Manual:$wgGrantPermissions
User rights, access control and monitoring: $wgGrantPermissions | |
---|---|
Used to define grants and assign permissions to them. |
|
Introduced in version: | 1.27.0 (Gerrit change 259062; git #ef5bd734) |
Removed in version: | Still in use |
Allowed values: | (two-dimensional array of booleans) |
Default value: | See MainConfigSchema.php |
Other settings: Alphabetical | By function |
Details
edit$wgGrantPermissions is a two-dimensional array indexed by grants and available permissions.
The value is a boolean; false
is equivalent to unsetting the key.
Grants are used to give external software limited access to an account; for example, by OAuth or by bot passwords. When a user account is accessed via some grants-based mechanism, to use some permission both an appropriate user group and an appropriate grant is required.
This configuration value should usually be set by extensions, not site administrators.
New grants can simply be created by using a new first-level key.
Such keys should be added to $wgGrantPermissionGroups
as well.
Grants are managed internally by the MWGrants class, and can be viewed via Special:ListGrants.
The user-visible name of a grant can be defined via the grant-<name>
message.
Example
edit$wgGrantPermissions['basic']['ipblock-exempt'] = true;
This allows external tools using a user account to ignore IP blocks if the user has that ability and has given the basic
grant to the tool.