Extension:Email Authorization

From MediaWiki.org
Jump to navigation Jump to search
PluggableAuth Icon.svg This extension requires the PluggableAuth extension to be installed first.
MediaWiki extensions manual
OOjs UI icon advanced.svg
EmailAuthorization
Release status: stable
Implementation User rights
Description Implements the PluggableAuth PluggableAuthUserAuthorization hook to provide authorization using a list of authorized email addresses.
Author(s) Cindy Cicalese
Latest version 1.4 (2018-07-18)
Compatibility policy master
MediaWiki 1.27+
PHP 5.5+
Database changes Yes
License MIT License
Download
Added rights
emailauthorizationconfig
Hooks used
PluggableAuthUserAuthorization
LoadExtensionSchemaUpdates
BeforeCreateEchoEvent
Translate the Email Authorization extension if it is available at translatewiki.net
Check usage and version matrix.
Issues Open tasks · Report a bug

The Email Authorization extension implements the PluggableAuth PluggableAuthUserAuthorization hook to provide authorization using a list of authorized email addresses. It provides a special page, Special:EmailAuthorizationConfig, for an administrator to use to add and remove email addresses and email domains from the authorization list.

Installation[edit]

This extension requires PluggableAuth to be installed first.
  • Download and place the file(s) in a directory called EmailAuthorization in your extensions/ folder.
  • Add the following code at the bottom of your LocalSettings.php:
    wfLoadExtension( 'EmailAuthorization' );
    
  • Run the update script which will automatically create the necessary database tables that this extension needs.
  • Configure as required
  • Yes Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.

Configuration[edit]

Flag Default Description
$wgEmailAuthorization_EnableRequests false Indicates whether a special page (Special:EmailAuthorizationRequest) will be available for accounts to be requested. If enabled, that page will contain a form used to request an account. By default, that form will contain a single field: email address. Additional fields can be specified by $wgEmailAuthorization_RequestFields. In addition, if true, a special page (Special:EmailAuthorizationApprove) will be available for users in the bureaucratgroup to approve accounts.
$wgEmailAuthorization_RequestFields [] An array of additional fields for the request form. The definition of each field is itself an array with the following possible fields:
  • label: the label for the field (string); must be present
  • mandatory: if present and true, this field is mandatory
  • values: a comma separated list of strings that are the possible values of this field; the field will be a drop-down list
  • rows: if present, the number of rows in the text area for this field
  • columns: if present, the number of columns in the text field or text area for this field (default: 50)

The last three parameters (values, rows, and columns) are used to decide how to display the field. If values is present, a drop-down list will be displayed, and any values for rows and columns will be ignored. If values is not present but rows is present, a text area of the specified size will be displayed, with columns defaulting to 50 if it is not present. If only columns is present, a text field of the specified width will be displayed. If none are present, a text field of 50 columns will be displayed.

Regardless of the contents of this array, an email address field will be present as the first field.

For example,

$wgEmailAuthorization_RequestFields = [
  [
    'label' => 'Organization',
    'mandatory' => true
  ],
  [
    'label' => 'Extra Information',
    'rows' => 4,
    'columns' => 60
  ],
  [
    'label' => 'Animals',
    'values' => [ 'dog', 'cat' ]
  ]
];

would display a mandatory text field (Organization) with 50 columns, a text area with 4 rows and 60 columns (Extra Information), and a drop-down list to choose between dog and cat (Animals).

Users who should be able to add and revoke email addresses and email domains on the Special:EmailAuthorizationConfig page must be given the emailauthorizationconfig right. For example:

 $wgGroupPermissions['bureaucrat']['emailauthorizationconfig'] = true;
Since this extension relies upon the user's email address to perform authorization, you should prevent the user from editing it with:
$wgPluggableAuth_EnableLocalProperties = false;

Hooks[edit]

The Email Authorization extension supplies the following hooks to other extensions:

  • EmailAuthorizationAdd and EmailAuthorizationRevoke take a single parameter: an email address or email domain (i.e. @ followed by the domain).
  • EmailAuthorizationRequest takes the following parameters: an email address and a JSON-encoded array of form fields.
  • EmailAuthorizationApprove and EmailAuthorizationReject take the following parameters: an email address, a JSON-encoded array of form fields, and the User object of the bureaucrat approving/rejecting the account request.

Version History[edit]

Version 1.4
  • Added PHPCS and autofix some found sniffs with PHPCBF
Version 1.3
  • Added optional account request capability controlled by $wgEmailAuthorization_EnableRequests
    • Special:EmailAuthorizationRequest
    • Special:EmailAuthorizationApprove
Version 1.2
  • Change message prefix to prevent collisions with other extensions
  • Table formatting
  • Renamed Special:ConfigEmailAuthorization to Special:EmailAuthorizationConfig
Version 1.1
  • Bug fix: adding email address that already existed threw exception
  • Email addresses and domains entered in Special:ConfigEmailAuthorization now are validated
  • Added missing rights messages
Version 1.0
  • Initial version

See also[edit]