Manual:Setting user groups in MediaWiki

By default MediaWiki has several user groups that can grant a user a set of user rights. See also the list of groups.

Special:UserRights (MediaWiki 1.10 and higher)
There is a simple interface (Special:UserRights) for adding a user to or removing a user from one or more user groups. To do this the acting user must have the  userrights user right, which by default is granted to the 'Bureaucrat' user group. You can access Special:UserRights directly or via Special:SpecialPages in the toolbox on the left (as of MediaWiki 1.16.0).

To help in using Special:UserRights, refer to Help:Assigning permissions.

Older versions of MediaWiki (prior to 1.15) do not have a general interface for setting the user rights field of user accounts (use Special:Makesysop instead).

Using MySQL
In MediaWiki versions before 1.11 assigning accounts status other than 'sysop' (including removing 'sysop' status) has to be done manually by issuing an SQL query in the database. Usually you'll want to do something like this (if you're using 1.14 or older, see below): > mysql -u root -p

mysql> use wikidb;

mysql> UPDATE user SET user_rights='bureaucrat,sysop' WHERE user_name='The Username'; The "user" in the above text is the user table in the wikidb database.

The user_rights field is actually a comma-separated list; presently four values are recognized by the software:

The Username is the person you want to give sysop rights.

Note that you probably need to log out and log back in for the rights information to be properly updated.

If you are using 1.14: The user_rights field has been removed and the user rights are now located in their own table. The new table is user_rights. It contains two fields; ur_user and ur_rights. This sql query should do the trick. UPDATE user_rights SET ur_rights="bureaucrat,sysop" WHERE ur_user=1; You may need to replace the number 1 with the appropriate user id. The user will need to log out and log back in before that user's rights will be in effect.

If you are using 1.15: The user rights are in a new table called user_groups with two fields called ug_user and ug_group. There must be one row inserted for each user right. You must know the user id number of the user from the "user" table. This sql query should do the trick. In the example below substitute 1 with the user ID number from the user table. INSERT INTO user_groups (ug_user, ug_group) VALUES ('1', 'bureaucrat'); INSERT INTO user_groups (ug_user, ug_group) VALUES ('1', 'sysop');

Using phpMyAdmin
If you do not have raw access to mySQL, you can update a user's privileges via phpMyAdmin. First open phpMyAdmin, and from the left-hand frame, choose your wiki's database from the drop-down box. In the right-hand frame, a page will load listing all of the tables in the database. At the top of that page in the right-hand frame, click on the "SQL" tab. You should now see a text-box. Enter the appropriate query into the box.

For example, if you are trying to give a user Bureaucrat & Sysop privileges in 1.14, you would enter:

UPDATE user_rights SET ur_rights="bureaucrat,sysop" WHERE ur_user=USERNAME;

... replacing, the "USERNAME" in "ur_user=USERNAME" with the user's ID. (You can find this by clicking on the link in the left-hand frame which says "user." Then click the "Browse" tab and find the user's name. The ID will be on the left.)

Then push "GO". If you don't see an "error" message, then it worked.

In versions newer than 1.14, instead of the above you have to enter:

INSERT INTO user_groups (ug_user, ug_group) VALUES ('YOUR_USER_ID', 'bureaucrat'); INSERT INTO user_groups (ug_user, ug_group) VALUES ('YOUR_USER_ID', 'sysop');

If your table rows use a table prefix, then you will see that prefix on the row names in MyPhpAdmin, and must prefix the table row name accordingly:

INSERT INTO xyz_user_groups (ug_user, ug_group) VALUES ('YOUR_USER_ID', 'bureaucrat'); INSERT INTO xyz_user_groups (ug_user, ug_group) VALUES ('YOUR_USER_ID', 'sysop'); (Were "xyz_" is the table prefix for your wiki)

Do not use things like:

> mysql -u root -p >

mysql> use wikidb;

...in phpMyAdmin.

Revoking user's privileges
'''Attention! In versions after MediaWiki 1.14, the table user_rights is gone, instead using table user_groups ! see maintenance/tables.sql'''

In its current development stage, MediaWiki has a web-based interface to create users and make sysops and bureaucrats, but it has no interface for revoking privileges.

Currently, the only way to downgrade user's privileges is through SQL: UPDATE user SET user_rights='' WHERE user_name='yourusername';

Version 1.14 Mediawiki: UPDATE user_rights SET ur_rights="" WHERE ur_user=1;

or using Program phpMyAdmin read a textfile into the "TINYBLOB" ur_rights or table user_rights that contains the proper user-entries "sysop,bureaucrat,developer"

Configuring access restrictions to your wiki
Also see Manual:Preventing access.

For MediaWiki version 1.14 and prior, you can customise user restrictions by placing some or all of the commands below into ; be sure to place them *below* the following statement: If new account creation is limited to sysops only, it must be performed by first logging in as a sysop user, and then visiting the  page. You may manually enter the address  into the address bar, or by clicking Special pages link in the toolbox menu, then click Create an account or log in (the first item available). Warning: Mediawikis in other languages must change the whitelist pagenames. e.g. German: "Spezial:Userlogin" instead of "Special:Userlogin".

If you set $wgWhitelistEdit = true in LocalSettings.php, you may also want to set This removes the link to the talk page in the header for non-logged in users. You may also want to change the contents of your wiki's MediaWiki:Userlogin page from Create an account or log in to Log in.

For version 1.15 and above, see the Manual:User rights page for instructions on configuring access rights.

Related pages

 * Manual:User rights (Explanation of the different "rights" which can be assigned to a group)
 * Extension:Page access restriction
 * Manual:Preventing access
 * Extension:Hidden pages