Mediawiki Permissions

From SissaWiki
Revision as of 13:15, 27 May 2009 by Delise (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Mediawiki is born with Wikipedia permissions model in mind. That is: everybody can read everything, everybody can edit everything, even unauthenticated people can edit pages.

Usually, for a service wiki this is not an acceptable behaviour. The possible scenarios are

  • a wiki where all sissa users (or a restricted group of them) can logon with their main passwords and edit pages, while unauthenticated users can only read the pages.
  • a wiki accessible to both sissa users with their username and password and some non sissa users, with an account working only on the wiki
  • a wiki accessible mainly to non sissa users, with open authentication (or with account management demanded to an administrator)

Furthermore there are, usually, two kinds of administrative users:

the so called Administrator, or Sysop, who is mainly in charge of the administration of wiki contents. Usually he has the right to

  • Block a user from sending e-mail (blockemail)
  • Block other users from editing (block)
  • Bypass IP blocks, auto-blocks and range blocks (ipblock-exempt)
  • Bypass automatic blocks of proxies (proxyunbannable)
  • Change protection levels and edit protected pages (protect)
  • Create new user accounts (createaccount)
  • Delete pages (delete)
  • Delete pages with large histories (bigdelete)
  • Edit other users' CSS and JS files (editusercssjs)
  • Edit semi-protected pages (autoconfirmed)
  • Edit the user interface (editinterface)
  • Have one's own edits automatically marked as patrolled (autopatrol)
  • Import pages from a file upload (importupload)
  • Import pages from other wikis (import)
  • Mark others' edits as patrolled (patrol)
  • Mark rolled-back edits as bot edits (markbotedits)
  • Move files (movefile)
  • Move pages (move)
  • Move pages with their subpages (move-subpages)
  • Move root user pages (move-rootuserpages)
  • Not be affected by rate limits (noratelimit)
  • Override files on the shared media repository locally (reupload-shared)
  • Overwrite an existing file (reupload)
  • Quickly rollback the edits of the last user who edited a particular page (rollback)
  • Search deleted pages (browsearchive)
  • Submit a trackback (trackback)
  • Undelete a page (undelete)
  • Upload a file from a URL address (upload_by_url)
  • Upload files (upload)
  • Use higher limits in API queries (apihighlimits)
  • View a list of unwatched pages (unwatchedpages)
  • View deleted history entries, without their associated text (deletedhistory)

There is another administrative profile, the so called "Bureaucrat". This is important mainly because it can assign the permission to other users. Usually in a wiki there may be more administrators but only one bureaucrat.