$wgAllowImageMoving|$wgAllowImageMoving</> to be true user 1.14+
reupload 1>upload</> right user 1.6+
reupload-own 1>upload</> right (note that this is not needed if the group already has the <tvar|reupload>reupload</> right) 1.11+
reupload-shared 1>upload</> right) user 1.6+
sendemail sendemail user 1.16+
upload 1>edit</> right user 1.5+
upload_by_url 1>upload</> right 1.8+
194--> Management
bigdelete bigdelete sysop 1.12+
block block - 92--> Block options include preventing editing and registering new accounts, and autoblocking other users on the same IP address sysop 1.5+
blockemail blockemail - 93--> allows preventing use of the Special:Emailuser interface when blocking sysop 1.11+
browsearchive browsearchive - 89--> through Special:Undelete sysop 1.13+
changetags changetags - 104--> currently unused by extensions user 1.25+
delete 1>'undelete'</> right, see below sysop 1.5+
deletedhistory deletedhistory sysop 1.6+
deletedtext deletedtext sysop
deletelogentry deletelogentry - 121--> allows deleting/undeleting information (action text, summary, user who made the action) of specific log entries (not available by default) 1.20+
deleterevision deleterevision - 122--> allows deleting/undeleting information (revision text, edit summary, user who made the edit) of specific revisions 123--> Split into deleterevision and deletelogentry in 1.20 (not available by default) 1.6+
editcontentmodel editcontentmodel 1.23.7+
editinterface editinterface - 106--> contains [[<tvar|man>Special:MyLanguage/Manual:Interface</>|interface messages]] sysop, interface-admin 1.5+
editmyoptions editmyoptions * 1.22+
editmyprivateinfo editmyprivateinfo * 1.22+
editmyusercss editmyusercss * 1.22+
editmyuserjs editmyuserjs * 1.22+
editmyuserjson editmyuserjson user 1.31+
editmywatchlist editmywatchlist * 1.22+
editsitecss editsitecss interface-admin 1.32+
editsitejs editsitejs interface-admin 1.32+
editsitejson editsitejson interface-admin 1.32+
editusercss editusercss interface-admin 1.16+
edituserjs edituserjs interface-admin 1.16+
edituserjson edituserjson interface-admin 1.31+
hideuser hideuser - 94-->

(not available by default)

212--> Only users with 1000 edits or less can be suppressed by default. 213--> Use <tvar|HideUserContribLimit>{{wg|HideUserContribLimit</> to disable.

1.10+
markbotedits markbotedits - 101--> see [[<tvar|man>Special:MyLanguage/Manual:Administrators#Rollback</>|Manual:Administrators#Rollback]] sysop 1.12+
mergehistory mergehistory sysop 1.12+
pagelang PageLanguageUseDB>{{ll|Manual:$wgPageLanguageUseDB|$wgPageLanguageUseDB</> must be true 1.24+
patrol UseRCPatrol>{{ll|Manual:$wgUseRCPatrol|$wgUseRCPatrol</> must be true sysop 1.5+
patrolmarks patrolmarks 1.16+
protect protect sysop 1.5+
rollback rollback sysop 1.5+
suppressionlog suppressionlog 1.6+
suppressrevision suppressrevision - 119--> Prior to 1.13 this right was named hiderevision (not available by default) 1.6+
unblockself unblockself - 96--> Without it, an administrator that has the capability to block cannot unblock themselves if blocked by another administrator sysop 1.17+
undelete undelete sysop 1.12+
userrights userrights - 97--> allows the assignment or removal of all* groups to any user.
98-->
  • With <tvar|AddGroups>{{ll|Manual:$wgAddGroups|$wgAddGroups</> and <tvar|RemoveGroups>{{ll|Manual:$wgRemoveGroups|$wgRemoveGroups</> you can set the possibility to add/remove certain groups instead of all
bureaucrat 1.5+
userrights-interwiki userrights-interwiki 1.12+
viewmyprivateinfo viewmyprivateinfo * 1.22+
viewmywatchlist viewmywatchlist * 1.22+
viewsuppressed viewsuppressed - 120--> i.e. a more narrow alternative to "suppressrevision" (not available by default) 1.24+
195--> Administration
autopatrol UseRCPatrol>{{ll|Manual:$wgUseRCPatrol|$wgUseRCPatrol</> must be true bot, sysop 1.9+
import import - 126--> “transwiki” sysop 1.5+
importupload importupload - 128--> This right was called 'importraw' in and before version 1.5 sysop 1.5+
managechangetags managechangetags - 132--> currently unused by extensions sysop 1.25+
siteadmin siteadmin - 124--> which blocks all interactions with the web site except viewing. 125--> Disabled by default 1.5+
unwatchedpages unwatchedpages - 131--> lists pages that no user has watchlisted sysop 1.6+
196--> Technical
apihighlimits apihighlimits bot, sysop 1.12+
autoconfirmed autoconfirmed - 145--> used for the 'autoconfirmed' group, see the other table below for more information autoconfirmed, bot, sysop 1.6+
bot bot - 134--> can optionally be viewed bot 1.5+
ipblock-exempt ipblock-exempt sysop 1.9+
minoredit minoredit user 1.6+
nominornewtalk nominornewtalk - 137--> requires minor edit right bot 1.9+
noratelimit noratelimit - 138--> not affected by [[<tvar|man>Special:MyLanguage/Manual:$wgRateLimits</>|rate limits]] (prior to the introduction of this right, the configuration variable <tvar|RateLimitsExcludedGroups>{{ll|Manual:$wgRateLimitsExcludedGroups|$wgRateLimitsExcludedGroups</> was used for this purpose) sysop, bureaucrat 1.13+
purge purge - 135--> [[<tvar|man>Special:MyLanguage/Manual:URL</>|URL parameter]] "&action=purge" user 1.10+
suppressredirect suppressredirect bot, sysop 1.12+
writeapi writeapi *, user, bot

