Mediawiki Permissions
From SissaWiki
Mediawiki is born with Wikipedia permissions model in mind. That is: everybody can read everything, everybody can edit everything, even unauthenticated people can edit pages.
Usually, for a service wiki this is not an acceptable behaviour. The possible scenarios are
- a wiki where all sissa users (or a restricted group of them) can logon with their main passwords and edit pages, while unauthenticated users can only read the pages.
- a wiki accessible to both sissa users with their username
Furthermore there are, usually, two kinds of administrative users:
the so called Administrator, or Sysop, who is mainly in charge of the administration of wiki contents. Usually he has the right to
- Block a user from sending e-mail (blockemail)
- Block other users from editing (block)
- Bypass IP blocks, auto-blocks and range blocks (ipblock-exempt)
- Bypass automatic blocks of proxies (proxyunbannable)
- Change protection levels and edit protected pages (protect)
- Create new user accounts (createaccount)
- Delete pages (delete)
- Delete pages with large histories (bigdelete)
- Edit other users' CSS and JS files (editusercssjs)
- Edit semi-protected pages (autoconfirmed)
- Edit the user interface (editinterface)
- Have one's own edits automatically marked as patrolled (autopatrol)
- Import pages from a file upload (importupload)
- Import pages from other wikis (import)
- Mark others' edits as patrolled (patrol)
- Mark rolled-back edits as bot edits (markbotedits)
- Move files (movefile)
- Move pages (move)
- Move pages with their subpages (move-subpages)
- Move root user pages (move-rootuserpages)
- Not be affected by rate limits (noratelimit)
- Override files on the shared media repository locally (reupload-shared)
- Overwrite an existing file (reupload)
- Quickly rollback the edits of the last user who edited a particular page (rollback)
- Search deleted pages (browsearchive)
- Submit a trackback (trackback)
- Undelete a page (undelete)
- Upload a file from a URL address (upload_by_url)
- Upload files (upload)
- Use higher limits in API queries (apihighlimits)
- View a list of unwatched pages (unwatchedpages)
- View deleted history entries, without their associated text (deletedhistory)
There is another profile, the so called "Bureaucrat". This is important mainly because it can assign the permission to other users.