Jump to content

ICT:FinalConfig-Clutter and protection: Difference between revisions

From Costa Sano MediaWiki
← Older edit
Mngr (talk | contribs)
Bots, Bureaucrats, club, ict, Interface administrators, research, Suppressors, Administrators
1,024 edits
VisualWikitext
No edit summary
No edit summary
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
= Final Configuration: general clutter reduction and page protection =
= MediaWiki Interface & Permissions Architecture (Final Version) =
Document revison: {{#time:Y-m-d|{{REVISIONTIMESTAMP}}}} by {{REVISIONUSER}}
''A stable, senior‑friendly, successor‑ready configuration for MW 1.43 + Vector‑2022''


The project is using a lot of namespaces, both system default ones and proprietary ones. Although the general default philosophy of MediaWiki is to be as open as possible, we go for a as closed as possible scenario.
== 1. Purpose of This Document ==
This needs a lot a configuration and during 3 days of struggling with this configuration it was observed that it is not fully possible with too much extra lines of code to deal with this ending up in a stable and predictable system.
This document describes the final, working configuration of the MediaWiki interface, permissions, and layout model used for the club’s digital archive. It reflects the validated behavior after the February 2026 refinements.
The historical heritage project as intended to be used by senior people mostly older than 70 and have historical reflexes more than IT reflexes.
A very first requirement is the use of DARK MODE and for now this is only present in an easy way in the vector-2022 skin. However this skin is rather complex so we learned the lesson the hard way not to use too much private css. An experiment to use the more simpler Minerva skin for all or a number of namespaces was not successfull due to the lack of Dark mode.
This finally means that we ended up in extra configuration for vector-2022 in constant dark mode with clutter reduction and protection realized in LocalSystems.php and some elementary css files.


The idea is the following:
It is written for future administrators who may inherit the system.


# Anonymous users should see the final public documents from the reserach effort, without any MediaWiki clutter.
== 2. Design Philosophy ==
# Sysop of course should be capable of dealing with the system as a normal sysop
# The (only) users = senior historians, should only have access to
## Dashboard: namespace for introducing data - workflow and help subpages are also foreseen here.
## Research: namespace for creating, editing and reviewing publication pages coming out of the research These, once validated and accepted by the users (Costa Sano club members), should then be copied to the (Main) namespace for public access.
## Each data entity has its own namespace with the pages concerning the data of that entity NOT accessible by users. Data input and editing is only accessible via the Dashboard.
## Remark: all access to the  data goes through the PageForms extension. Forbidding direct access to data has no influence on the PageForms access.


This ens up in a user workflow:
=== 2.1 Senior‑friendly ===
* Minimal clutter 
* Predictable navigation 
* Clean, distraction‑free layout 


# Introducing and documenting media data via the Dashboard namespace
=== 2.2 Role‑based clarity ===
# Followed by the creating of pages to be made available to the general public in our environment, and optionally moved to Wikipedia.
* Anonymous visitors: clean public view 
* Users: simplified workspace 
* Sysops: full interface 


There are no other users in the system than the onces described above.
=== 2.3 Stability over cleverness ===
* Avoid deep Vector‑2022 overrides 
* Avoid fragile JavaScript 
* Prefer CSS and PHP hooks that are easy to maintain 


== Configuring the correct skin ==
=== 2.4 Successor‑friendly ===
* Clear separation of responsibilities 
* Minimal magic 
* Everything documented 
 
== 3. Final Behavior Overview ==
 
=== 3.1 Anonymous visitors ===
* No top toolbar 
* No right column 
* Full‑width content 
* Minimal sidebar (“Home”) 
* Clean, public‑facing layout 
 
=== 3.2 Registered users (non‑sysop) ===
* No top toolbar in Dashboard/Main 
* Classical toolbar in Research 
* No right column except in Research 
* Full‑width content 
* Simplified sidebar (Dashboard + Research + Logout) 
* PageForms buttons always visible 
 
=== 3.3 Sysops ===
* Full toolbar restored 
* Right column restored 
* Full‑width content 
* Classical Vector‑2022 behavior (except for full‑width layout) 
* Slight left‑alignment quirk in toolbar (Vector‑2022 internal behavior) 
 
