Difference between revisions of "Mediawiki Permissions"

From SissaWiki
Jump to: navigation, search
(Created page with 'Mediawiki is born with Wikipedia permissions model in mind. That is: everybody can read everything, everybody can edit everything, even unauthenticated people can edit pages. Us...')
 
Line 9: Line 9:
 
the so called Administrator, or Sysop, who is mainly in charge of the administration of wiki contents. Usually he has the right to  
 
the so called Administrator, or Sysop, who is mainly in charge of the administration of wiki contents. Usually he has the right to  
  
    * Block a user from sending e-mail (blockemail)
+
* Block a user from sending e-mail (blockemail)
    * Block other users from editing (block)
+
* Block other users from editing (block)
    * Bypass IP blocks, auto-blocks and range blocks (ipblock-exempt)
+
* Bypass IP blocks, auto-blocks and range blocks (ipblock-exempt)
    * Bypass automatic blocks of proxies (proxyunbannable)
+
* Bypass automatic blocks of proxies (proxyunbannable)
    * Change protection levels and edit protected pages (protect)
+
* Change protection levels and edit protected pages (protect)
    * Create new user accounts (createaccount)
+
* Create new user accounts (createaccount)
    * Delete pages (delete)
+
* Delete pages (delete)
    * Delete pages with large histories (bigdelete)
+
* Delete pages with large histories (bigdelete)
    * Edit other users' CSS and JS files (editusercssjs)
+
* Edit other users' CSS and JS files (editusercssjs)
    * Edit semi-protected pages (autoconfirmed)
+
* Edit semi-protected pages (autoconfirmed)
    * Edit the user interface (editinterface)
+
* Edit the user interface (editinterface)
    * Have one's own edits automatically marked as patrolled (autopatrol)
+
* Have one's own edits automatically marked as patrolled (autopatrol)
    * Import pages from a file upload (importupload)
+
* Import pages from a file upload (importupload)
    * Import pages from other wikis (import)
+
* Import pages from other wikis (import)
    * Mark others' edits as patrolled (patrol)
+
* Mark others' edits as patrolled (patrol)
    * Mark rolled-back edits as bot edits (markbotedits)
+
* Mark rolled-back edits as bot edits (markbotedits)
    * Move files (movefile)
+
* Move files (movefile)
    * Move pages (move)
+
* Move pages (move)
    * Move pages with their subpages (move-subpages)
+
* Move pages with their subpages (move-subpages)
    * Move root user pages (move-rootuserpages)
+
* Move root user pages (move-rootuserpages)
    * Not be affected by rate limits (noratelimit)
+
* Not be affected by rate limits (noratelimit)
    * Override files on the shared media repository locally (reupload-shared)
+
* Override files on the shared media repository locally (reupload-shared)
    * Overwrite an existing file (reupload)
+
* Overwrite an existing file (reupload)
    * Quickly rollback the edits of the last user who edited a particular page (rollback)
+
* Quickly rollback the edits of the last user who edited a particular page (rollback)
    * Search deleted pages (browsearchive)
+
* Search deleted pages (browsearchive)
    * Submit a trackback (trackback)
+
* Submit a trackback (trackback)
    * Undelete a page (undelete)
+
* Undelete a page (undelete)
    * Upload a file from a URL address (upload_by_url)
+
* Upload a file from a URL address (upload_by_url)
    * Upload files (upload)
+
* Upload files (upload)
    * Use higher limits in API queries (apihighlimits)
+
* Use higher limits in API queries (apihighlimits)
    * View a list of unwatched pages (unwatchedpages)
+
* View a list of unwatched pages (unwatchedpages)
    * View deleted history entries, without their associated text (deletedhistory)
+
* View deleted history entries, without their associated text (deletedhistory)
  
 
There is another profile, the so called "Bureaucrat". This is important mainly because it can assign the permission to other users.
 
There is another profile, the so called "Bureaucrat". This is important mainly because it can assign the permission to other users.

Revision as of 11:46, 27 May 2009

Mediawiki is born with Wikipedia permissions model in mind. That is: everybody can read everything, everybody can edit everything, even unauthenticated people can edit pages.

Usually, for a service wiki this is not an acceptable behaviour. The possible scenarios are

  • a wiki where all sissa users (or a restricted group of them) can logon with their main passwords and edit pages, while unauthenticated users can only read the pages.
  • a wiki accessible to both sissa users with their username

Furthermore there are, usually, two kinds of administrative users:

the so called Administrator, or Sysop, who is mainly in charge of the administration of wiki contents. Usually he has the right to

  • Block a user from sending e-mail (blockemail)
  • Block other users from editing (block)
  • Bypass IP blocks, auto-blocks and range blocks (ipblock-exempt)
  • Bypass automatic blocks of proxies (proxyunbannable)
  • Change protection levels and edit protected pages (protect)
  • Create new user accounts (createaccount)
  • Delete pages (delete)
  • Delete pages with large histories (bigdelete)
  • Edit other users' CSS and JS files (editusercssjs)
  • Edit semi-protected pages (autoconfirmed)
  • Edit the user interface (editinterface)
  • Have one's own edits automatically marked as patrolled (autopatrol)
  • Import pages from a file upload (importupload)
  • Import pages from other wikis (import)
  • Mark others' edits as patrolled (patrol)
  • Mark rolled-back edits as bot edits (markbotedits)
  • Move files (movefile)
  • Move pages (move)
  • Move pages with their subpages (move-subpages)
  • Move root user pages (move-rootuserpages)
  • Not be affected by rate limits (noratelimit)
  • Override files on the shared media repository locally (reupload-shared)
  • Overwrite an existing file (reupload)
  • Quickly rollback the edits of the last user who edited a particular page (rollback)
  • Search deleted pages (browsearchive)
  • Submit a trackback (trackback)
  • Undelete a page (undelete)
  • Upload a file from a URL address (upload_by_url)
  • Upload files (upload)
  • Use higher limits in API queries (apihighlimits)
  • View a list of unwatched pages (unwatchedpages)
  • View deleted history entries, without their associated text (deletedhistory)

There is another profile, the so called "Bureaucrat". This is important mainly because it can assign the permission to other users.