Release status: stable
|Implementation||User access, User rights|
|Description||This extension adds the user to the groups 'sysop' and 'bureaucrat' when the user is logged in. Its useful for a LDAP wiki based authentication and you need to define which users must be "administrators". Array defined in LocalSettings.|
|Author(s)||Nino Dafonte, José M. Ciges|
|MediaWiki||Working in MW 1.14|
|License||No license specified|
|Check usage and version matrix; stats|
This extension is useful to add 'sysop' and 'bureaucrat' permissions (for giving him administrator's rights) to the user logged in when you are in an external authentication wiki based, like LDAP.
You must define an array (LocalSettings) with the name of the users you want to be included in 'sysop' and 'bureaucrat' groups. When the user logs in, the extension compares the username with the names in the array and, if the username is in the array, the user is automatically added to both groups.
- Copy the code below to a file named "AdminWhiteList.php" into the extension folder.
- Add the include for this extension in LocalSettings.php
require_once( "$IP/extensions/AdminWhiteList.php" );
- Add the user names to the array $wgAdminWhiteList to your LocalSettings.php
$wgAdminWhiteList = array("username1", "username2", "username3");
- Ready to go.
You can use the variable $wgAdminWhiteListDebug for getting debug ouput. The following values are available:
- 1 will show non-sensitive info
- 2 will show possibly sensitive user info
- 3 will show sensitive system info. Setting this on a live public site is probably a bad idea.
The value by default is 0, i.e. no debug output at all.
Specifying the debug file
By default the debug messages will be written in the file specified in the variable $wgDebugLogFile.
If you want to specify a log file for this extension (what I recommend) you should use the array $wgDebugLogGroups with the key "adminwhitelist".
$wgDebugLogGroups["adminwhitelist"] = "/tmp/adminwhitelist.log";
- The extension now removes the user from groups 'bureaucrat' and 'sysop' if he/she is not plus in array $wgAdminWhiteList. So it's possible to remove administrator's rights for an user.
- The hook users is "UserLoadAfterLoadFromSession" instead of "UserLoginComplete", so it works with LDAP autologin
- Configuration of debug messages is cleaner, now it uses the variables $wgDebugLogFile and $wgDebugLogGroups.
The last version 1.1 is here
You can download also the version 1.0 (for MediaWiki 1.12) here