== 4. Role‑Based Interface Flow (Diagram) ==
 
<pre>
                +----------------------+
                |  User logs in?      |
                +----------+-----------+
                          |
              +-----------+------------+
              |                        |
            Yes                      No
              |                        |
  +-----------+-----------+    +------+------+
  | Is user sysop?        |    | Anonymous  |
  +-----------+-----------+    +-------------+
              |                        |
      +--------+--------+              |
      |                |              |
    Yes              No              |
      |                |              |
+-----+-----+    +-----+-----+  +-----+-----+
| Sysop UI |    | User UI  |  | Public UI |
+-----------+    +-----------+  +-----------+
</pre>
 
== 5. Sidebar Decision Tree (Diagram) ==
 
<pre>
SidebarBeforeOutput Hook
------------------------------------
 
                +----------------------+
                |  Is user anon?      |
                +----------+-----------+
                            |
                    Yes    |    No
                            |
        +-------------------+-------------------+
        |                                      |
+-------+-------+                      +-------+-------+
| Minimal menu  |                      | Is sysop?    |
| (Home only)  |                      +-------+-------+
+---------------+                              |
                                                |
                                      +---------+---------+
                                      |      Yes        |
                                      |                  |
                                +-----+-----+    +-------+-------+
                                | Full menu |    | Simplified    |
                                | (default) |    | menu (Dash,  |
                                +-----------+    | Research, Out)|
                                                  +---------------+
</pre>
 
== 6. Namespace Architecture (Diagram) ==


LocalSystems.php snippet
<pre>
<pre>
# =================================================
+-------------------------------------------------------------+
# SKIN & INTERFACE
|                        Namespaces                          |
# =================================================
+----------------------+----------------+----------------------+
# --- RESTORE VECTOR 2022 ---
| Public Content      | User Content  | Admin / System      |
+----------------------+----------------+----------------------+
| NS_MAIN              | NS_RESEARCH    | NS_ICT              |
| NS_CHAPTER          |                | NS_DASHBOARD        |
| NS_PLACE            |                |                      |
| NS_ORGANISATION      |                |                      |
| NS_PERSON            |                |                      |
| NS_HERITAGE          |                |                      |
| NS_ASSET            |                |                      |
+----------------------+----------------+----------------------+
 
Protection:
- NS_MAIN: protect
- NS_ICT: editinterface
- NS_DASHBOARD: editinterface
</pre>
 
== 7. CSS Layering Model (Diagram) ==
 
<pre>
                +------------------------+
                |  MediaWiki:Common.css |
                |  (applies to everyone) |
                +-----------+------------+
                            |
                            v
                +------------------------+
                | MediaWiki:Group-user.css |
                |  (registered users)      |
                +-----------+--------------+
                            |
                            v
                +------------------------+
                | MediaWiki:Group-sysop.css |
                |  (sysops only)            |
                +---------------------------+
</pre>
 
== 8. Visual Layout Comparison (Diagram) ==
 
=== 8.1 Anonymous ===
<pre>
+-----------------------------------------------------------+
| [No toolbar]                                              |
+-----------------------------------------------------------+
| [No right column]                                        |
|                                                          |
|  FULL-WIDTH CONTENT                                      |
|                                                          |
+-----------------------------------------------------------+
| Sidebar: Home                                            |
+-----------------------------------------------------------+
</pre>
 
=== 8.2 User (Dashboard/Main) ===
<pre>
+-----------------------------------------------------------+
| [No toolbar]                                              |
+-----------------------------------------------------------+
| [No right column]                                        |
|                                                          |
|  FULL-WIDTH CONTENT                                      |
|                                                          |
+-----------------------------------------------------------+
| Sidebar: Dashboard | Research | Logout                    |
+-----------------------------------------------------------+
</pre>
 
=== 8.3 User (Research) ===
<pre>
+-----------------------------------------------------------+
| Namespace | Discussion        Read | Edit | History | ★  |
+-----------------------------------------------------------+
| Right column visible (default Vector)                    |
|                                                          |
|  FULL-WIDTH CONTENT                                      |
|                                                          |
+-----------------------------------------------------------+
| Sidebar: Dashboard | Research | Logout                    |
+-----------------------------------------------------------+
</pre>
 
=== 8.4 Sysop ===
<pre>
+-----------------------------------------------------------+
| Namespace | Discussion        Read | Edit | History | ★  |
| (slightly left-aligned due to Vector-2022 flex behavior)  |
+-----------------------------------------------------------+
| Right column restored                                    |
|                                                          |
|  FULL-WIDTH CONTENT                                      |
|                                                          |
+-----------------------------------------------------------+
| Full default sidebar                                      |
+-----------------------------------------------------------+
</pre>
 
== 9. Permission Flow Diagram ==
 
<pre>
+-----------------------------+
|        User Group          |
+-----------------------------+
| * (anon)                    |
| user                        |
| sysop                      |
+-----------------------------+
 
