Jump to content

扩展:电邮授权

From mediawiki.org
This page is a translated version of the page Extension:Email Authorization and the translation is 24% complete.
This extension requires the PluggableAuth extension to be installed first.
MediaWiki扩展手册
Email Authorization
发行状态: 稳定版
实现 用户权限
描述 实现PluggableAuth PluggableAuthUserAuthorization 钩子,以使用授权电邮地址列表提供授权。
作者 Cindy Cicalese
最新版本 3.0 (2022-03-27)
兼容性政策 快照跟随MediaWiki发布。 master分支不向后兼容。
MediaWiki 1.35+
PHP 7.4+
数据库更改
emailauth
emailrequest
许可协议 MIT授權條款
下載
  • $wgEmailAuthorization_RequestFields
  • $wgEmailAuthorization_EnableRequests
  • $wgEmailAuthorization_AuthorizedGroups
emailauthorizationconfig
前往translatewiki.net翻譯Email Authorization扩展
問題 开启的任务 · 报告错误

The Email Authorization extension implements the PluggableAuth PluggableAuthUserAuthorization hook to provide authorization using a list of authorized email addresses. It provides a special page, Special:EmailAuthorizationConfig, for an administrator to use to add and remove email addresses and email domains from the authorization list.

安裝

This extension requires PluggableAuth to be installed first.
  • 下载文件,并将解压后的EmailAuthorization文件夹移动到extensions/目录中。
    开发者和代码贡献人员应从Git安装扩展,输入:cd extensions/
    git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/EmailAuthorization
  • 将下列代码放置在您的LocalSettings.php 的底部:
    wfLoadExtension( 'EmailAuthorization' );
    
  • 运行更新脚本,它将自动创建此扩展必须依赖的数据库表。
  • run git submodule update --init
  • Configure as required
  • Yes 完成 – 在您的wiki上导航至Special:Version,以验证已成功安装扩展。

配置

标记 默认 描述
$wgEmailAuthorization_AuthorizedGroups [] An array of MediaWiki groups whose members are authorized regardless of whether their email addresses are authorized. This is especially useful to bootstrap the extension when it is installed by authorizing, for example, all members of the sysop group.
$wgEmailAuthorization_EnableRequests false Indicates whether a special page (Special:EmailAuthorizationRequest) will be available for accounts to be requested. If enabled, that page will contain a form used to request an account. By default, that form will contain a single field: email address. Additional fields can be specified by $wgEmailAuthorization_RequestFields. In addition, if true, a special page (Special:EmailAuthorizationApprove) will be available for users in the bureaucrat group to approve accounts.
$wgEmailAuthorization_RequestFields [] An array of additional fields for the request form. The definition of each field is itself an array with the following possible fields:
  • label - the label for the field (string); must be present
  • mandatory - if present and true, this field is mandatory
  • values - a comma separated list of strings that are the possible values of this field; the field will be a drop-down list
  • rows - if present, the number of rows in the text area for this field
  • columns - if present, the number of columns in the text field or text area for this field (default: 50)

The last three parameters (values, rows, and columns) are used to decide how to display the field. If values is present, a drop-down list will be displayed, and any values for rows and columns will be ignored. If values is not present but rows is present, a text area of the specified size will be displayed, with columns defaulting to 50 if it is not present. If only columns is present, a text field of the specified width will be displayed. If none are present, a text field of 50 columns will be displayed.

Regardless of the contents of this array, an email address field will be present as the first field.

For example,

$wgEmailAuthorization_RequestFields = [
  [
    'label' => 'Organization',
    'mandatory' => true
  ],
  [
    'label' => 'Extra Information',
    'rows' => 4,
    'columns' => 60
  ],
  [
    'label' => 'Animals',
    'values' => [ 'dog', 'cat' ]
  ]
];

would display a mandatory text field (Organization) with 50 columns, a text area with 4 rows and 60 columns (Extra Information), and a drop-down list to choose between dog and cat (Animals).

Users who should be able to add and revoke email addresses and email domains on the Special:EmailAuthorizationConfig page must be given the emailauthorizationconfig right. 例如:

$wgGroupPermissions['bureaucrat']['emailauthorizationconfig'] = true;
Since this extension relies upon the user's email address to perform authorization, you should prevent the user from editing it with the following configuration:
$wgPluggableAuth_EnableLocalProperties = false;

钩子

This extension supplies the following hooks to other extensions:

  • EmailAuthorizationAdd and EmailAuthorizationRevoke take a single parameter: an email address or email domain (i.e. @ followed by the domain).
  • EmailAuthorizationRequest takes the following parameters: an email address and a JSON-encoded array of form fields.
  • EmailAuthorizationApprove and EmailAuthorizationReject take the following parameters: an email address, a JSON-encoded array of form fields, and the User object of the bureaucrat approving/rejecting the account request.

版本历史

Version 3.0
  • Updated to work with PluggableAuth 6.0
Version 2.0
  • 新增 $wgEmailAuthorization_AuthorizedGroups
  • Added support for postgres and sqlite in addition to existing mysql/mariadb support
  • Use datatables jQuery plug-in on email authorization dashboard
  • Convert UI to use OOUI
  • Modernize code (type hints, dependency injection, global config, new hook system, linting, tests)
  • Fix IDatabase::upsert() calls with bad unique key parameters
Version 1.5
  • Trim and lowercase emails before adding them
Version 1.4
  • Added PHPCS and autofix some found sniffs with PHPCBF
Version 1.3
  • Added optional account request capability controlled by $wgEmailAuthorization_EnableRequests
    • Special:EmailAuthorizationRequest
    • Special:EmailAuthorizationApprove
Version 1.2
  • Change message prefix to prevent collisions with other extensions
  • Table formatting
  • Renamed Special:ConfigEmailAuthorization to Special:EmailAuthorizationConfig
Version 1.1
  • Bug fix: adding email address that already existed threw exception
  • Email addresses and domains entered in Special:ConfigEmailAuthorization now are validated
  • Added missing rights messages
Version 1.0
  • 最初版本

已知問題

版本2.0以前的版本不支援PostgreSQL。 参见T293933