From Cicero

Jump to: navigation, search


Installing Cicero

To install Cicero you need to execute the following steps:

  1. Install[1] or upgrade[2] to MediaWiki 1.16.0.
    Note that Cicero 1.4.0 has been tested with MediaWiki 1.16.0 and doesn't work with versions of MediaWiki prior to 1.16; it is also NOT guaranteed that Cicero 1.4.0 will work with versions of MediaWiki higher than 1.16.0.
  2. Install the Semantic MediaWiki extension 1.5.4 (or higher).
    Note that Cicero 1.4.0 has been tested with Semantic MediaWiki 1.5.4 and doesn’t work with versions of Semantic MediaWiki prior to 1.5.0; it is also NOT guaranteed that Cicero 1.4.0 will work with versions of Semantic MediaWiki higher than 1.5.4.
  3. Extract the downloaded archive into the folder <MediaWikiPath>/extensions/.
    Note that after extracting the archive, you will have a new folder called Cicero which you should NOT rename.
  4. Add the following line at the end of LocalSettings.php of your MediaWiki-installation:
  5. By calling the page
    Note that you need a Sysops-account within MediaWiki to be able to access the installation form. Here you just have to click on the Install Cicero 1.4.0 -button and the installation is executed automatically (see area 1 in Fig. 1). Make sure that in the LocalSettings.php of MediaWiki a database user account is listed which has the right to create and alter tables.

Figure 1: The Cicero installation form.

Note that - if for some reason - the installation becomes incomplete or defective you can execute the installation procedure at any time. The installation procedure will add the missing parts of the installation and will repair the broken parts. The user who installed the Cicero extension gets automatically assigned the role of a Cicero administrator. In the Subsection about Predefined Rights of User Groups, more details are available about the Cicero administrator -role and how to assign it to further users.


Add new Cicero administrator

For registering a plain user as a Cicero administrator, the User rights management page of the MediaWiki can be used. The page can be accessed under the URL http://<serverName>/<MediaWikiFolder>/index.php?title=Special:Userrights

Note that you need to be (at least) member of the Bureaucrats-group to access this page. There you can type the loginname of the respective user. After clicking on the Edit User Groups-button (area 1 in Fig. 2) an interface appears below. It shows on the left the current memberships of the user (area 2). If the entry Cicero admin already exists, the user already is a cicero administrator. But if the entry Cicero admin appears on the right side (area 3), the user needs to be added to this group. You achieve this by selecting the entry Cicero admin on the right side and clicking on the Save User Groups-button (area 4).

Figure 2: Adding a new cicero administrator.

Predefined Rights of User Groups

The definition of the user groups used in Cicero are stored in the file user/CMW_UserRights.php. Usually, it will not be necessary to manually change this file. It is used for changing the predefined public and private rights-configurations described in the Subsection about Managing Access Rights. They can be changed by adapting the values in lines 55-119. The following lines

$cwgGroupPermissions["project member"]['changeprojectproperties']['public'] = false;

$cwgGroupPermissions["project member"]['changeprojectproperties']['private'] = false;

$cwgGroupPermissions["project member"]['createissue']['public'] = true;

$cwgGroupPermissions["project member"]['createissue']['private'] = false;


show an excerpt. For example if you prefer that in the predefined configuration public, a project member should not be able to create an issue, you need to change line 3 to

$cwgGroupPermissions["project member"]['createissue']['public'] = false;

$cwgGroupPermissions has the following structure

$cwgGroupPermissions[<roleName>][<rightName>][<predefinedConfigurationName] = {true or false}

true stands for allowed while false means forbidden. Be sure to keep the hierarchical structure of the user groups and the inheritance rule (for more details see the Subsection about Managing Access Rights). Changes to this file will not have an effect on the user rights of alreadyy created projects.


The settings of the Cicero extension are mainly stored in the file CMW_Settings.php. You should normally NOT change any of the values. If you have other MediaWiki extensions installed besides of Cicero and SemanticMediaWiki which uses own namespaces, you probably need to change the following lines (72-76):

// namespace numbers for this extension
$namespaceNr = 122;
$namespaceDiscussionNr = 123;

If another extension already uses the namespace numbers 122 and 123, change the values in CMW_Settings.php into values unequal to these and bigger than 110. If you want to deactivate the creation of accounts by users, you just need to out-comment the following line (103) by adding // at the beginning:

$wgGroupPermissions['*']['createaccount'] = true;

With this you restore the default behavior of your MediaWiki-installation. If you want to change the default issue and voting timer within a project, you can change the following lines (326-327):

$defaultIssueTimer = 0;
$defaultVotingTimer = 7;

The predefined values are 0 for the default issue timer and 7 for the default voting timer. These values are shown in the interface for creating new projects (see the Subsection Creating a Project). If you want to change the colors used on the project and issue article page, you can change the following lines (329-332):

$boxHeadlineBackground = "#C3C3FF";
$buttonAreaBackground = "#FFFF66";
$buttonAreaText = "#000000";

Note that you have to use the hexadecimal notation of the colors.

