Help:Setting user rights

From GRWiktionaryHelp

MediaWiki Handbook: Contents | How To Use Help | Other help Software help for MediaWikiReaders, Editors, Admins e0 +/-


Contents

Note: these instructions only apply to MediaWiki 1.4 and earlier. Newer versions (starting with 1.5) have a new interface for setting user rights.

[edit]

Granting rights to users

Older versions of MediaWiki (prior to 1.5) do not have a general interface for setting the user rights field of user accounts. There is however a simple interface (Special:Makesysop) for granting a specific username 'sysop' status - a user with 'bureaucrat' status can enter a username into this form to grant 'sysop' status to that user.

Assigning accounts status other than 'sysop' (including removing 'sysop' status) has to be done manually by issuing an SQL query in the database. Usually you'll want to do something like this (if you're using 1.4, see below): 

> mysql -u root -p

mysql> use wikidb;

mysql> UPDATE user SET user_rights='bureaucrat,sysop' WHERE user_name='The Username';

The "user" in the above text is the user table in the wikidb database.

The user_rights field is actually a comma-separated list; presently four values are recognized by the software:

The Username is the person you want to give sysop rights.

If you are using 1.4: The user_rights field has been removed and the user rights are now located in their own table. The new table is user_rights. It contains two fields; ur_user and ur_rights. This sql query should do the trick. 

UPDATE user_rights SET ur_rights="bureaucrat,sysop" WHERE ur_user=1;

You may need to replace the number 1 with the appropriate user id. The user will need to log out and log back in before that user's rights will be in effect.

If you are using 1.5Beta3: The user rights are in a new table called user_groups with two fields call ug_user and ug_group. There must be one row inserted for each user right. You must know the user id of the user. This sql query should do the trick. 

INSERT INTO user_groups (ug_user, ug_group) VALUES ('1', 'bureaucrat'); 
INSERT INTO user_groups (ug_user, ug_group) VALUES ('1', 'sysop');
[edit]

sysop

This is the most common user. A user marked as 'sysop' can delete and undelete pages, block and unblock IPs, issue read-only SQL queries to the database, and use a shortcut revert-to-previous-contributor's-revision feature in contribs. See Help:Administration for details. (Due to something of a historical accident, users with sysop status are generally referred to as 'administrators' or 'admins' on the English Wikipedia, and most likely elsewhere.)

[edit]

developer

This is largely obsolete and will be removed from future versions of the software.


Developer has special RIGHTS and sees additional features in the Special-Pages (lock / unlock DB) as well in setting User-rights. Only a developer can UN-Set (delete) the Sysop-Rights of an admin. --HeliR 11:44, 4 Jan 2005 (UTC)nnnn

[edit]

bureaucrat

This is a user that is allowed to turn other users into sysops via the aforementioned Special:Makesysop page.

[edit]

bot

A registered bot account. Edits by an account with this set will not appear by default in Recentchanges; this is intended for mass imports of data without flooding human edits from view. (Add &hidebots=0 to list changes made by bots e.g. like this)

[edit]

Revoking user's privileges

In its current development stage, MediaWiki has a web-based interface to create users and make sysops and bureaucrats, but it has no interface for revoking privileges.

Currently, the only way to downgrade user's privileges is through SQL: 

update user set user_rights='' where user_name='yourusername';

Version 1.4 Mediawiki: 

UPDATE user_rights SET ur_rights="" WHERE ur_user=1;

or using Program phpMyAdmin read a textfile into the "TINYBLOB" ur_rights of table user_rights that contains the proper user-entries "sysop,bureaucrat,developer"

--HeliR 12:01, 4 Jan 2005 (UTC)

[edit]

User Rights in MediaWiki 1.5+

Image:User-rights.png A new feature of MediaWiki, which is available in the 1.5 versions allows user groups to be created and modified. Each group can be assigned a mixture of the following rights (permissions). If you are using 1.3 or 1.4, have a look at setting user rights in MediaWiki instead.

[edit]

Available rights

???

read
Allows users to read pages not in $wgWhitelistRead
edit
Allows editing of any page which is not protected
move
Lets users change the title of a page by moving it
delete
Lets a user delete a page
undelete
Lets a user view deleted versions, undelete a previously deleted page, or undelete specific revisions of a deleted page
protect
Lets users lock a page (presumably only those with the ability to protect a page can edit a protected page)
block
Enables a user to block an IP address, user name, or range of IPs, from editing
userrights
Lets a user change the access levels of another user
createaccount
Lets a user create a user account for another user, or for themselves
upload
Lets a user upload an image or other file to the wiki, or to overwrite an existing non-protected file
rollback
Gives a user a link to more easily revert a bad edit
patrol
Lets a user state that they have checked an edit that appeared in recent changes
editinterface
Lets users edit the MediaWiki namespace to affect the interface
siteadmin
Should let users change settings that affect the whole site but is currently non-functional
bot
Lets users edit without their edits showing up in recent changes (usually only used for mass edits by bots)
[edit]

Via extension

These aren't available in the main MediaWiki codebase:

asksql
Lets a user query the database using SQL (currently disabled)
checkuser
Lets a user find all the IP addresses used by a particular logged in user, and to show all the contributions from a given IP address, including those made by logged in users
makesysop
On the Wikimedia sites, the bureaucrat group has a restricted Special:Makesysop interface, while the steward group has the full Special:Userrights interface and an extended version
[edit]

Managing group rights

To change the access levels of existing groups or add new groups, you need to have shell/file access to the machine that MediaWiki is running on. You can add or remove permissions to a group with statements in LocalSettings.php.