Permissions:
-----------------------------------------
*      → read only
user  → read + edit (no upload)
sysop  → full control (upload + interface)
-----------------------------------------
</pre>
 
== 10. System Philosophy Diagram ==
 
<pre>
+-----------------------------------------------------------+
|                    SYSTEM PHILOSOPHY                      |
+----------------------+----------------+--------------------+
| Senior-friendly      | Stable        | Successor-ready    |
+----------------------+----------------+--------------------+
| Minimal clutter      | Avoid deep    | Clear structure    |
| Predictable UI      | Vector hacks  | Documented logic  |
| Full-width content  | No JS tricks  | Easy to maintain  |
+----------------------+----------------+--------------------+
</pre>
 
== 11. Final LocalSettings.php Configuration ==
 
=== 11.1 Skin & Interface ===
<pre>
wfLoadSkin( 'Vector' );
wfLoadSkin( 'Vector' );
$wgDefaultSkin = "vector-2022";
$wgDefaultSkin = "vector-2022";


# --- ENABLE NATIVE DARK MODE (For Vector 2022) ---
# This unlocks the "Appearance" menu for users without manual CSS hacks.
$wgVectorNightMode = [
$wgVectorNightMode = [
     'beta' => true,
     'beta' => true,
Line 44: Line 255:
];
];


# --- OPTIONAL: Force 'Dark' as the default for all users ---
$wgDefaultUserOptions['vector-theme'] = 'night';
$wgDefaultUserOptions['vector-theme'] = 'night';
</pre>
</pre>


= Protection =
=== 11.2 Global Permissions ===
What is documented by MediaWiki as of using the following approach:
 
# forbid everything
# and then allow specific function and actions (with Lockdown)
 
gives no result at all, because this is against the spirit of what Lockdown is supposed to do.
 
The adopted solution is as follows:
 
LocalSystems.php snippet
<pre>
<pre>
 
# Anonymous
###########################################################################
# STABLE INTERFACE MODEL - MW 1.43 / PHP 8.2 COMPATIBLE
###########################################################################
 
# 1. GLOBAL PERMISSIONS
$wgGroupPermissions['*']['read']          = true;
$wgGroupPermissions['*']['read']          = true;
$wgGroupPermissions['*']['edit']          = false;
$wgGroupPermissions['*']['edit']          = false;
$wgGroupPermissions['*']['createaccount'] = false;
$wgGroupPermissions['*']['createaccount'] = false;


# Clubmembers: Full drafting in Research, but locked system areas
# Users
$wgGroupPermissions['user']['read']      = true;
$wgGroupPermissions['user']['read']      = true;
$wgGroupPermissions['user']['edit']      = true;
$wgGroupPermissions['user']['edit']      = true;
$wgGroupPermissions['user']['upload']    = false;
$wgGroupPermissions['user']['upload']    = false;
$wgGroupPermissions['user']['reupload']  = false;
$wgGroupPermissions['user']['reupload-own'] = false;


# Sysop: Absolute interface control
# Sysops
$wgGroupPermissions['sysop']['editinterface'] = true;
$wgGroupPermissions['sysop']['editinterface'] = true;
$wgGroupPermissions['sysop']['upload']        = true;
$wgGroupPermissions['sysop']['upload']        = true;
$wgGroupPermissions['sysop']['reupload']      = true;
$wgGroupPermissions['sysop']['reupload-own']  = true;
</pre>


# 2. NAMESPACE PROTECTION
=== 11.3 Namespace Protection ===
<pre>
$wgNamespaceProtection[NS_MAIN]      = [ 'protect' ];
$wgNamespaceProtection[NS_MAIN]      = [ 'protect' ];
$wgNamespaceProtection[NS_ICT]      = [ 'editinterface' ];
$wgNamespaceProtection[NS_ICT]      = [ 'editinterface' ];
$wgNamespaceProtection[NS_DASHBOARD] = [ 'editinterface' ];  
$wgNamespaceProtection[NS_DASHBOARD] = [ 'editinterface' ];
</pre>


