X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/9e5fd0894de406261ec17d05407b4564dc834096..42eb11524e4d9d8b8671e5c07dd349c0776c4131:/cookbooks/mediawiki/templates/default/LocalSettings.php.erb

diff --git a/cookbooks/mediawiki/templates/default/LocalSettings.php.erb b/cookbooks/mediawiki/templates/default/LocalSettings.php.erb
index ee14cdcd3..4e5b63904 100644
--- a/cookbooks/mediawiki/templates/default/LocalSettings.php.erb
+++ b/cookbooks/mediawiki/templates/default/LocalSettings.php.erb
@@ -193,6 +193,17 @@ $wgGroupPermissions['bureaucrat']['deleterevision'] = true;
 $wgGroupPermissions['bureaucrat']['suppressrevision'] = true;
 $wgGroupPermissions['bureaucrat']['suppressionlog'] = true;
 
+# Since 1.32 MW introduced interface-admin group to separate all UI-related rights. This makes sense for bigger sites,
+# but for OSM it makes more sense to keep group structure simple.  Give all interface-admin rights to sysops.
+# Also remove the interface-admin group to avoid confusion.
+$wgGroupPermissions['sysop'] = array_merge( $wgGroupPermissions['sysop'], $wgGroupPermissions['interface-admin'] );
+unset( $wgGroupPermissions['interface-admin'] );
+unset( $wgRevokePermissions['interface-admin'] );
+unset( $wgAddGroups['interface-admin'] );
+unset( $wgRemoveGroups['interface-admin'] );
+unset( $wgGroupsAddToSelf['interface-admin'] );
+unset( $wgGroupsRemoveFromSelf['interface-admin'] );
+
 <% if @mediawiki[:private_accounts] -%>
 # Prevent new user registrations except by existing users
 $wgGroupPermissions['*']['createaccount'] = false;
@@ -209,17 +220,6 @@ $wgWhitelistRead = array ("Special:Userlogin");
 # Prevent new user registrations except by sysops
 $wgGroupPermissions['*']['createaccount'] = false;
 
-# Since 1.32 MW introduced interface-admin group to separate all UI-related rights. This makes sense for bigger sites,
-# but for OSM it makes more sense to keep group structure simple.  Give all interface-admin rights to sysops.
-# Also remove the interface-admin group to avoid confusion.
-$wgGroupPermissions['sysop'] = array_merge( $wgGroupPermissions['sysop'], $wgGroupPermissions['interface-admin'] );
-unset( $wgGroupPermissions['interface-admin'] );
-unset( $wgRevokePermissions['interface-admin'] );
-unset( $wgAddGroups['interface-admin'] );
-unset( $wgRemoveGroups['interface-admin'] );
-unset( $wgGroupsAddToSelf['interface-admin'] );
-unset( $wgGroupsRemoveFromSelf['interface-admin'] );
-
 # Restrict access to the upload directory
 $wgUploadPath = "$wgScriptPath/img_auth.php";
 <% end -%>