매뉴얼:유저 권한

From MediaWiki.org
(Redirected from Help:User rights/ko)
Jump to: navigation, search
This page is a translated version of the page Manual:User rights and the translation is 15% complete.

Other languages:
Deutsch • ‎English • ‎español • ‎français • ‎Bahasa Indonesia • ‎日本語 • ‎한국어 • ‎polski • ‎português do Brasil • ‎русский • ‎中文

User rights are specific access and ability permissions that can be assigned to customizable user groups. Groups can then be assigned to (or removed from) users through the Special:Userrights special page. 도움말:권한 지정하기Help:Assigning permissions을 참고하세요.

Access to this interface is itself governed by the 'userrights' right, so only users in the 'bureaucrat' group can do it (in a default set-up). See Manual:Setting user groups in MediaWikiManual:Setting user groups in MediaWiki for information about managing and the assignment of user groups.

This Special:UserRights interface was introduced in MediaWiki 1.5; see Manual:User rights (older versions)Manual:User rights (older versions) for earlier methods.

사용자 그룹 바꾸기[edit]

A default MediaWiki installation assigns certain rights to default groups (see below). You can change the default rights by editing the $wgGroupPermissionsManual:$wgGroupPermissions array in LocalSettings.phpManual:LocalSettings.php with the syntax.

$wgGroupPermissions['group']['right'] = true /* or false */;

주의 주의: In a default installation $wgGroupPermissions will be set in includes/DefaultSettings.php, but it is not present in LocalSettings.php. You will then need to add it in that file.

If a member has multiple groups, they get all of the permissions from each of the groups they are in. All users, including anonymous users, are in the '*' group; all registered users are in the 'user' group. In addition to the default groups, you can arbitrarily create new groups using the same array.

예제[edit]

This example will disable viewing of all pages not listed in $wgWhitelistReadManual:$wgWhitelistRead, then re-enable for registered users only:

$wgGroupPermissions['*']['read']    = false;
# The following line is not actually necessary, since it's in the defaults. Setting '*' to false doesn't disable rights for groups that have the right separately set to true!
$wgGroupPermissions['user']['read'] = true;

This example will disable editing of all pages, then re-enable for users with confirmed email addresses only:

# Disable for everyone.
$wgGroupPermissions['*']['edit']              = false;
# Disable for users, too: by default 'user' is allowed to edit, even if '*' is not.
$wgGroupPermissions['user']['edit']           = false;
# Make it so users with confirmed email addresses are in the group.
$wgAutopromote['emailconfirmed'] = APCOND_EMAILCONFIRMED;
# Hide group from user list. 
$wgImplicitGroups[] = 'emailconfirmed';
# Finally, set it to true for the desired group.
$wgGroupPermissions['emailconfirmed']['edit'] = true;

Creating a new group and assigning permissions to it[edit]

$wgGroupPermissions['<group-name>']에 권한을 지정해 줌으로써 새로운 유저 그룹을 만들수 있습니다. <group-name>는 그룹 이름을 의미합니다.

Additionally to assigning permissions, you should create these three wiki pages with fitting content:

  • MediaWiki:Group-<group-name> (content: Name of the group)
  • MediaWiki:Group-<group-name>-member (content: Name of a member of the group)
  • MediaWiki:Grouppage-<group-name> (content: Name of the group page)

By default, bureaucrats can add users to, or remove them from, any group. However, if you are using 매뉴얼:$wgAddGroupsManual:$wgAddGroups and Manual:$wgRemoveGroupsManual:$wgRemoveGroups, you may need to customize those instead.

예제[edit]

이 예제는 사용자를 차단하고 페이지를 삭제할 수 있고 모든 편집은 기본적으로 최근 바뀜에서 숨겨지는 독단적인 "닌자" 그룹을 만들겠습니다.

$wgGroupPermissions['ninja']['bot']    = true;
$wgGroupPermissions['ninja']['block']  = true;
$wgGroupPermissions['ninja']['delete'] = true;
Note: 그룹 이름은 띄어쓰기를 포함할 수 없습니다. 'random group' 대신 'random-group'이나 'random_group'를 사용하세요.

