*/
$wgForeignUploadTargets = [];
+/**
+ * Configuration for file uploads using the embeddable upload dialog
+ * (https://www.mediawiki.org/wiki/Upload_dialog).
+ *
+ * This applies also to foreign uploads to this wiki (the configuration is loaded by remote wikis
+ * using the action=query&meta=siteinfo API).
+ *
+ * See below for documentation of each property. None of the properties may be omitted.
+ */
+$wgUploadDialog = [
+ // Fields to make available in the dialog. `true` means that this field is visible, `false` means
+ // that it is hidden. The "Name" field can't be hidden. Note that you also have to add the
+ // matching replacement to the 'filepage' format key below to make use of these.
+ 'fields' => [
+ 'description' => true,
+ 'date' => false,
+ 'categories' => false,
+ ],
+ // Suffix of localisation messages used to describe the license under which the uploaded file will
+ // be released. The same value may be set for both 'local' and 'foreign' uploads.
+ 'licensemessages' => [
+ // The 'local' messages are used for local uploads on this wiki:
+ // * upload-form-label-own-work-message-generic-local
+ // * upload-form-label-not-own-work-message-generic-local
+ // * upload-form-label-not-own-work-local-generic-local
+ 'local' => 'generic-local',
+ // The 'foreign' messages are used for cross-wiki uploads from other wikis to this wiki:
+ // * upload-form-label-own-work-message-generic-foreign
+ // * upload-form-label-not-own-work-message-generic-foreign
+ // * upload-form-label-not-own-work-local-generic-foreign
+ 'foreign' => 'generic-foreign',
+ ],
+ // Upload comment to use. Available replacements:
+ // * $HOST - domain name from which a cross-wiki upload originates
+ // * $PAGENAME - wiki page name from which an upload originates
+ 'comment' => '',
+ // Format of the file page wikitext to be generated from the fields input by the user.
+ 'format' => [
+ // Wrapper for the whole page. Available replacements:
+ // * $DESCRIPTION - file description, as input by the user (only if the 'description' field is
+ // enabled), wrapped as defined below in the 'description' key
+ // * $DATE - file creation date, as input by the user (only if the 'date' field is enabled)
+ // * $SOURCE - as defined below in the 'ownwork' key, may be extended in the future
+ // * $AUTHOR - linked user name, may be extended in the future
+ // * $LICENSE - as defined below in the 'license' key, may be extended in the future
+ // * $CATEGORIES - file categories wikitext, as input by the user (only if the 'categories'
+ // field is enabled), or if no input, as defined below in the 'uncategorized' key
+ 'filepage' => '$DESCRIPTION',
+ // Wrapped for file description. Available replacements:
+ // * $LANGUAGE - source wiki's content language
+ // * $TEXT - input by the user
+ 'description' => '$TEXT',
+ 'ownwork' => '',
+ 'license' => '',
+ 'uncategorized' => '',
+ ],
+];
+
/**
* File backend structure configuration.
*
*/
$wgUseMediaWikiUIEverywhere = false;
-/**
- * Should we try to make our HTML output well-formed XML? If set to false,
- * output will be a few bytes shorter, and the HTML will arguably be more
- * readable. If set to true, life will be much easier for the authors of
- * screen-scraping bots, and the HTML will arguably be more readable.
- *
- * Setting this to false may omit quotation marks on some attributes, omit
- * slashes from some self-closing tags, omit some ending tags, etc., where
- * permitted by HTML5. Setting it to true will not guarantee that all pages
- * will be well-formed, although non-well-formed pages should be rare and it's
- * a bug if you find one. Conversely, setting it to false doesn't mean that
- * all XML-y constructs will be omitted, just that they might be.
- *
- * Because of compatibility with screen-scraping bots, and because it's
- * controversial, this is currently left to true by default.
- */
-$wgWellFormedXml = true;
-
/**
* Permit other namespaces in addition to the w3.org default.
*
],
];
+/**
+ * Disable AuthManager
+ * @since 1.27
+ * @deprecated since 1.27, for use during development only
+ */
+$wgDisableAuthManager = false;
+
+/**
+ * Configure AuthManager
+ *
+ * All providers are constructed using ObjectFactory, see that for the general
+ * structure. The array may also contain a key "sort" used to order providers:
+ * providers are stably sorted by this value, which should be an integer
+ * (default is 0).
+ *
+ * Elements are:
+ * - preauth: Array (keys ignored) of specifications for PreAuthenticationProviders
+ * - primaryauth: Array (keys ignored) of specifications for PrimaryAuthenticationProviders
+ * - secondaryauth: Array (keys ignored) of specifications for SecondaryAuthenticationProviders
+ *
+ * @since 1.27
+ * @note If this is null or empty, the value from $wgAuthManagerAutoConfig is
+ * used instead. Local customization should generally set this variable from
+ * scratch to the desired configuration. Extensions that want to
+ * auto-configure themselves should use $wgAuthManagerAutoConfig instead.
