|This extension stores its source code on a wiki page. Please be aware that this code may be unreviewed or maliciously altered. They may contain security holes, outdated interfaces that are no longer compatible etc.
request access to MediaWiki's code repository to address this.
Release status: stable
|Implementation||User access, User rights|
|Description||This extension adds certain users to the groups 'sysop' and 'bureaucrat' when they log in. This is useful for LDAP-based wiki authentication when you need to define which users must be "administrators". Array defined in LocalSettings.|
|Author(s)||Nino Dafonte, José M. Ciges|
|Latest version||1.1 (2009-10-19)|
|MediaWiki||Working in MW 1.14|
|License||No license specified|
Translate the AdminWhiteList extension if it is available at translatewiki.net
|Check usage and version matrix.|
This extension adds 'sysop' and 'bureaucrat' permissions (to give administrator rights) to certain logged-in users for private wikis with authentication based on an external source, eg. LDAP.
You must define an array in LocalSettings.php with the usernames you want to be included in the 'sysop' and 'bureaucrat' groups. When the user logs in, the extension compares the username with the names in the array and, if the username is in the array, the user is automatically added to both groups.
- Copy AdminWhiteList.php and place the file(s) in a directory called
- Add the following code at the bottom of your LocalSettings.php:
require_once "$IP/extensions/AdminWhiteList/AdminWhiteList.php"; $wgAdminWhiteList = array("username1", "username2", "username3"); //Usernames to automatically be given sysop and bureaucrat permissions
- Done - Navigate to Special:Version on your wiki to verify that the extension is successfully installed.
You can use the variable
$wgAdminWhiteListDebug for getting debug output. The following values are available:
- 1 will show non-sensitive info
- 2 will show possibly sensitive user info
- 3 will show sensitive system info. Setting this on a live public site is probably a bad idea.
The value by default is 0, i.e. no debug output at all.
Specifying the debug file
By default the debug messages will be written in the file specified in the variable $wgDebugLogFile.
If you want to specify a log file for this extension (what I recommend) you should use the array $wgDebugLogGroups with the key "adminwhitelist".
$wgDebugLogGroups["adminwhitelist"] = "/tmp/adminwhitelist.log";
- The extension now removes users from groups 'bureaucrat' and 'sysop' not in array $wgAdminWhiteList. So it's possible to remove administrator rights for a user.
- Uses hook "UserLoadAfterLoadFromSession" instead of "UserLoginComplete", so it works with LDAP autologin.
- Configuring debug messages is cleaner, using the variables $wgDebugLogFile and $wgDebugLogGroups.
The last version, 1.1, is here.
You can download also version 1.0 (for MediaWiki 1.12) here.