Free Working With MediaWiki by Yaron Koren Page A

character, including spaces. There are some restrictions, though: usernames of course have to be unique, and they can’t contain any of the reserved characters that page names can’t contain, plus a few more. Here is the main list of characters not allowed in usernames:
    # < > [ ] | { } / @
    There are also various control characters, and unusual whitespace characters, which usernames can’t contain. And you can’t create a username that spoofs a MediaWiki page name with a namespace, like “Help:Contents”, or spoofs an IP address, like “123.45.67.89” (the latter is because the IP address is used as an identifier for users who are not logged in).
    Also, a username cannot be longer than 40 characters.
    Finally, usernames cannot start with a lowercase letter — if you register a username that stars with a lowercase letter, the first letter will get automatically capitalized. That holds true even if lowercase first letters in page names are enabled, using “$wgCapitalLinks = true”.

User groups and permissions
    All user-rights management in MediaWiki is done via “groups”, and not for individual users. You can’t assign permissions to an individual wiki user — instead, you put users in different groups, with each having its own set of permissions.
Default user groups
    By default, there are three defined groups to which users can be added: “sysop”, “bureaucrat” and “bot”.
    “sysop” is a misnamed group — sysops don’t do anything with administering the server on which the wiki resides, as you might think from the name; instead, they simply administer wiki content. “administrator” would be a much more accurate name, and in fact the term “administrator” is how it is referred to in the web interface, but behind the scenes it’s still called “sysop”. Sysops/administrators, by default, can perform the main administrative tasks on wikis: deleting pages, "protecting" pages (so that some or all non-sysop users can’t edit them), blocking users, etc.
    The main right of the “bureaucrat” group, by default, is to be able to assign users to different groups.
    The “bot” group is meant to be reserved for user accounts that are actually automated scripts, which perform various actions. Bots are prevalent on Wikipedia, but are rare on most smaller wikis. You can read about bots here .
    There are three more implicit groups, which users can’t be added to or removed from but simply belong to: “user”, “autoconfirmed” and “emailconfirmed”. Once a user registers with a username, they’re defined as a “user”; once they’ve been in the system for long enough and have made enough edits (both values are settable) they’re also in “autoconfirmed”, and once they confirm an email address, they’re in “emailconfirmed” as well.
    When a wiki is first set up, an initial account is created: by default it’s called “WikiSysop”. This account initially belongs to both the “sysops” and “bureaucrats” group, so anyone logged in as WikiSysop can make other users administrators and bureaucrats as well, thus setting up the whole user structure.
    The pageSpecial:UserRights is the page with which bureaucrats (by default) can change any user’s group memberships. Figure 8.3 shows one example of how it could appear.
    Figure 8.3 Special:UserRights page
Setting permissions
    How are the permissionsof each user group set? That’s done through the LocalSettings.php file, and the variable $wgGroupPermissions. Every permission that can be set has its own name, which is usually the name of the action that would be performed. To set whether the a certain user group can perform a certain action, the general form in LocalSettings.php is:
$wgGroupPermissions[' group name '][' action name '] = true/false ;
    For instance, by default, only sysops/administrators can delete pages. The action for deleting pages is called, as you would expect, ’delete’. So, to allow bureaucrats to also