In this example, you would probably also want to create these pages:

  • MediaWiki:Group-ninja (content: Ninjas)
  • MediaWiki:Group-ninja-member (content: ninja)
  • MediaWiki:Grouppage-ninja (content: Project:Ninjas)

This will ensure that the group will be referred to as "Ninjas" throughout the interface, and a member will be referred to as a "ninja", and overviews will link the group name to Project:Ninjas.

This example disables write access (page editing and creation) by default, creates a group named "Write", and grants it write access. Users can be manually added to this group via Special:UserRights:

$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createpage'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['user']['createpage'] = false;
$wgGroupPermissions['Write']['edit'] = true;
$wgGroupPermissions['Write']['createpage'] = true;

In this example, you would probably also want to create these pages:

  • MediaWiki:Group-Write (content: Writers)
  • MediaWiki:Group-Write-member (content: Writer)
  • MediaWiki:Grouppage-Write (content: Project:Write)

Removing predefined groups[edit]

MediaWiki out of the box comes with a number of predefined groups. Most of these groups can be removed by unsetting the according array keys, among them $wgGroupPermissions['<group-name>']. For details see below.

예제[edit]

This example will eliminate the bureaucrat group entirely. It is necessary to ensure that all six of these variables are unset for any group that one wishes to remove from being listed at Special:ListGroupRights; however, merely unsetting $wgGroupPermissions will suffice to remove it from Special:UserRights. This code should be placed after any require_once lines that add extensions such as Extension:RenameuserExtension:Renameuser containing code that gives bureaucrats group permissions by default.

unset( $wgGroupPermissions['bureaucrat'] );
unset( $wgRevokePermissions['bureaucrat'] );
unset( $wgAddGroups['bureaucrat'] );
unset( $wgRemoveGroups['bureaucrat'] );
unset( $wgGroupsAddToSelf['bureaucrat'] );
unset( $wgGroupsRemoveFromSelf['bureaucrat'] );

In some extensions (Flow, Semantic MediaWiki, etc.), rights are added during extension registration or in a registration function. In this case, it could be necessary to use a registration function in LocalSettings.php to remove some predefined user groups:

$wgExtensionFunctions[] = function() {
	unset( $wgGroupPermissions['oversight'] );
	unset( $wgGroupPermissions['flow-bot'] );
}

Note on the group called "user"[edit]

With the above mechanism, you can remove the groups sysop, bureaucrat and bot, which - if used - can be assigned through the usual user permission system. However, it is currently impossible to remove the user group. This group is not assigned through the usual permission system. Instead, every logged in user automatically is member of that group. This is hardcoded in MediaWiki and currently cannot be changed easily.

권한 목록[edit]

The following user rights are available in the latest version of MediaWiki. If you are using an older version, look at "Special:Version" on your wiki and see if your version is covered in the "versions" column.