# 3. CONTENT DEFINITION
=== 11.4 Content Namespaces ===
<pre>
$wgContentNamespaces = [
$wgContentNamespaces = [
     NS_MAIN, NS_RESEARCH, NS_ICT, NS_DASHBOARD,
     NS_MAIN, NS_RESEARCH, NS_ICT, NS_DASHBOARD,
     NS_CHAPTER, NS_PLACE, NS_ORGANISATION, NS_PERSON, NS_HERITAGE, NS_ASSET
     NS_CHAPTER, NS_PLACE, NS_ORGANISATION,
    NS_PERSON, NS_HERITAGE, NS_ASSET
];
];
$wgNamespacesWithSubpages[NS_DASHBOARD] = true;
$wgNamespacesWithSubpages[NS_DASHBOARD] = true;
</pre>


# 4. SAFE SIDEBAR HOOK (MW 1.43 Signature)
=== 11.5 Sidebar Model (Final Working Version) ===
# This hook modifies the sidebar content only for non-admins.
<pre>
# Uses static relative paths to prevent 'Title' object initialization crashes.
$wgHooks['SidebarBeforeOutput'][] = function ( $skin, &$sidebar ) {
$wgHooks['SidebarBeforeOutput'][] = function ( $skin, &$sidebar ) {
     $user = $skin->getUser();
     $user = $skin->getUser();
      
 
     # Only simplify for non-admins (Club Members)
    # Anonymous: minimal sidebar
    if ( $user->isAnon() ) {
        $sidebar = [
            'Navigation' => [
                [ 'text' => 'Home', 'href' => '/Hoofdpagina' ]
            ]
        ];
        return true;
     }
 
     # Users (non-sysop): simplified sidebar
     if ( !$user->isAllowed( 'editinterface' ) ) {
     if ( !$user->isAllowed( 'editinterface' ) ) {
        # We use the $wgArticlePath format (usually /Dashboard:Main)
         $sidebar = [
         $sidebar = [
             'Project Navigation' => [
             'Project Navigation' => [
                 [ 'text' => 'Dashboard', 'href' => '/Dashboard:Main' ],
                 [ 'text' => 'Dashboard',     'href' => '/Dashboard:Main' ],
                 [ 'text' => 'Research Area', 'href' => '/Research:Main' ],
                 [ 'text' => 'Research Area', 'href' => '/Research:Main' ],
             ],
             ],
Line 109: Line 323:
             ]
             ]
         ];
         ];
        return true;
     }
     }
    # Sysop: default sidebar
     return true;
     return true;
};
};
</pre>


# 5. NAMESPACE PROTECTION (Keep the seniors safe)
=== 11.6 Cargo Hardening ===
$wgNamespaceProtection[NS_MAIN]      = [ 'protect' ];      // Locked Library
<pre>
$wgNamespaceProtection[NS_ICT]      = [ 'editinterface' ]; // Locked Technical Docs
$wgGroupPermissions['user']['runcargoqueries']   = false;
$wgNamespaceProtection[NS_DASHBOARD] = [ 'editinterface' ]; // Locked App Layout
 
# 6. CARGO SECURITY (The "Simple" Block)
# This stops the 'Cargo data' link from actually working for users
$wgGroupPermissions['user']['runcargoqueries'] = false;
$wgGroupPermissions['user']['recreatecargodata'] = false;
$wgGroupPermissions['user']['recreatecargodata'] = false;
</pre>


# 7. This hides the 'Edit' button and replaces it with 'View Source' for non-admins
=== 11.7 Optional Hardening ===
$wgNamespaceProtection[NS_DASHBOARD] = ['editinterface'];
<pre>
$wgNamespaceProtection[NS_MAIN]      = ['protect'];
$wgNamespaceProtection[NS_ICT]      = ['editinterface'];
 
# 8. Disable direct uploads for users
$wgGroupPermissions['user']['upload'] = false;
$wgGroupPermissions['user']['reupload'] = false;
$wgGroupPermissions['user']['reupload-own'] = false;
 
# 9. Sysop keeps upload rights
$wgGroupPermissions['sysop']['upload'] = true;
$wgGroupPermissions['sysop']['reupload'] = true;
$wgGroupPermissions['sysop']['reupload-own'] = true;
 
# -------------------------------------------------
# OPTIONAL HARDENING
# -------------------------------------------------
 
$wgNonincludableNamespaces[] = NS_ICT;
$wgNonincludableNamespaces[] = NS_ICT;
#Never redirect a page - bypass login redirect problem/bug
$wgRedirectOnLogin = "Hoofdpagina";
$wgRedirectOnLogin = "Hoofdpagina";
############################################################
# END OF SIMPLE ANTI CLUTTER AND PROTECTION  MODEL
############################################################
</pre>
</pre>
As one may observe it is not a simple taks to reduce the clutter and protect the environment against accidentel and curiously clicking links that could lead to corruption of the system.
Point 4 introduces a special sidebar for replacing the classical MediaWiki left sidebar. Only permitted pages are listed in the sidebar.


