Jump to content

ICT:Account protection

From Costa Sano MediaWiki
Revision as of 18:40, 9 February 2026 by Mngr (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Philosophy

This wiki is a Private Research Platform. To simplify management, we avoid "blacklisting" individual default namespaces. Instead, we use a "White-room" approach: everything is forbidden by default, and access is granted only to the specific functional layers required for research.

1. Global Restrictions

Applied in `LocalSettings.php` to ensure the wiki is invisible to the public and restricted for standard users. 

# Full Privacy: Revoke read from all by default
$wgGroupPermissions['*']['read'] = false;
$wgGroupPermissions['user']['read'] = false; 

# Sysop Override: Ensure admins maintain full visibility
$wgGroupPermissions['sysop']['read'] = true;

# Essential Whitelist: Required for login and site rendering
$wgWhitelistRead = [
    "Special:UserLogin",
    "MediaWiki:Common.css",
    "MediaWiki:Common.js"
];

2. Research Environment Exceptions

Using Extension:Lockdown, we grant the `user` group access to the specific namespaces required for the Dashboard, Cargo queries, and Page Forms. 

# Research Namespaces
$wgNamespacePermissionLockdown[NS_RESEARCH]['read'] = ['user', 'sysop'];
$wgNamespacePermissionLockdown[NS_DASHBOARD]['read'] = ['user', 'sysop'];

# Supporting Infrastructure (Required for Dashboard rendering)
# Researchers need 'read' access to these so templates and forms function.
$wgNamespacePermissionLockdown[NS_TEMPLATE]['read'] = ['user', 'sysop'];
$wgNamespacePermissionLockdown[NS_FORM]['read']     = ['user', 'sysop'];

3. Page Forms & Cargo Interaction

The Dashboard utilizes `Template:EntityRow` for layout and queries the Cargo database.

  • Note: If researchers can see the Dashboard but not the data results, ensure the Cargo-specific namespaces are also allowed.
  • Editing: The `edit` permission is granted globally to the `user` group, but restricted by namespace via Lockdown.

4. Default System Accounts

  • MediaWiki default: Internal system user. No password; no login allowed. Safe.
  • Admin/Sysop: Full credentials required.

Successor Notes

  • Adding Entities: When creating a new Research Entity, ensure the associated Template and Form are placed in the permitted namespaces.
  • Testing Access: Always test new Dashboard sections with a non-admin "Fellow" account to ensure no "Permission Denied" errors occur during template transclusion.


Strategy: Forbidden by Default

To prevent "clutter" and spying, the wiki uses a **Negative Lockdown** model. Users are explicitly denied access to all default MediaWiki namespaces.

Configuration Implementation

1. Namespace Stealth

The following namespaces are hidden from the Search bar and 'All Pages' list for standard members to prevent them from seeing technical infrastructure:

  • ICT (ID: 3000)
  • Template (ID: 10)
  • Form (ID: 106)

2. Functional Access

Members are restricted to the following functional "Safe Zones":

  • Dashboard: Entry point for all research.
  • Research: The data repository.

3. Maintenance Logic

Standard users (`group: user`) have had their global `['read']` permission revoked in LocalSettings.php. They only "see" what is explicitly whitelisted via the Lockdown extension.

Successor Warning

If a researcher reports a "Broken Template" error (e.g., seeing raw Template:... code), it usually means a new Template was created in a namespace that isn't yet whitelisted for the `user` group.

Retrieved from "https://mwiki.costasano.club/index.php?title=ICT:Account_protection&oldid=528"