Extension:AdminWhiteList

Description
This extension adds 'sysop' and 'bureaucrat' permissions (to give administrator rights) to certain logged-in users for private wikis with authentication based on an external source, eg. LDAP.

You must define an array in LocalSettings.php with the usernames you want to be included in the 'sysop' and 'bureaucrat' groups. When the user logs in, the extension compares the username with the names in the array and, if the username is in the array, the user is automatically added to both groups.

Debugging options
You can use the variable  for getting debug output. The following values are available:
 * 1 will show non-sensitive info
 * 2 will show possibly sensitive user info
 * 3 will show sensitive system info. Setting this on a live public site is probably a bad idea.

The value by default is 0, i.e. no debug output at all.

Specifying the debug file
By default the debug messages will be written in the file specified in the variable $wgDebugLogFile.

If you want to specify a log file for this extension ( what I recommend ) you should use the array $wgDebugLogGroups with the key "adminwhitelist".

For example:

Change log

 * The extension now removes users from groups 'bureaucrat' and 'sysop' not in array $wgAdminWhiteList . So it's possible to remove administrator rights for a user.
 * Uses hook "UserLoadAfterLoadFromSession" instead of "UserLoginComplete", so it works with LDAP autologin.
 * Configuring debug messages is cleaner, using the variables $wgDebugLogFile and $wgDebugLogGroups.
 * Configuring debug messages is cleaner, using the variables $wgDebugLogFile and $wgDebugLogGroups.

Code
The last version, 1.1, is here.

You can download also version 1.0 (for MediaWiki 1.12) here.