+ */
+$wgAuthManagerConfig = null;
+
+/**
+ * @see $wgAuthManagerConfig
+ * @since 1.27
+ */
+$wgAuthManagerAutoConfig = [
+ 'preauth' => [
+ MediaWiki\Auth\LegacyHookPreAuthenticationProvider::class => [
+ 'class' => MediaWiki\Auth\LegacyHookPreAuthenticationProvider::class,
+ 'sort' => 0,
+ ],
+ MediaWiki\Auth\ThrottlePreAuthenticationProvider::class => [
+ 'class' => MediaWiki\Auth\ThrottlePreAuthenticationProvider::class,
+ 'sort' => 0,
+ ],
+ ],
+ 'primaryauth' => [
+ // TemporaryPasswordPrimaryAuthenticationProvider should come before
+ // any other PasswordAuthenticationRequest-based
+ // PrimaryAuthenticationProvider (or at least any that might return
+ // FAIL rather than ABSTAIN for a wrong password), or password reset
+ // won't work right. Do not remove this (or change the key) or
+ // auto-configuration of other such providers in extensions will
+ // probably auto-insert themselves in the wrong place.
+ MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider::class => [
+ 'class' => MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider::class,
+ 'args' => [ [
+ // Fall through to LocalPasswordPrimaryAuthenticationProvider
+ 'authoritative' => false,
+ ] ],
+ 'sort' => 0,
+ ],
+ MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider::class => [
+ 'class' => MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider::class,
+ 'args' => [ [
+ // Last one should be authoritative, or else the user will get
+ // a less-than-helpful error message (something like "supplied
+ // authentication info not supported" rather than "wrong
+ // password") if it too fails.
+ 'authoritative' => true,
+ ] ],
+ 'sort' => 100,
+ ],
+ ],
+ 'secondaryauth' => [
+ MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider::class => [
+ 'class' => MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider::class,
+ 'sort' => 0,
+ ],
+ MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider::class => [
+ 'class' => MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider::class,
+ 'sort' => 100,
+ ],
+ // Linking during login is experimental, enable at your own risk - T134952
+ // MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider::class => [
+ // 'class' => MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider::class,
+ // 'sort' => 100,
+ // ],
+ MediaWiki\Auth\EmailNotificationSecondaryAuthenticationProvider::class => [
+ 'class' => MediaWiki\Auth\EmailNotificationSecondaryAuthenticationProvider::class,
+ 'sort' => 200,
+ ],
+ ],
+];
+
+/**
+ * If it has been this long since the last authentication, recommend
+ * re-authentication before security-sensitive operations (e.g. password or
+ * email changes). Set negative to disable.
+ * @since 1.27
+ * @var int[] operation => time in seconds. A 'default' key must always be provided.
+ */
+$wgReauthenticateTime = [
+ 'default' => 300,
+];
+
+/**
+ * Whether to allow security-sensitive operations when authentication is not possible.
+ * @since 1.27
+ * @var bool[] operation => boolean. A 'default' key must always be provided.
+ */
+$wgAllowSecuritySensitiveOperationIfCannotReauthenticate = [
+ 'default' => true,
+];
+
+/**
+ * List of AuthenticationRequest class names which are not changeable through
+ * Special:ChangeCredentials and the changeauthenticationdata API.
+ * This is only enforced on the client level; AuthManager itself (e.g.
+ * AuthManager::allowsAuthenticationDataChange calls) is not affected.
+ * Class names are checked for exact match (not for subclasses).
+ * @since 1.27
+ * @var string[]
+ */
+$wgChangeCredentialsBlacklist = [
+ \MediaWiki\Auth\TemporaryPasswordAuthenticationRequest::class
+];
+
+/**
+ * List of AuthenticationRequest class names which are not removable through
+ * Special:RemoveCredentials and the removeauthenticationdata API.
+ * This is only enforced on the client level; AuthManager itself (e.g.
+ * AuthManager::allowsAuthenticationDataChange calls) is not affected.
+ * Class names are checked for exact match (not for subclasses).
+ * @since 1.27
+ * @var string[]
+ */
+$wgRemoveCredentialsBlacklist = [
+ \MediaWiki\Auth\PasswordAuthenticationRequest::class,
+];
+
/**
* For compatibility with old installations set to false
* @deprecated since 1.24 will be removed in future
MediaWiki\Session\BotPasswordSessionProvider::class => [
'class' => MediaWiki\Session\BotPasswordSessionProvider::class,
'args' => [ [
- 'priority' => 40,
+ 'priority' => 75,
] ],
],
];
# $wgGroupPermissions['sysop']['upload_by_url'] = true;
$wgGroupPermissions['sysop']['mergehistory'] = true;
$wgGroupPermissions['sysop']['managechangetags'] = true;
+$wgGroupPermissions['sysop']['deletechangetags'] = true;
// Permission to change users' group assignments
$wgGroupPermissions['bureaucrat']['userrights'] = true;
dépôts / lhc / web / wiklou.git / blobdiff