I’ve been working on customizing an installation of Mediawiki for library policies. We wanted to restrict editing and upload capabilities to only a certain group of users. Here is the code I added to the LocalSettings.php file to achieve what we needed.

# Prevent new user registrations except by sysops
$wgGroupPermissions['*']['createaccount'] = false;

# Only sysop users can edit pages
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['sysop']['edit'] = true;

# Only sysop users can upload files
$wgGroupPermissions['*']['upload'] = false;
$wgGroupPermissions['user']['upload'] = false;
$wgGroupPermissions['sysop']['upload'] = true;

# Only sysop users can reupload (replace) files
$wgGroupPermissions['*']['reupload'] = false;
$wgGroupPermissions['user']['reupload'] = false;
$wgGroupPermissions['sysop']['reupload'] = true;

Here are a few webpages I found useful when researching how to configure the settings:

• http://www.mediawiki.org/wiki/Help:User_rights
• http://www.mediawiki.org/wiki/Manual:Preventing_access
• http://www.mediawiki.org/wiki/Manual:Configuring_file_uploads