Mon, 04/07/2025 - 7:15pm by admin

MediaWiki

🔎 To check if the group exists in the wiki:

Visit: https://yourwiki/index.php/Special:ListGroupRights

“Until a page is first approved, it lives in the realm of free will.
Once a Validateur lays hands upon it... the Revision Era begins.”

👥 Custom Roles

Group Name

Role

Permissions

validateur

Approver / Reviewer

Can approve revisions (ApproveRevs)

alumni

Legacy Contributors

No rights, preserved for history

Verify LocalSettings.php 

🔹 validateur Group 

$wgGroupPermissions['validateur']['edit'] = true;
$wgGroupPermissions['validateur']['approverevisions'] = true;
$wgGroupPermissions['validateur']['approverevisions-view'] = true;
$wgGroupPermissions['validateur']['approverevisions-approve'] = true;

# Enable ApproveRevs for this group
$wgApprovedRevsCanApprove[] = 'validateur';

🔹 alumni Group (honorary, no rights) 

$wgGroupPermissions['alumni'] = [];  // No special permissions
$wgGroupNames['alumni'] = 'Alumni'; // Clean display name

👤 Assigning Users

From inside the mw1359 container (Docker or Podman): 

podman exec -it mw1359 php maintenance/editUserGroups.php "Lisa" --add validateur
podman exec -it mw1359 php maintenance/editUserGroups.php "Gsavary" --add alumni

 

 Specialised Groups

We don't want to delete old users. What about a new GROUP? With no permissions! Yes, remove previous as well. 

# Define the 'alumni' group with no permissions
$wgGroupPermissions['alumni'] = [];

# Force-remove the user's editing rights, use:
$wgGroupPermissions['alumni'] = [];  // no new permissions
$wgRevokePermissions['alumni']['edit'] = true;
$wgRevokePermissions['alumni']['editinterface'] = true;
$wgRevokePermissions['alumni']['move'] = true;
$wgRevokePermissions['alumni']['createpage'] = true;
$wgRevokePermissions['alumni']['createtalk'] = true;
$wgGroupPermissions['alumni'] = [];  // no rights
$wgAddGroups['sysop'][] = 'alumni';  // allow admins to add this group

$wgGroupNames['alumni'] = 'Alumni';  // nice display name

We can optionally restrict alumni users even further (e.g., block editing or login), but that depends on what we want them to be able to do (see more below ⬇️).

🎓 What does being in the 'alumni' group actually do?

By default: nothing, unless you choose to:

  • Restrict actions (e.g., deny edit/login)

  • Use it for filtering in user lists

  • Signal status in the UI (e.g., CSS badge, user group display)

So it’s perfectly safe to assign users to this group for classification only, unless you take additional action.

Tag Gsavary as alumni (only one for now)

From the command line: 

php maintenance/editUserGroups.php "Gsavary" --add alumni

For the Container:

Identify the container: 

podman ps  # Look for the mediawiki container name, e.g., mw1359

Then run: 

podman exec -it mw1359 php maintenance/editUserGroups.php "Gsavary" --add alumni

⚠️     For an apache container this defaults to: /var/www/html/maintenance/
          If in doubt — check.

 

Expected Output: 

User "Gsavary" was added to group "alumni"

This will evolve into a test procedure. Maybe we can link back to this

[ ] Test

Admin-Level: Assigning User Groups (Internal Use Only)

User Management 

# Assign Lisa to the 'validateur' group
podman exec -it mw1359 php maintenance/editUserGroups.php "Lisa" --add validateur

# Assign Gsavary to the honored 'alumni' group
podman exec -it mw1359 php maintenance/editUserGroups.php "Gsavary" --add alumni

You must be logged into the host (RHEL8) system where the container mw1359 is running and have access to Podman.
No container login required—this runs from the host and uses the standard MediaWiki maintenance/ script editUserGroups.php

 

retireUserToAlumni.php

to run in the maintenance folder as well 

<?php
require_once __DIR__ . '/Maintenance.php';

class RetireUserToAlumni extends Maintenance {
    public function __construct() {
        parent::__construct();
        $this->addDescription( 'Removes a user from active groups and adds them to the alumni group.' );
        $this->addArg( 'username', 'Username to retire' );
    }

    public function execute() {
        $username = $this->getArg( 0 );
        $user = User::newFromName( $username );

        if ( !$user || !$user->getId() ) {
            $this->error( "User '$username' not found.\n", true );
        }

        $activeGroups = [ 'user', 'contributeur', 'validateur', 'editor', 'publisher' ]; // adjust as needed
        $userGroups = $user->getGroups();

        // Remove from active groups
        foreach ( $userGroups as $group ) {
            if ( in_array( $group, $activeGroups ) ) {
                $user->removeGroup( $group );
                $this->output( "Removed $username from group: $group\n" );
            }
        }

        // Add to alumni group
        if ( !$user->isAllowed( 'alumni' ) ) {
            $user->addGroup( 'alumni' );
            $this->output( "Added $username to group: alumni\n" );
        }

        // Optional: mark their user page
        $title = Title::makeTitle( NS_USER, $username );
        $wikiPage = WikiPage::factory( $title );

        if ( $wikiPage->exists() ) {
            $content = $wikiPage->getContent( RevisionRecord::RAW );
            $text = ContentHandler::getContentText( $content );
            if ( strpos( $text, '== Status ==' ) === false ) {
                $text .= "\n\n== Status ==\n''This contributor is now part of the '''Alumni''' group.''";
                $wikiPage->doEditContent( ContentHandler::makeContent( $text, $title ), 'Marking user as Alumni' );
                $this->output( "Updated user page with Alumni status.\n" );
            } else {
                $this->output( "User page already contains a status section.\n" );
            }
        } else {
            $this->output( "No user page found for $username. Skipping banner.\n" );
        }
    }
}

$maintClass = RetireUserToAlumni::class;
require_once RUN_MAINTENANCE_IF_MAIN;

 

Features
Test