권한 설명 User groups that have this right by default 버전
읽기
read 문서 읽기 - when set to false, override for specific pages with $wgWhitelistReadManual:$wgWhitelistRead
경고 경고: Setting the user right "read" (allow viewing pages) to false will only protect wiki (article, talk, ...) pages, but uploaded files (images, files, docs... in the $wgUploadPath subdirectories) will always remain readable via direct access by default.
Use the information from Manual:Image Authorisation and img_auth.php pages when you have the need to restrict image views and file download access to only logged-in users.
*, user 1.5+
편집
edit 문서 편집 *, user 1.5+
createpage 문서 만들기 (토론 문서 제외) - requires the edit right *, user 1.6+
createtalk 토론 문서 만들기 - requires the edit right *, user 1.6+
move 문서 이동 - requires the edit right user 1.5+
movefile 파일 이동 - requires the move right and $wgAllowImageMovingManual:$wgAllowImageMoving to be true user 1.14+
move-subpages 문서와 하위 문서 이동하기 - requires the move right user 1.13+
move-rootuserpages 최상위 사용자 문서 이동 - requires the move right user 1.14+
move-categorypages 분류 문서 이동 - (requires the move right) user 1.25+
createaccount 새 사용자 계정 만들기 - register / registration * 1.5+
autocreateaccount 외부 사용자 계정으로 자동 로그인 - a more limited version of createaccount 1.27+
upload 파일 올리기 - requires the edit right user 1.5+
reupload 이미 존재하는 파일을 다시 올리기 - requires the upload right user 1.6+
reupload-own 자신이 이미 올린 파일 덮어쓰기 - requires the upload right 1.11+
reupload-shared 공용의 파일을 무시하고 로컬에서 파일 올리기 - (if one is set up) with local files (requires the upload right) user 1.6+
upload_by_url URL 주소에서 파일 올리기 - requires the upload right 1.8+
editprotected "Allow only administrators"로 보호된 문서 편집 - without cascading protection sysop 1.13+
editsemiprotected "Allow only autoconfirmed users"로 보호된 문서 편집 - without cascading protection autoconfirmed 1.22+
applychangetags 자신이 편집할 때 태그를 적용하기 user 1.25+
Management
delete 문서 삭제 1.5–1.11: allows the deletion or undeletion of pages.
1.12+: allows the deletion of pages. For undeletions, there is now the 'undelete' right, see below
sysop 1.5+
bigdelete 문서 역사가 긴 문서를 삭제 sysop 1.12+
deletedhistory 삭제된 문서의 내용을 제외한 역사를 보기 sysop 1.6+
deletedtext 삭제된 문서의 내용과 편집상의 차이를 보기 sysop
undelete 삭제된 문서 되살리기 sysop 1.12+
browsearchive 삭제된 문서 검색 - through Special:Undelete sysop 1.13+
mergehistory 문서 역사를 합치기 sysop 1.12+
protect 보호 수준 바꾸기 및 연쇄 보호된 문서 편집 sysop 1.5+
block 다른 사용자가 편집을 못하도록 차단 - Block options include preventing editing and registering new accounts, and autoblocking other users on the same IP address sysop 1.5+
blockemail 다른 사용자가 이메일을 보내지 못하도록 차단 - allows preventing use of the Special:Emailuser interface when blocking sysop 1.11+
hideuser 사용자 이름을 차단하고 숨김 - (not available by default)

Only users with 1000 edits or less can be suppressed by default. Use $wgHideUserContribLimit to disable.