Activation of the email-notifcations in MediaWiki

For activating email-notifications on your MediaWiki-installation you need to add the following lines to the LocalSettings.php:

#including external SMTP server
$wgSMTP = array(
"host" => '',
#"IDHost" => '',
"port" => "25",
#"auth" => true,
#"debug" => false,
#"username" => ,
#"password" => ,

Usually you only have to indicate the host-address and the port (normally 25) of your delivery SMTP server. Note that the lines with # are commented out and don't have an effect. Remove the leading # if the corresponding property needs to be set for configuring the access to your mail server.

Security Settings

To bar unauthorized users to edit pages e.g. the Cicero-Mainpage or create new wikipages you need to add the following lines to the LocalSettings.php:

$wgGroupPermissions = array();

// Implicit group for all visitors
$wgGroupPermissions['*']['createaccount'] = true;
$wgGroupPermissions['*']['read'] = true;
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createpage'] = false;
$wgGroupPermissions['*']['createtalk'] = false;

// Implicit group for all logged-in accounts
$wgGroupPermissions['user']['move'] = true;
$wgGroupPermissions['user']['read'] = true;
$wgGroupPermissions['user']['edit'] = true;
$wgGroupPermissions['user']['createpage'] = true;
$wgGroupPermissions['user']['createtalk'] = true;
$wgGroupPermissions['user']['upload'] = true;
$wgGroupPermissions['user']['reupload'] = true;
$wgGroupPermissions['user']['reupload-shared'] = true;
$wgGroupPermissions['user']['minoredit'] = true;
$wgGroupPermissions['user']['purge'] = true;

// Implicit group for accounts that pass $wgAutoConfirmAge
$wgGroupPermissions['autoconfirmed']['autoconfirmed'] = true;

// Implicit group for accounts with confirmed email addresses
// This has little use when email address confirmation is off
// This group has been removed by default in 1.13.0
$wgGroupPermissions['emailconfirmed']['emailconfirmed'] = true;

// Users with bot privilege can have their edits hidden
// from various log pages by default
$wgGroupPermissions['bot']['bot'] = true;
$wgGroupPermissions['bot']['autoconfirmed'] = true;
$wgGroupPermissions['bot']['nominornewtalk'] = true;
$wgGroupPermissions['bot']['autopatrol'] = true;
$wgGroupPermissions['bot']['suppressredirect'] = true;
$wgGroupPermissions['bot']['apihighlimits'] = true;

// Can edit all protected pages without cascade protection enabled
// Added in 1.13.0, but commented out in source
$wgGroupPermissions['bot' ]['editprotected'] = true;

// Most extra permission abilities go to this group
$wgGroupPermissions['sysop']['block'] = true;
$wgGroupPermissions['sysop']['createaccount'] = true;
$wgGroupPermissions['sysop']['delete'] = true;
$wgGroupPermissions['sysop']['bigdelete'] = true;
$wgGroupPermissions['sysop']['deletedhistory'] = true;
$wgGroupPermissions['sysop']['undelete'] = true;
$wgGroupPermissions['sysop']['editinterface'] = true;
$wgGroupPermissions['sysop']['editusercssjs'] = true;
$wgGroupPermissions['sysop']['import'] = true;
$wgGroupPermissions['sysop']['importupload'] = true;
$wgGroupPermissions['sysop']['move'] = true;
$wgGroupPermissions['sysop']['patrol'] = true;
$wgGroupPermissions['sysop']['autopatrol'] = true;
$wgGroupPermissions['sysop']['protect'] = true;
$wgGroupPermissions['sysop']['proxyunbannable'] = true;
$wgGroupPermissions['sysop']['rollback'] = true;
$wgGroupPermissions['sysop']['trackback'] = true;
$wgGroupPermissions['sysop']['upload'] = true;
$wgGroupPermissions['sysop']['reupload'] = true;
$wgGroupPermissions['sysop']['reupload-shared'] = true;
$wgGroupPermissions['sysop']['unwatchedpages'] = true;
$wgGroupPermissions['sysop']['autoconfirmed'] = true;
$wgGroupPermissions['sysop']['upload_by_url'] = true;
$wgGroupPermissions['sysop']['ipblock-exempt'] = true;
$wgGroupPermissions['sysop']['blockemail'] = true;
$wgGroupPermissions['sysop']['markbotedits'] = true;
$wgGroupPermissions['sysop']['suppressredirects'] = true;
$wgGroupPermissions['sysop']['apihighlimits'] = true;
$wgGroupPermissions['sysop']['browsearchive'] = true;
$wgGroupPermissions['sysop']['noratelimit'] = true;

// Permission to change users' group assignments
$wgGroupPermissions['bureaucrat']['userrights'] = true;
$wgGroupPermissions['bureaucrat']['noratelimit'] = true;

[ back ] [ Contents ] [ next ]
Personal tools