List of groups

The following groups are available in the latest version of MediaWiki.</translate> <translate> If you are using an older version then some of these may not be implemented. </translate>

Template:Hl2 | <translate> Group</translate> Template:Hl2 | <translate> Description</translate> Template:Hl2 | <translate> Default rights</translate> Template:Hl2 | <translate> Versions</translate>
* <translate> all users (including anonymous).</translate> createaccount, createpage, createtalk, edit, editmyoptions, editmyprivateinfo, editmyusercss, editmyuserjs, editmywatchlist, read, viewmyprivateinfo, viewmywatchlist, writeapi 1.5+
user <translate> registered accounts.</translate> applychangetags, changetags, createpage, createtalk, edit, minoredit, move, move-categorypages, move-rootuserpages, move-subpages, movefile, purge, read, reupload, reupload-shared, sendemail, upload, writeapi
autoconfirmed AutoConfirmAge>Template:Ll</> and having at least as many edits as <tvar|AutoConfirmCount>Template:Ll</>.</translate> autoconfirmed, editsemiprotected 1.6+
bot <translate> accounts with the bot right (intended for automated scripts).</translate> autoconfirmed, autopatrol, apihighlimits, bot, editsemiprotected, nominornewtalk, suppressredirect, writeapi 1.5+
sysop <translate> users who by default can delete and restore pages, block and unblock users, et cetera.</translate> apihighlimits, autoconfirmed, autopatrol, bigdelete, block, blockemail, browsearchive, createaccount, delete, deletedhistory, deletedtext, editinterface, editprotected, editsemiprotected, editusercss, edituserjs, import, importupload, ipblock-exempt, managechangetags, markbotedits, mergehistory, move, move-categorypages, move-rootuserpages, move-subpages, movefile, noratelimit, patrol, protect, proxyunbannable, reupload, reupload-shared, rollback, suppressredirect, unblockself, undelete, unwatchedpages, upload, upload_by_url 1.5+
bureaucrat <translate> users who by default can change other users' rights.</translate> noratelimit, userrights 1.5+

<translate> From MW 1.12, you can create your own groups into which users are automatically promoted (as with autoconfirmed and emailconfirmed) using <tvar|AutoPromote>Template:Ll</>.</translate> <translate> You can even create any custom group by just assigning rights to them.

Default rights

The default rights are defined in <tvar|DefaultSettings>Template:Ll</>.</translate> <translate>

<translate>

<translate>

  • Additional rights: you should be able to list all the permissions available on your wiki by running <tvar|getAllRights>User::getAllRights()</>.

</translate>

Template:Anchor <translate>

Adding new rights

</translate> <translate> Information for coders only follows.</translate>

<translate> If you're adding a new right in core, for instance to [[<tvar|man>Special:MyLanguage/Manual:Special pages</>|control a new special page]], you are required to add it to the list of available rights in <tvar|User>Template:Ll</>, $mCoreRights ([<tvar|url>https://gerrit.wikimedia.org/r/#/c/135312/73/includes/User.php</> example]).</translate> <translate> If you're {{<tvar|man>ll|Manual:Developing extensions</>|doing so in an extension}}, you instead need to use <tvar|AvailableRights>Template:Ll</>.

You probably also want to assign it to some user group by editing <tvar|GroupPermissions>Template:Ll</> described above.

If you want this right to be accessible to external applications by <tvar|OAuth>Template:Ll</> or by [[<tvar|botpasswords>Manual:Bot passwords</>|bot passwords]], then you will need to add it to a grant by editing <tvar|GrantPermissions>Template:Ll</>.</translate>

<source lang="php"> // create ninja-powers right $wgAvailableRights[] = 'ninja-powers';

//add ninja-powers to the ninja-group $wgGroupPermissions['ninja']['ninja-powers'] = true;

//add ninja-powers to the 'basic' grant so we can use our ninja powers over an API request $wgGrantPermissions['basic']['ninja-powers'] = true; </source>

Security

As any open-source software, the Wiki is vulnerable to external attacks:

Getting started