1.10+
unblockself 자신을 차단 해제하기 - Without it, an administrator that has the capability to block cannot unblock themselves if blocked by another administrator sysop 1.17+
userrights 사용자의 모든 권한 조정 - allows the assignment or removal of all* groups to any user.
* With $wgAddGroupsManual:$wgAddGroups and $wgRemoveGroupsManual:$wgRemoveGroups you can set the possibility to add/remove certain groups instead of all
bureaucrat 1.5+
userrights-interwiki 다른 위키의 사용자 권한을 조정 1.12+
rollback 특정 문서를 편집한 마지막 사용자의 편집을 신속하게 되돌리기 sysop 1.5+
markbotedits 되돌리기를 봇의 편집으로 취급 가능 - see Manual:Administrators#Rollback sysop 1.12+
pagelang 문서 언어 바꾸기 - $wgPageLanguageUseDBManual:$wgPageLanguageUseDB must be true 1.24+
patrol 다른 사용자의 편집을 점검된 것으로 표시 - $wgUseRCPatrolManual:$wgUseRCPatrol must be true sysop 1.5+
patrolmarks 최근 바뀜에서 점검 표시를 보기 1.16+
changetags 문서의 특정 판과 특정 기록 항목에 임의의 태그를 추가하거나 제거하기 - currently unused by extensions user 1.25+
editcontentmodel 문서의 콘텐츠 모델을 편집 1.23.7+
editinterface 사용자 인터페이스를 편집 - contains interface messages sysop 1.5+
editusercssjs ⧼right-editusercssjs⧽ - Split into editusercss and edituserjs in 1.16 and deprecated, removed in 1.29 1.12+
editusercss 다른 사용자의 CSS 문서를 편집 sysop 1.16+
edituserjs 다른 사용자의 자바스크립트 문서를 편집 sysop 1.16+
editmyusercss 자신의 사용자 CSS 파일 편집하기 * 1.22+
editmyuserjs 자신의 사용자 자바스크립트 파일 편집하기 * 1.22+
editmywatchlist 자신의 주시문서 목록을 편집합니다. 이 권한이 없어도 문서를 추가할 수 있는 권한이 이외에도 있음을 참고하세요. * 1.22+
viewmywatchlist 자신의 주시문서 목록 보기 * 1.22+
editmyprivateinfo 자신의 개인정보 편집 (이메일 주소, 실명 등) * 1.22+
viewmyprivateinfo 자신의 개인정보 보기 (이메일 주소, 실명 등) * 1.22+
editmyoptions 자신의 환경 설정 편집 * 1.22+
suppressrevision 어떤 사용자도 보지 못하도록 숨겨진 판을 검토하고 되살리기 - Prior to 1.13 this right was named hiderevision (not available by default) 1.6+
viewsuppressed 어떤 사용자가 숨긴 판 보기 - i.e. a more narrow alternative to "suppressrevision" (not available by default) 1.24+
deletelogentry 특정 기록 항목을 삭제 및 되살리기 - allows deleting/undeleting information (action text, summary, user who made the action) of specific log entries (not available by default) 1.20+
deleterevision 문서의 특정 판을 삭제 및 되살리기 - allows deleting/undeleting information (revision text, edit summary, user who made the edit) of specific revisions Split into deleterevision and deletelogentry in 1.20 (not available by default) 1.6+
Administration
siteadmin 데이터베이스를 잠그거나 잠금 해제 - which blocks all interactions with the web site except viewing. Disabled by default 1.5+
import 다른 위키에서 문서 가져오기 - "transwiki" sysop 1.5+
importupload 파일 올리기를 통해 문서 가져오기 - This right was called 'importraw' in and before version 1.5 sysop 1.5+
trackback Obsolete. Allows removal of trackbacks (if $wgUseTrackbacksManual:$wgUseTrackbacks is true) 1.7 - 1.18
unwatchedpages 주시되지 않은 문서 목록 보기 - lists pages that no user has watchlisted sysop 1.6+
managechangetags 데이터베이스에서 태그를 만들거나 지우기 - currently unused by extenions sysop 1.25+
Technical
bot 봇의 편집으로 취급 - can optionally be viewed bot 1.5+
purge 확인 없이 문서의 캐시를 새로 고침 - URL parameter "&action=purge" user 1.10+
minoredit 사소한 편집으로 표시 user 1.6+
nominornewtalk 토론 문서에서 사소한 편집으로 새 메시지 알림을 보내지 않기 - requires minor edit right bot 1.9+
noratelimit 속도 제한에 영향을 받지 않음 - not affected by rate limits (prior to the introduction of this right, the configuration variable $wgRateLimitsExcludedGroupsManual:$wgRateLimitsExcludedGroups was used for this purpose) sysop, bureaucrat 1.13+
ipblock-exempt IP 차단, 자동 차단, 광역 차단을 무시 sysop 1.9+
proxyunbannable ⧼right-proxyunbannable⧽ sysop 1.7+
autopatrol 자신의 편집을 자동으로 점검된 판으로 표시 - $wgUseRCPatrolManual:$wgUseRCPatrol must be true bot, sysop 1.9+
apihighlimits API 쿼리에서 더 높은 제한 사용 bot, sysop 1.12+
writeapi 쓰기 API 사용 *, user, bot 1.13+
suppressredirect 문서를 이동할 때 원래 문서 이름으로 된 넘겨주기를 만들지 않기 bot, sysop 1.12+
autoconfirmed IP 기반의 속도 제한에 영향을 받지 않음 - used for the 'autoconfirmed' group, see the other table below for more information autoconfirmed, bot, sysop 1.6+
emailconfirmed Obsolete. Was used for the 'emailconfirmed' group, see the other table below for more information 1.7 - 1.13
Although these permissions all control separate things, sometimes to perform certain actions you need multiple permissions. For example allowing people to edit but not read pages doesn't make sense, since in order to edit a page you must first be able to read it (Assuming no pages are whitelisted). Allowing uploads but not editing does not make sense, since in order to upload an image you must implicitly create an image description page, etc.

그룹 목록[edit]

The following groups are available in the latest version of MediaWiki. If you are using an older version then some of these may not be implemented.

