MediaWikiInstallation

From Micro Factory

Jump to: navigation, search

BlueSpice

BlueSpice is a layer atop mediawiki and adds loads of features, most importantly a visual editor.

Hacks

  • change login link to use OAuth page
  • remove Help : skins/BlueSpiceSkin/includes/BlueSpiceSkinHooks.php -> onSkinBuildSidebar()
  • delete footer : extensions/BlueSpiceFoundation/includes/skins/BsBaseTemplate.php -> printFooter()
  • remove notification and email

Extensions

LockDown

Lockdown to restrict private pages

see  configuration below.


OAuth Integration

we use OAuth 2.0 integration https://www.cobot.me/oauth2_clients

app config

https://www.cobot.me/api-docs

Installation

https://www.mediawiki.org/wiki/Extension:OAuth2_Client

Hacks

For some reason OAuth is not compatible with cobot OAuth. so we need to modify a few things in order for the cobot oauth 2 integration to work, we need to patch this file :  in extensions/MW-OAuth2Client/SpecialOAuth2Client.php.

line: 147

protected function _userHandling( $response ) {
      global $wgOAuth2Client, $wgAuth, $wgRequest;
       $username = $response["name"];
       $email = $response["email"];

for some other reasons, the ssl started to break. so i add to disable cert verification.

extensions/MW-OAuth2Client/vendors/oauth2-client/vendor/guzzlehttp/guzzle/src/Client.php, line 64

 $config["verify"] = false;


Configuration

Cobot side

configure in LocalSettings.php

  # Cobot OAuth integration
wfLoadExtension( 'MW-OAuth2Client' );
$wgOAuth2Client['client']['id'] = 'xxx'; // The client ID assigned to you by the provider $wgOAuth2Client['client']['secret'] = 'xxx'; // The client secret assigned to you by the provider $wgOAuth2Client['configuration']['authorize_endpoint'] = 'https://members.microfactory.be/oauth/authorize'; $wgOAuth2Client['configuration']['access_token_endpoint'] = 'https://www.cobot.me/oauth/access_token'; $wgOAuth2Client['configuration']['api_endpoint'] = 'https://www.cobot.me/api/user'; // URL to fetch user JSON $wgOAuth2Client['configuration']['redirect_uri'] = 'https://microfactory.be/wiki/index.php/Special:OAuth2Client/callback'; // useless config below, as we have hack the thing. see above. $wgOAuth2Client['configuration']['username'] = '$.name'; // JSON path to username $wgOAuth2Client['configuration']['email'] = '$.email'; // JSON path to email

Wiki Configuration

 $wgUserMergeProtectedGroups = array();
 $wgUserMergeUnmergeable = array();
 $wgMFAutodetectMobileView = true;
 $wgMFEnableDesktopResources = true;
 
 ##############################
 # Error logging configuration
 $wgShowDBErrorBacktrace = true;
 $wgShowExceptionDetails = true;
 $wgShowSQLErrors = true;
 $wgShowDBErrorBacktrace = true;
 #error_reporting( -1 );
 #ini_set( 'display_errors', 1 );
 
 
 
 ##########################
 # user Rights
 # Disable account creation
 $wgGroupPermissions['*']['createaccount'] = false;
 $wgGroupPermissions['*']['viewfiles'] = true;
 # prevent anonyous user from editing
 $wgGroupPermissions['*']['edit'] = false;
 $wgGroupPermissions['*']['createpage'] = false;
 $wgGroupPermissions['*']['createtalk'] = false;
 # restrict account creation
 $wgGroupPermissions['*']['createaccount'] = false;
 # everybody can read (but overriden by lockdown, see below)
 $wgGroupPermissions['*']['read'] = true;
 # Define constants for Private additional namespace.
 define("NS_PRIVATE", 3000); // This MUST be even.
 define("NS_PRIVATE_TALK", 3001); // This MUST be the following odd integer.
 # Add Private namespace
 $wgExtraNamespaces[NS_PRIVATE] = "Private";
 $wgExtraNamespaces[NS_PRIVATE_TALK] = "Private_talk"; // Note underscores in the namespace name.
 ###############################
 # Lock down extension
 require_once "$IP/extensions/Lockdown/Lockdown.php";
 # Limit access to "Project:" to admins
 $wgNamespacePermissionLockdown[NS_PROJECT]['edit'] = array('sysop');
 $wgNamespacePermissionLockdown[NS_PROJECT]['read'] = array('sysop');
 $wgGroupPermissions['*']['siteadmin'] = true;
 # Limit access to "Private:" to micro factory members.
 $wgNamespacePermissionLockdown[NS_PRIVATE]['edit'] = array('user');
 $wgNamespacePermissionLockdown[NS_PRIVATE]['read'] = array('user');


 # config for thumbnails creation
 $wgEnableUploads = true;
 $wgUseImageMagick = false;//using image magick does not work....
 //$wgImageMagickConvertCommand = "/usr/bin/convert";
 $wgTmpDirectory = "$IP/images/temp";