From 42eb11524e4d9d8b8671e5c07dd349c0776c4131 Mon Sep 17 00:00:00 2001 From: Yuri Astrakhan Date: Fri, 6 Sep 2019 15:38:14 -0500 Subject: [PATCH 1/1] apply changes to all sites, not just the private made a mistake in the previous commit - the settings should apply to all sites instead. --- .../templates/default/LocalSettings.php.erb | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/cookbooks/mediawiki/templates/default/LocalSettings.php.erb b/cookbooks/mediawiki/templates/default/LocalSettings.php.erb index ee14cdcd3..4e5b63904 100644 --- a/cookbooks/mediawiki/templates/default/LocalSettings.php.erb +++ b/cookbooks/mediawiki/templates/default/LocalSettings.php.erb @@ -193,6 +193,17 @@ $wgGroupPermissions['bureaucrat']['deleterevision'] = true; $wgGroupPermissions['bureaucrat']['suppressrevision'] = true; $wgGroupPermissions['bureaucrat']['suppressionlog'] = true; +# Since 1.32 MW introduced interface-admin group to separate all UI-related rights. This makes sense for bigger sites, +# but for OSM it makes more sense to keep group structure simple. Give all interface-admin rights to sysops. +# Also remove the interface-admin group to avoid confusion. +$wgGroupPermissions['sysop'] = array_merge( $wgGroupPermissions['sysop'], $wgGroupPermissions['interface-admin'] ); +unset( $wgGroupPermissions['interface-admin'] ); +unset( $wgRevokePermissions['interface-admin'] ); +unset( $wgAddGroups['interface-admin'] ); +unset( $wgRemoveGroups['interface-admin'] ); +unset( $wgGroupsAddToSelf['interface-admin'] ); +unset( $wgGroupsRemoveFromSelf['interface-admin'] ); + <% if @mediawiki[:private_accounts] -%> # Prevent new user registrations except by existing users $wgGroupPermissions['*']['createaccount'] = false; @@ -209,17 +220,6 @@ $wgWhitelistRead = array ("Special:Userlogin"); # Prevent new user registrations except by sysops $wgGroupPermissions['*']['createaccount'] = false; -# Since 1.32 MW introduced interface-admin group to separate all UI-related rights. This makes sense for bigger sites, -# but for OSM it makes more sense to keep group structure simple. Give all interface-admin rights to sysops. -# Also remove the interface-admin group to avoid confusion. -$wgGroupPermissions['sysop'] = array_merge( $wgGroupPermissions['sysop'], $wgGroupPermissions['interface-admin'] ); -unset( $wgGroupPermissions['interface-admin'] ); -unset( $wgRevokePermissions['interface-admin'] ); -unset( $wgAddGroups['interface-admin'] ); -unset( $wgRemoveGroups['interface-admin'] ); -unset( $wgGroupsAddToSelf['interface-admin'] ); -unset( $wgGroupsRemoveFromSelf['interface-admin'] ); - # Restrict access to the upload directory $wgUploadPath = "$wgScriptPath/img_auth.php"; <% end -%> -- 2.39.5