그룹 설명 기본 권한 버전
* 모든 사용자 (익명 사용자 포함). createaccount, read, edit, createpage, createtalk, writeapi, editmyusercss, editmyuserjs, viewmywatchlist, editmywatchlist, viewmyprivateinfo, editmyprivateinfo, editmyoptions 1.5+
user 계정 생성. move, move-subpages, move-rootuserpages, move-categorypages, movefile, read, edit, createpage, createtalk, writeapi, upload, reupload, reupload-shared, minoredit, purge, sendemail, applychangetags, changetags
autoconfirmed registered accounts at least as old as $wgAutoConfirmAgeManual:$wgAutoConfirmAge and having at least as many edits as $wgAutoConfirmCountManual:$wgAutoConfirmCount. autoconfirmed, editsemiprotected 1.6+
emailconfirmed Obsolete, but $wgEmailAuthenticationManual:$wgEmailAuthentication still exists. Registered accounts with confirmed email addresses. 1.7 - 1.13
bot accounts with the bot right (intended for automated scripts). bot, autoconfirmed, editsemiprotected, nominornewtalk, autopatrol, suppressredirect, apihighlimits, writeapi 1.5+
sysop users who by default can delete and restore pages, block and unblock users, et cetera. block, createaccount, delete, bigdelete, deletedhistory, deletedtext, undelete, editinterface, editusercss, edituserjs, import, importupload, move, move-subpages, move-rootuserpages, move-categorypages, patrol, autopatrol, protect, editprotected, proxyunbannable, rollback, upload, reupload, reupload-shared, unwatchedpages, autoconfirmed, editsemiprotected, ipblock-exempt, blockemail, markbotedits, apihighlimits, browsearchive, noratelimit, movefile, unblockself, suppressredirect, upload_by_url, mergehistory, managechangetags 1.5+
bureaucrat users who by default can change other users' rights. userrights, noratelimit 1.5+
developer A group for the 'siteadmin' right. The group is deprecated by default, as well as the right. 1.5

From MW 1.12, you can create your own groups into which users are automatically promoted (as with autoconfirmed and emailconfirmed) using $wgAutopromoteManual:$wgAutopromote. You can even create any custom group by just assigning rights to them.

기본 권한[edit]

The default rights are defined in DefaultSettings.phpManual:DefaultSettings.php.

새 권한 만들기[edit]

Information for coders only follows.

If you're adding a new right in core, for instance to control a new special page, you are required to add it to the list of available rights in User.phpManual:User.php, $mCoreRights (example). If you're doing so in an extension, you instead need to use $wgAvailableRightsManual:$wgAvailableRights.

You probably also want to also assign it to some user group by editing $wgGroupPermissionsManual:$wgGroupPermissions described above.

If you want this right to be accessible to external applications by OAuth or by bot passwords, then you will need to add it to a grant by editing $wgGrantPermissionsManual:$wgGrantPermissions

// create ninja-powers right
$wgAvailableRights[] = 'ninja-powers';

//add ninja-powers to the ninja-group
$wgGroupPermissions['ninja']['ninja-powers'] = true;

//add ninja-powers to the 'basic' grant so we can use our ninja powers over an API request
$wgGrantPermissions['basic']['ninja-powers'] = true;

You also need to add right-[name] and action-[name] interface messages to /languages/i18n/en.json (with documentation in qqq.json). The right-* messages can be seen on Special:ListGroupRights and the action-* messages are used in a sentence like "You do not have permission to ...".

같이 보기[edit]

Log actionsManual:Log actions Events: BlockingManual:Block and unblockImportingManual:Importing revisionsMerging historiesManual:Merging histories매뉴얼:문서 삭제Manual:Page deletionPage movingManual:Page movingPage restorationManual:Page restorationPatrollingManual:PatrollingProtectionManual:ProtectionRenaming a userExtension:RenameuserRevisionDeleteManual:RevisionDeleteThankingExtension:ThanksUploadingManual:UploadingUser creationManual:User creationUser rights managementManual:User rightsMerging usersManual:Merging users

Settings: $wgLogTypesManual:$wgLogTypes$wgLogActionsManual:$wgLogActions$wgLogNamesManual:$wgLogNames$wgLogHeadersManual:$wgLogHeaders$wgLogActionsHandlersManual:$wgLogActionsHandlers$wgLogRestrictionsManual:$wgLogRestrictions$wgFilterLogTypesManual:$wgFilterLogTypes$wgActionFilteredLogsManual:$wgActionFilteredLogs

Miscellaneous: Logging to Special:LogManual:Logging to Special:LogAPIAPI:Logeventslogging tableManual:Logging tableNull revisionManual:Null revision