Last modified: 2011-03-13 18:06:12 UTC
People who write bots usually need to supply their products with a testsuite. However, many features need logging in (such as upload), and some of them even require sysop access or higher. What we do now? We create a group account and make it's password accessible to anyone (in fact, we can't prevent some badguy from capturing this account). Of course, it causes a hole in security of the wiki. It's normal for Testwiki, but even there it's impossible to grant sysop flags or higher to all, to test blocking, pages protection etc.
I suggest the following solution of this problem: we create a special user group, say "bottest". Accounts in it (simply referred to as 'bottesters' below) should have some limitations:
1) bottester can't change the password of it's account.
2) 'bot' flag should not work while account is flagged as bottester (all edits will be visible in RC).
Bottester should be able to:
1) delete pages, but only created by itself or other bottester.
2) block itself or another bottesters.
3) unblock bottesters blocked by itself or other bottesters (and only by them).
4) assign any flags (bot, patroller, sysop, bureaucrat) to other bottesters, or drop
these flags from bottesters.
Such flag will need much core rewriting, though I can't understand why can't bot writer test thier bot on loccal wikis, etc. This change will cause many security issues (especially with shared accounts, which are forbidden on Wikimedia), so I close it as WONTFIX.