It has been decided to make disappear, except for the sysop of the classical bar on top of a text.
== 12. Final CSS Configuration ==
<pre>
Namespace Discussion Read Edit Edit source View history
</pre>
This avoids a lot of possible problems with the users.


This is realised by 2 css group files:
=== 12.1 MediaWiki:Common.css (Anonymous users) ===
 
MediaWiki:Group-user.css
<pre>
<pre>
/* CSS placed here will affect registered users only */
/* Hide toolbar and right column for anonymous users */
 
/* Hide Top Bar & Right Column for Users in Dashboard & Main */
.ns-3020 .vector-page-toolbar,
.ns-0 .vector-page-toolbar,
.ns-0 .vector-page-toolbar,
.ns-3020 .vector-column-end,
.ns-0 .vector-column-end {
.ns-0 .vector-column-end {
     display: none !important;
     display: none !important;
}
}


/* Reclaim space for full-width layout */
/* Full-width layout */
.ns-3020 .mw-content-container,
.ns-0 .mw-content-container {
.ns-0 .mw-content-container {
     max-width: none !important;
     max-width: none !important;
}
}
</pre>


/* Ensure Form Buttons are NEVER hidden */
=== 12.2 MediaWiki:Group-user.css (Registered users) ===
.mw-body-content .mw-ui-button,  
<pre>
/* Hide toolbar & right column in Dashboard and Main */
.ns-3020 .vector-page-toolbar,
.ns-0    .vector-page-toolbar,
.ns-3020 .vector-column-end,
.ns-0    .vector-column-end {
    display: none !important;
}
 
/* Full-width layout */
.ns-3020 .mw-content-container,
.ns-0    .mw-content-container {
    max-width: none !important;
}
 
/* Ensure PageForms buttons are always visible */
.mw-body-content .mw-ui-button,
.mw-body-content .pfForm {
.mw-body-content .pfForm {
     display: inline-block !important;
     display: inline-block !important;
Line 189: Line 383:
</pre>
</pre>


and a second one restoring the bar for the sysop (as sysop is also considered a user)
=== 12.3 MediaWiki:Group-sysop.css (Sysops) ===
 
MediaWIki:Group-sysop.css
<pre>
<pre>
/* MediaWiki:Group-sysop.css - Fluid Admin View */
/* Restore toolbar */
 
/* 1. Restore the Top Toolbar (Read, Edit, History) */
html body.skin-vector-2022 .vector-page-toolbar {
html body.skin-vector-2022 .vector-page-toolbar {
     display: flex !important;
     display: flex !important;
Line 201: Line 391:
}
}


/* 2. Restore the Right Column Tools WITHOUT shrinking the content */
/* Restore right column in normal flow */
html body.skin-vector-2022 .vector-column-end {
html body.skin-vector-2022 .vector-column-end {
     display: block !important;
     display: block !important;
     visibility: visible !important;
     visibility: visible !important;
     position: absolute !important; /* Floats the tools so they don't push the content */
     position: static !important;
    right: 0;
    top: 150px;
    z-index: 100;
}
}


/* 3. FORCE CONTENT FULL-WIDTH for Sysop */
/* Full-width content */
html body.skin-vector-2022 .mw-content-container {
html body.skin-vector-2022 .mw-content-container {
     max-width: none !important;
     max-width: none !important;
    margin-right: 0 !important; /* Removes the "squeeze" */
}
}
</pre>
</pre>


= Testing =
== 13. Known Limitations ==
 
=== 13.1 Sysop toolbar alignment ===
Vector‑2022 aligns the sysop toolbar slightly differently due to internal flexbox logic. 
This is harmless and not worth overriding.
 
=== 13.2 Vector‑2022 sidebar dependency ===
Vector‑2022 cannot render with an empty sidebar. 
Anonymous users must always receive at least one menu item.
 
=== 13.3 PageForms visibility ===
PageForms buttons must be explicitly forced visible for non‑sysops.
 
