I would like to set up a single-user private wiki but still allow public comments on talkpages. So anonymous editors cannot create accounts or new pages or upload any files, but are allowed to edit talkpages (and only talkpages) to post comments or feedback. Is there a way to set this up to restrict editing to only a single namespace? Nicole Sharp (talk) 17:21, 21 February 2018 (UTC)
Topic on Project:Support desk
Okay, found this: Manual:Preventing access#Restrict editing of an entire namespace. But can I do the opposite, i.e. restrict editing to all namespaces except for one? Or do I have to list each namespace individually, and then the namespaces not listed are allowed for edits? Nicole Sharp (talk) 20:36, 21 February 2018 (UTC)
I think I got it (LocalSettings.php below). But I would still like to find a way to set this up so that I can specify that only talk pages are editable, as opposed to protecting non-talk pages from edits. Not sure if that is equivalent or not, or if setting the wiki up as it is listed below introduces any risk of someone being able to edit a non-talk page. Nicole Sharp (talk) 20:37, 21 February 2018 (UTC)
$wgGroupPermissions['*']['createaccount'] = false; # $wgGroupPermissions['*']['edit'] = false; $wgNamespaceProtection[NS_MAIN] = $wgNamespaceProtection[NS_USER] = $wgNamespaceProtection[NS_PROJECT] = $wgNamespaceProtection[NS_FILE] = $wgNamespaceProtection[NS_IMAGE] = $wgNamespaceProtection[NS_MEDIAWIKI] = $wgNamespaceProtection[NS_TEMPLATE] = $wgNamespaceProtection[NS_HELP] = $wgNamespaceProtection[NS_CATEGORY] = $wgNamespaceProtection[NS_SPECIAL] = $wgNamespaceProtection[NS_MEDIA] = $wgNamespaceProtection[NS_GADGET] = array( 'emailconfirmed' );
(Nonworking syntax striked. Nicole Sharp (talk) 16:13, 23 February 2018 (UTC))
Actually, the above syntax allows anyone to edit talk pages, but also blocks any edits by the admin on non-talk pages. So that doesn't work and back to square one. "Manual:Preventing access#Restrict editing of all but a few pages" mentions what I am trying to do (restrict anonymous editing to talkpages only), but I need it by namespace instead of from a manual file list which the EditSubpages Extension seems to require (which is very impractical). Nicole Sharp (talk) 23:30, 22 February 2018 (UTC)
It should work if $wgGroupPermissions['*']['edit'] = false; is really commented out, and if the admin is "emailconfirmed" :)
Otherwise use "sysop" instead of "emailconfirmed".
No, that has the same result (sysop can only edit talkpages). If I read "Manual:$wgNamespaceProtection" correctly, then that is protecting the namespace from the sysop (or the emailconfirmed user), as opposed to allowing edits by the sysop on those namespaces. I need something like:
$wgGroupPermissions['*']['createaccount'] = false; $wgGroupPermissions['*']['edit'] = false; $wgNamespaceUnprotection[NS_TALK] = $wgNamespaceUnprotection[NS_USER_TALK] = $wgNamespaceUnprotection[NS_PROJECT_TALK] = $wgNamespaceUnprotection[NS_FILE_TALK] = $wgNamespaceUnprotection[NS_IMAGE_TALK] = $wgNamespaceUnprotection[NS_MEDIAWIKI_TALK] = $wgNamespaceUnprotection[NS_TEMPLATE_TALK] = $wgNamespaceUnprotection[NS_HELP_TALK] = $wgNamespaceUnprotection[NS_CATEGORY_TALK] = $wgNamespaceUnprotection[NS_SPECIAL_TALK] = $wgNamespaceUnprotection[NS_MEDIA_TALK] = $wgNamespaceUnprotection[NS_GADGET_TALK] = array( 'everyone' );
That would disable editing by anyone other than the sysop by default, but then unprotect just the talkpages for anonymous edits. Nicole Sharp (talk) 14:24, 23 February 2018 (UTC)
(Nonworking syntax striked. Nicole Sharp (talk) 16:14, 23 February 2018 (UTC))
Ah, true. The manual page says it clearly, though. The values you pass to $wgNamespaceUnprotection must be a right, not a user group. You should edit a new right to sysops and use it for the namespace protection.
I got it working with the syntax below:
$wgGroupPermissions['*']['createaccount'] = false; # $wgGroupPermissions['*']['edit'] = false; $wgNamespaceProtection[NS_MAIN] = $wgNamespaceProtection[NS_USER] = $wgNamespaceProtection[NS_PROJECT] = $wgNamespaceProtection[NS_FILE] = $wgNamespaceProtection[NS_IMAGE] = $wgNamespaceProtection[NS_MEDIAWIKI] = $wgNamespaceProtection[NS_TEMPLATE] = $wgNamespaceProtection[NS_HELP] = $wgNamespaceProtection[NS_CATEGORY] = $wgNamespaceProtection[NS_SPECIAL] = $wgNamespaceProtection[NS_MEDIA] = $wgNamespaceProtection[NS_GADGET] = array( 'editinterface' );
However, I noticed that an anonymous spammer could still create new spam talkpages such as "talk:Buy Buy Buy Now Now Now!," instead of only being able to create talkpages for pre-existing mainspace pages. Is there a way to restrict this? I actually see this type of spam often here on MediaWiki.org (creating new discussions for nonexistent pages). Nicole Sharp (talk) 16:08, 23 February 2018 (UTC)
There's no way to do this AFAIK. You'll probably need to do some custom code with a hook. But still they can create spam talk pages of legitimate pages. You should try to identify some common patterns and use Extension:AbuseFilter to prevent them.