User rights, access control and monitoring: $wgGroupPermissions | |
---|---|
Use this to set access rights for groups and users in these groups. | |
Introduced in version: | 1.5.0 (r9367) |
Removed in version: | Still in use |
Allowed values: | (Complex array of boolean values.) |
Default value: | See below. |
Other settings:Alphabetical |By function |
$wgGroupPermissions is a two-dimensional array indexed byuser group and availablepermissions.The value can be eithertrue
to grant the permission orfalse
if it should not be granted.
Those permissions, which aregranted with $wgGroupPermissions, are always cumulative.If a user is member of different groups, then the user will get a right if it is granted to at least one of these groups even if it isnot granted to their other groups.In other words, If one of the user's groups has a right, then it isnot possible to take the right away using$wgGroupPermissions
.Instead use$wgRevokePermissions to revoke permissions to a grant.
When updating $wgGroupPermissions and you are usingOAuth orbot passwords for external systems, you should also make corresponding updates to$wgGrantPermissions.
$wgGroupPermissions['user']['edit']=true;
This gives all registered users the ability to edit pages.
You can also define your own user groups.User group names can be no longer than 255 characters.[1]The groups, which have been defined either in the default settings or inLocalSettings.php, can be assigned to users through the wikiSpecial:Userrights interface.
Example
# Start with assigning the default permissions from group "autoconfirmed"$wgGroupPermissions['trustworthy']=$wgGroupPermissions['autoconfirmed'];# Add the permissions from group "bot"$wgGroupPermissions['trustworthy']=array_merge($wgGroupPermissions['trustworthy'],$wgGroupPermissions['bot']);# Now modify these rights:$wgGroupPermissions['trustworthy']['delete']=true;$wgGroupPermissions['trustworthy']['protect']=true;$wgGroupPermissions['trustworthy']['patrol']=true;
This creates a group called "trustworthy".
Now add human readable names for your newly created group to the wiki for the "trustworthy" group, e.g. on page "MediaWiki:Group-trustworthy" in plural "Trustworthy editors" and on page "MediaWiki:Group-trustworthy-member" in singular "Trustworthy editor". This is an optional but recommended step.
Users of that group have the same permissions as users from the groups "autoconfirmed" and "bot".Additionally, they will be able to delete and protect pages, and to patrol edits.
For in-depth documentation, seeManual:User rights.
![]() | Functionality to make specific pages inaccessible has not been extensively tested for security. Use at your own risk! |
Default values vary from version to version.You may find the one which apply to your mediawiki setup inMainConfigSchema.php.For more info visitManual:User rights.
Some extensions, such asRenameUser orCheckUser, add new rights which can be configured and assigned in the same manner.
Since REL 1.25, you can do the following inextension.json
:
MediaWiki version: | ≥ 1.25 Gerrit change 166705 |
"GroupPermissions":{"user":{"edit":true}},
"GroupPermissions":{"trustworthy":{"delete":true,"protect":true,"patrol":true}},
ug_group
in theuser_groups table.