== 14. Future Extensions ==
 
=== 14.1 Public navigation ===
When more public pages exist, extend the anonymous sidebar:
<pre>
'Navigation' => [
    [ 'text' => 'Home', 'href' => '/Hoofdpagina' ],
    [ 'text' => 'About', 'href' => '/Main:About' ],
    [ 'text' => 'Archive', 'href' => '/Main:Archive' ]
]
</pre>
 
=== 14.2 Role‑based dashboards ===
Dashboard namespace can later host:
* User dashboards 
* Research dashboards 
* Admin dashboards 
 
=== 14.3 Omeka‑S style modular archive ===
The current structure is ready for:
* Entities 
* Assets 
* Relations 
* Cargo tables 


This configuration was tested and demonstrated satisfaction.
== 15. Final Notes for Successors ==
However, we should see if all protection in LocalSystems.php makes sense and does not forbit too much.
* All interface behavior is controlled by three CSS files and one PHP hook. 
This needs to be discovered as we go along.
* Avoid modifying Vector‑2022 templates unless absolutely necessary.
* Keep the anonymous sidebar non‑empty.
* Maintain full‑width layout for consistency.
* Document every change in ICT namespace.

Latest revision as of 17:27, 13 February 2026

MediaWiki Interface & Permissions Architecture (Final Version)

A stable, senior‑friendly, successor‑ready configuration for MW 1.43 + Vector‑2022

1. Purpose of This Document

This document describes the final, working configuration of the MediaWiki interface, permissions, and layout model used for the club’s digital archive. It reflects the validated behavior after the February 2026 refinements.

It is written for future administrators who may inherit the system.

2. Design Philosophy

2.1 Senior‑friendly

  • Minimal clutter
  • Predictable navigation
  • Clean, distraction‑free layout

2.2 Role‑based clarity

  • Anonymous visitors: clean public view
  • Users: simplified workspace
  • Sysops: full interface

2.3 Stability over cleverness

  • Avoid deep Vector‑2022 overrides
  • Avoid fragile JavaScript
  • Prefer CSS and PHP hooks that are easy to maintain

2.4 Successor‑friendly

  • Clear separation of responsibilities
  • Minimal magic
  • Everything documented

3. Final Behavior Overview

3.1 Anonymous visitors

  • No top toolbar
  • No right column
  • Full‑width content
  • Minimal sidebar (“Home”)
  • Clean, public‑facing layout

3.2 Registered users (non‑sysop)

  • No top toolbar in Dashboard/Main
  • Classical toolbar in Research
  • No right column except in Research
  • Full‑width content
  • Simplified sidebar (Dashboard + Research + Logout)
  • PageForms buttons always visible

3.3 Sysops

  • Full toolbar restored
  • Right column restored
  • Full‑width content
  • Classical Vector‑2022 behavior (except for full‑width layout)
  • Slight left‑alignment quirk in toolbar (Vector‑2022 internal behavior)

4. Role‑Based Interface Flow (Diagram)

                +----------------------+
                |   User logs in?      |
                +----------+-----------+
                           |
               +-----------+------------+
               |                        |
             Yes                       No
               |                        |
   +-----------+-----------+     +------+------+
   | Is user sysop?        |     | Anonymous   |
   +-----------+-----------+     +-------------+
               |                        |
      +--------+--------+               |
      |                 |               |
     Yes               No               |
      |                 |               |
+-----+-----+     +-----+-----+   +-----+-----+
| Sysop UI |     | User UI  |   | Public UI |
+-----------+     +-----------+   +-----------+

5. Sidebar Decision Tree (Diagram)

SidebarBeforeOutput Hook
------------------------------------

                 +----------------------+
                 |   Is user anon?      |
                 +----------+-----------+
                            |
                     Yes    |    No
                            |
        +-------------------+-------------------+
        |                                       |
+-------+-------+                       +-------+-------+
| Minimal menu  |                       | Is sysop?     |
| (Home only)   |                       +-------+-------+
+---------------+                               |
                                                |
                                      +---------+---------+
                                      |       Yes         |
                                      |                   |
                                +-----+-----+     +-------+-------+
                                | Full menu |     | Simplified    |
                                | (default) |     | menu (Dash,   |
                                +-----------+     | Research, Out)|
                                                  +---------------+

6. Namespace Architecture (Diagram)

+-------------------------------------------------------------+
|                         Namespaces                          |
+----------------------+----------------+----------------------+
| Public Content       | User Content   | Admin / System       |
+----------------------+----------------+----------------------+
| NS_MAIN              | NS_RESEARCH    | NS_ICT               |
| NS_CHAPTER           |                | NS_DASHBOARD         |
| NS_PLACE             |                |                      |
| NS_ORGANISATION      |                |                      |
| NS_PERSON            |                |                      |
| NS_HERITAGE          |                |                      |
| NS_ASSET             |                |                      |
+----------------------+----------------+----------------------+

