Open main menu

Extension:Email Authorization

PluggableAuth Icon.svg This extension requires the PluggableAuth extension to be installed first.
MediaWiki extensions manual
OOjs UI icon advanced.svg
EmailAuthorization
Release status: stable
Implementation User rights
Description Implements the PluggableAuth PluggableAuthUserAuthorization hook to provide authorization using a list of authorized email addresses.
Author(s) Cindy Cicalese
Latest version 1.4 (2018-07-18)
Compatibility policy master
MediaWiki 1.27+
PHP 5.5+
Database changes Yes
License MIT License
Download
emailauthorizationconfig
Translate the Email Authorization extension if it is available at translatewiki.net
Check usage and version matrix.
Issues Open tasks · Report a bug

The Email Authorization extension implements the PluggableAuth PluggableAuthUserAuthorization hook to provide authorization using a list of authorized email addresses. It provides a special page, Special:EmailAuthorizationConfig, for an administrator to use to add and remove email addresses and email domains from the authorization list.

Contents

InstallationEdit

This extension requires PluggableAuth to be installed first.
  • Download and place the file(s) in a directory called EmailAuthorization in your extensions/ folder.
  • Add the following code at the bottom of your LocalSettings.php:
    wfLoadExtension( 'EmailAuthorization' );
    
  • Run the update script which will automatically create the necessary database tables that this extension needs.
  • Configure as required
  •   Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.

ConfigurationEdit

Flag Default Description
$wgEmailAuthorization_EnableRequests false Indicates whether a special page (Special:EmailAuthorizationRequest) will be available for accounts to be requested. If enabled, that page will contain a form used to request an account. By default, that form will contain a single field: email address. Additional fields can be specified by $wgEmailAuthorization_RequestFields. In addition, if true, a special page (Special:EmailAuthorizationApprove) will be available for users in the bureaucratgroup to approve accounts.
$wgEmailAuthorization_RequestFields [] An array of additional fields for the request form. The definition of each field is itself an array with the following possible fields:
  • label: the label for the field (string); must be present
  • mandatory: if present and true, this field is mandatory
  • values: a comma separated list of strings that are the possible values of this field; the field will be a drop-down list
  • rows: if present, the number of rows in the text area for this field
  • columns: if present, the number of columns in the text field or text area for this field (default: 50)

The last three parameters (values, rows, and columns) are used to decide how to display the field. If values is present, a drop-down list will be displayed, and any values for rows and columns will be ignored. If values is not present but rows is present, a text area of the specified size will be displayed, with columns defaulting to 50 if it is not present. If only columns is present, a text field of the specified width will be displayed. If none are present, a text field of 50 columns will be displayed.

Regardless of the contents of this array, an email address field will be present as the first field.

For example,

$wgEmailAuthorization_RequestFields = [
  [
    'label' => 'Organization',
    'mandatory' => true
  ],
  [
    'label' => 'Extra Information',
    'rows' => 4,
    'columns' => 60
  ],
  [
    'label' => 'Animals',
    'values' => [ 'dog', 'cat' ]
  ]
];

would display a mandatory text field (Organization) with 50 columns, a text area with 4 rows and 60 columns (Extra Information), and a drop-down list to choose between dog and cat (Animals).

Users who should be able to add and revoke email addresses and email domains on the Special:EmailAuthorizationConfig page must be given the emailauthorizationconfig right. For example:

 $wgGroupPermissions['bureaucrat']['emailauthorizationconfig'] = true;
Since this extension relies upon the user's email address to perform authorization, you should prevent the user from editing it with:
$wgPluggableAuth_EnableLocalProperties = false;

HooksEdit

The Email Authorization extension supplies the following hooks to other extensions:

  • EmailAuthorizationAdd and EmailAuthorizationRevoke take a single parameter: an email address or email domain (i.e. @ followed by the domain).
  • EmailAuthorizationRequest takes the following parameters: an email address and a JSON-encoded array of form fields.
  • EmailAuthorizationApprove and EmailAuthorizationReject take the following parameters: an email address, a JSON-encoded array of form fields, and the User object of the bureaucrat approving/rejecting the account request.

Version HistoryEdit

Version 1.4
  • Added PHPCS and autofix some found sniffs with PHPCBF
Version 1.3
  • Added optional account request capability controlled by $wgEmailAuthorization_EnableRequests
    • Special:EmailAuthorizationRequest
    • Special:EmailAuthorizationApprove
Version 1.2
  • Change message prefix to prevent collisions with other extensions
  • Table formatting
  • Renamed Special:ConfigEmailAuthorization to Special:EmailAuthorizationConfig
Version 1.1
  • Bug fix: adding email address that already existed threw exception
  • Email addresses and domains entered in Special:ConfigEmailAuthorization now are validated
  • Added missing rights messages
Version 1.0
  • Initial version

See alsoEdit