Extension:CategoryLockdown
If you need per-page or partial page access restrictions, you are advised to install an appropriate content management package. MediaWiki was not written to provide per-page access restrictions, and almost all hacks or patches promising to add them will likely have flaws somewhere, which could lead to exposure of confidential data. We are not responsible for anything being leaked.
For further details, see Security issues with authorisation extensions |
CategoryLockdown Release status: stable |
|
---|---|
Implementation | User rights |
Description | Restrict permissions by category and group |
Author(s) | Sophivorustalk |
Latest version | 4.0 (2021-12-13) |
MediaWiki | >= 1.29.0 |
Database changes | No |
License | GNU General Public License 3.0 or later |
Download | |
Example | [1] |
|
|
Quarterly downloads | 16 (Ranked 117th) |
Translate the CategoryLockdown extension if it is available at translatewiki.net | |
The CategoryLockdown extension allows admins to restrict permissions by category and group.
Installation
[edit]- Download and move the extracted
CategoryLockdown
folder to yourextensions/
directory.
Developers and code contributors should install the extension from Git instead, using:cd extensions/
git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/CategoryLockdown - Add the following code at the bottom of your LocalSettings.php file:
wfLoadExtension( 'CategoryLockdown' );
- Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.
Usage
[edit]To restrict the 'read' permission of the Category:Maintenance and its pages to the 'sysop' group only (admins), add the following to your LocalSettings.php:
$wgCategoryLockdown['Maintenance']['read'] = 'sysop';
Similarly, to restrict the 'edit' permission of the Category:Sales and its pages to the 'vendor' group:
$wgCategoryLockdown['Sales']['edit'] = 'vendor';
To restrict editing to users in the 'vendor' OR 'manager' groups:
$wgCategoryLockdown['Sales']['edit'] = [ 'vendor', 'manager' ];
Note that pages in subcategories are not affected. If Category:Clients is a subcategory of Category:Sales, then pages within it won't be protected by the above setting. You'd need to add:
$wgCategoryLockdown['Clients']['edit'] = [ 'vendor', 'manager' ];
Also note that if a page is in BOTH the Category:Sales and the Category:Clients, then the following will restrict editing to users in the 'vendor' OR 'manager' groups:
$wgCategoryLockdown['Sales']['edit'] = 'vendor',
$wgCategoryLockdown['Clients']['edit'] = 'manager';
Finally, note that:
- Rules don't apply to admins (users in the 'sysop' group).
- You can use this syntax to restrict any permission (not just 'read' and 'edit'). However, if users are allowed to read and edit a page, then they can avoid other restrictions by re-categorizing the page.
- This extension only removes permissions, it doesn't grant them. If the general config of your wiki forbids editing to all users, then adding a rule that restricts editing to a certain group won't work. Instead, allow editing to all users and then use this extension to restrict editing to the desired group.
See also
[edit]- Extension:Lockdown - More sophisticated but cannot restrict access by category and group
- Extension:Restrict access by category and group - Similar idea but more complicated and unmaintained