Protection:
- NS_MAIN: protect
- NS_ICT: editinterface
- NS_DASHBOARD: editinterface

7. CSS Layering Model (Diagram)

                +------------------------+
                |   MediaWiki:Common.css |
                |  (applies to everyone) |
                +-----------+------------+
                            |
                            v
                +------------------------+
                | MediaWiki:Group-user.css |
                |  (registered users)      |
                +-----------+--------------+
                            |
                            v
                +------------------------+
                | MediaWiki:Group-sysop.css |
                |  (sysops only)            |
                +---------------------------+

8. Visual Layout Comparison (Diagram)

8.1 Anonymous

+-----------------------------------------------------------+
| [No toolbar]                                              |
+-----------------------------------------------------------+
| [No right column]                                         |
|                                                           |
|  FULL-WIDTH CONTENT                                       |
|                                                           |
+-----------------------------------------------------------+
| Sidebar: Home                                             |
+-----------------------------------------------------------+

8.2 User (Dashboard/Main)

+-----------------------------------------------------------+
| [No toolbar]                                              |
+-----------------------------------------------------------+
| [No right column]                                         |
|                                                           |
|  FULL-WIDTH CONTENT                                       |
|                                                           |
+-----------------------------------------------------------+
| Sidebar: Dashboard | Research | Logout                    |
+-----------------------------------------------------------+

8.3 User (Research)

+-----------------------------------------------------------+
| Namespace | Discussion        Read | Edit | History | ★   |
+-----------------------------------------------------------+
| Right column visible (default Vector)                     |
|                                                           |
|  FULL-WIDTH CONTENT                                       |
|                                                           |
+-----------------------------------------------------------+
| Sidebar: Dashboard | Research | Logout                    |
+-----------------------------------------------------------+

8.4 Sysop

+-----------------------------------------------------------+
| Namespace | Discussion        Read | Edit | History | ★   |
| (slightly left-aligned due to Vector-2022 flex behavior)  |
+-----------------------------------------------------------+
| Right column restored                                     |
|                                                           |
|  FULL-WIDTH CONTENT                                       |
|                                                           |
+-----------------------------------------------------------+
| Full default sidebar                                      |
+-----------------------------------------------------------+

9. Permission Flow Diagram

+-----------------------------+
|        User Group           |
+-----------------------------+
| * (anon)                    |
| user                        |
| sysop                       |
+-----------------------------+

Permissions:
-----------------------------------------
*      → read only
user   → read + edit (no upload)
sysop  → full control (upload + interface)
-----------------------------------------

10. System Philosophy Diagram

+-----------------------------------------------------------+
|                    SYSTEM PHILOSOPHY                      |
+----------------------+----------------+--------------------+
| Senior-friendly      | Stable         | Successor-ready    |
+----------------------+----------------+--------------------+
| Minimal clutter      | Avoid deep     | Clear structure    |
| Predictable UI       | Vector hacks   | Documented logic   |
| Full-width content   | No JS tricks   | Easy to maintain   |
+----------------------+----------------+--------------------+

11. Final LocalSettings.php Configuration

11.1 Skin & Interface

wfLoadSkin( 'Vector' );
$wgDefaultSkin = "vector-2022";

$wgVectorNightMode = [
    'beta' => true,
    'logged_in' => true,
    'logged_out' => true,
];

$wgDefaultUserOptions['vector-theme'] = 'night';

11.2 Global Permissions

# Anonymous
$wgGroupPermissions['*']['read']          = true;
$wgGroupPermissions['*']['edit']          = false;
$wgGroupPermissions['*']['createaccount'] = false;

# Users
$wgGroupPermissions['user']['read']       = true;
$wgGroupPermissions['user']['edit']       = true;
$wgGroupPermissions['user']['upload']     = false;
$wgGroupPermissions['user']['reupload']   = false;
$wgGroupPermissions['user']['reupload-own'] = false;

# Sysops
$wgGroupPermissions['sysop']['editinterface'] = true;
$wgGroupPermissions['sysop']['upload']        = true;
$wgGroupPermissions['sysop']['reupload']      = true;
$wgGroupPermissions['sysop']['reupload-own']  = true;

11.3 Namespace Protection

$wgNamespaceProtection[NS_MAIN]      = [ 'protect' ];
$wgNamespaceProtection[NS_ICT]       = [ 'editinterface' ];
$wgNamespaceProtection[NS_DASHBOARD] = [ 'editinterface' ];

