Manual:Hooks/UserGetRights

public static function onUserGetRights( User $user, array &$aRights ) { ... }

{
	"Hooks": {
		"UserGetRights": "MediaWiki\\Extension\\MyExtension\\Hooks::onUserGetRights"
	}
}

• $user - User object
• $aRights - array of user rights

The UserGetRights hook permits the implementation of a user rights scheme along side of MediaWiki's built-in group-based permissions architecture. It can be used to create extensions that

• implement a hierarchical group system where groups can inherit rights from a collection of groups.
• implement an exclude rights rule - users are associated with groups whose rights the do not have.
• add or exclude rights associated with a user rather than a group
• define context based rights - e.g. the same user might have different rights depending on whether they are accessing the wiki via :localhost:, via a VPN, or via the public internet.
• any other scheme available to the programmer's imagination

MediaWiki's built-in permissions architecture uses group-based permissions. Users are assigned to groups; groups are assigned rights; users inherit rights from every group to which they are assigned. This hook can be used to override or supplement the core permissions architecture.

Hooks modify the rights available to the user by adding or removing elements to $aRights. The hook should always return true so that other functions attached to this hook will have a chance to run.

Removing rights with this hook can be problematic as there is no guarantee another hook handler won't re-add them. The UserGetRightsRemove hook, called immediately after UserGetRights, can be used for that.

• UserGetRightsRemove - for removing rights
• userCan - for more fine-grained permission checks