To disable account creation by anonymous visitors (this replaces $wgWhitelistAccount from 1.4): 

 $wgGroupPermissions['*']['createaccount'] = false;

To require that users log in to edit (this replaces the $wgWhitelistEdit from 1.4): 

 $wgGroupPermissions['*']['edit'] = false;

If $wgWhitelistRead is set, you must also disable the 'read' permission for it to take affect on anonymous users: 

 $wgWhitelistRead = array( "Main Page", "Special:Userlogin" );
 $wgGroupPermissions['*']['read'] = false;


You can define new groups as well, and then assign them to users through Special:Userrights: 

 $wgGroupPermissions['ninja']['delete'] = true;
 $wgGroupPermissions['ninja']['block'] = true;
 $wgGroupPermissions['ninja']['bot'] = true;
[edit]

Defaults

For reference, here are the default group/permission assignments in 1.5beta1: 

$wgGroupPermissions['*'    ]['createaccount']   = true;
$wgGroupPermissions['*'    ]['read']            = true;
$wgGroupPermissions['*'    ]['edit']            = true;

$wgGroupPermissions['user' ]['move']            = true;
$wgGroupPermissions['user' ]['read']            = true;
$wgGroupPermissions['user' ]['edit']            = true;
$wgGroupPermissions['user' ]['upload']          = true;

$wgGroupPermissions['bot'  ]['bot']             = true;

$wgGroupPermissions['sysop']['block']           = true;
$wgGroupPermissions['sysop']['createaccount']   = true;
$wgGroupPermissions['sysop']['delete']          = true;
$wgGroupPermissions['sysop']['editinterface']   = true;
$wgGroupPermissions['sysop']['import']          = true;
$wgGroupPermissions['sysop']['importupload']    = true;
$wgGroupPermissions['sysop']['move']            = true;
$wgGroupPermissions['sysop']['patrol']          = true;
$wgGroupPermissions['sysop']['protect']         = true;
$wgGroupPermissions['sysop']['rollback']        = true;
$wgGroupPermissions['sysop']['upload']          = true;

$wgGroupPermissions['bureaucrat']['userrights'] = true;
[edit]

Configuring access restrictions to your wiki

Also see Preventing Access

For MediaWiki version 1.4 and prior, you can customise user restrictions by placing some or all of the commands below into LocalSettings.php; be sure to place them *below* the following statement: 

 # this must be above all of your custom changes!
 require_once( "includes/DefaultSettings.php" );

# Specify who can edit: true means only logged in users may edit pages
$wgWhitelistEdit = true;

# Pages anonymous (not-logged-in) users may see
$wgWhitelistRead = array ("Main Page", "Special:Userlogin", "Wikipedia:Help");

# Specify who may create new accounts: 0 means no, 1 means yes
$wgWhitelistAccount = array ( 'user' => 0, 'sysop' => 1, 'developer' => 1 );

If new account creation is limited to sysops only, it must be performed by first logging in as a sysop user, and then visiting the Special:Userlogin page. You may manually enter the address http://<YOUR_WIKI_SERVER_ROOT_HERE>/index.php/Special:Userlogin into the address bar, or by clicking Special pages link in the toolbox menu, then click Create an account or log in (the first item available).

For version 1.5 and above, see the User levels page for instructions on configuring access rights.

[edit]

Other configuration options

This might be useful for cases where editing (or even read access) should be performed by only a select group. MediaWiki can be a useful group collaboration tool on small as well as large scales.

When creating the whitelist, don't forget to add the stylesheet pages, for example "MediaWiki:Monobook.css" and "MediaWiki:Monobook.js". Also add "-" for the default style. 

$wgSysopUserBans    = false;      # Allow sysops to ban logged-in users
$wgSysopRangeBans   = false;      # Allow sysops to ban IP ranges
[edit]

Related Pages

MediaWiki Handbook: Contents | Other help


Reading: Go | Search | URL | Namespace | Page name | Section | Link | Backlinks | Piped link | Interwiki link | Redirect | Variable | Category | Special page
Tracking changes: Recent | (enhanced) | Related | Watching pages | Page history | Diff | User contributions | Edit summary | Minor edit |
Logging in and preferences: Logging in | Preferences | User style
Editing: Overview | Wikitext | New page | List | Images/files | Image page | Special characters | Formula | Table | EasyTimeline | Template | Renaming / Moving a page | Editing shortcuts | Talk page | Testing | Export |

Wiki Projects: Wikibooks | Wikicommons | Wikipedia | Wikiquote | Wikisource | Wiktionary |
Retrieved from "http://pgrdictionary.org/help/index.php/Help:Setting_user_rights"