11.4 Content Namespaces

$wgContentNamespaces = [
    NS_MAIN, NS_RESEARCH, NS_ICT, NS_DASHBOARD,
    NS_CHAPTER, NS_PLACE, NS_ORGANISATION,
    NS_PERSON, NS_HERITAGE, NS_ASSET
];

$wgNamespacesWithSubpages[NS_DASHBOARD] = true;

11.5 Sidebar Model (Final Working Version)

$wgHooks['SidebarBeforeOutput'][] = function ( $skin, &$sidebar ) {
    $user = $skin->getUser();

    # Anonymous: minimal sidebar
    if ( $user->isAnon() ) {
        $sidebar = [
            'Navigation' => [
                [ 'text' => 'Home', 'href' => '/Hoofdpagina' ]
            ]
        ];
        return true;
    }

    # Users (non-sysop): simplified sidebar
    if ( !$user->isAllowed( 'editinterface' ) ) {
        $sidebar = [
            'Project Navigation' => [
                [ 'text' => 'Dashboard',     'href' => '/Dashboard:Main' ],
                [ 'text' => 'Research Area', 'href' => '/Research:Main' ],
            ],
            'Account' => [
                [ 'text' => 'Logout', 'href' => '/Special:UserLogout' ]
            ]
        ];
        return true;
    }

    # Sysop: default sidebar
    return true;
};

11.6 Cargo Hardening

$wgGroupPermissions['user']['runcargoqueries']   = false;
$wgGroupPermissions['user']['recreatecargodata'] = false;

11.7 Optional Hardening

$wgNonincludableNamespaces[] = NS_ICT;
$wgRedirectOnLogin = "Hoofdpagina";

12. Final CSS Configuration

12.1 MediaWiki:Common.css (Anonymous users)

/* Hide toolbar and right column for anonymous users */
.ns-0 .vector-page-toolbar,
.ns-0 .vector-column-end {
    display: none !important;
}

/* Full-width layout */
.ns-0 .mw-content-container {
    max-width: none !important;
}

12.2 MediaWiki:Group-user.css (Registered users)

/* Hide toolbar & right column in Dashboard and Main */
.ns-3020 .vector-page-toolbar,
.ns-0    .vector-page-toolbar,
.ns-3020 .vector-column-end,
.ns-0    .vector-column-end {
    display: none !important;
}

/* Full-width layout */
.ns-3020 .mw-content-container,
.ns-0    .mw-content-container {
    max-width: none !important;
}

/* Ensure PageForms buttons are always visible */
.mw-body-content .mw-ui-button,
.mw-body-content .pfForm {
    display: inline-block !important;
    visibility: visible !important;
}

12.3 MediaWiki:Group-sysop.css (Sysops)

/* Restore toolbar */
html body.skin-vector-2022 .vector-page-toolbar {
    display: flex !important;
    visibility: visible !important;
}

/* Restore right column in normal flow */
html body.skin-vector-2022 .vector-column-end {
    display: block !important;
    visibility: visible !important;
    position: static !important;
}

/* Full-width content */
html body.skin-vector-2022 .mw-content-container {
    max-width: none !important;
}

13. Known Limitations

13.1 Sysop toolbar alignment

Vector‑2022 aligns the sysop toolbar slightly differently due to internal flexbox logic. This is harmless and not worth overriding.

13.2 Vector‑2022 sidebar dependency

Vector‑2022 cannot render with an empty sidebar. Anonymous users must always receive at least one menu item.

13.3 PageForms visibility

PageForms buttons must be explicitly forced visible for non‑sysops.

14. Future Extensions

14.1 Public navigation

When more public pages exist, extend the anonymous sidebar: 

'Navigation' => [
    [ 'text' => 'Home', 'href' => '/Hoofdpagina' ],
    [ 'text' => 'About', 'href' => '/Main:About' ],
    [ 'text' => 'Archive', 'href' => '/Main:Archive' ]
]

14.2 Role‑based dashboards

Dashboard namespace can later host:

  • User dashboards
  • Research dashboards
  • Admin dashboards

14.3 Omeka‑S style modular archive

The current structure is ready for:

  • Entities
  • Assets
  • Relations
  • Cargo tables

15. Final Notes for Successors

  • All interface behavior is controlled by three CSS files and one PHP hook.
  • Avoid modifying Vector‑2022 templates unless absolutely necessary.
  • Keep the anonymous sidebar non‑empty.
  • Maintain full‑width layout for consistency.
  • Document every change in ICT namespace.
Retrieved from "https://mwiki.costasano.club/index.php?title=ICT:FinalConfig-Clutter_and_protection&oldid=685"