Last modified: 2011-03-13 18:06:12 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T14529, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 12529 - A special group for testing bots needed
A special group for testing bots needed
Status: RESOLVED WONTFIX
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
unspecified
All All
: Lowest enhancement with 1 vote (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-01-06 10:20 UTC by Edward Chernenko
Modified: 2011-03-13 18:06 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Edward Chernenko 2008-01-06 10:20:17 UTC
People who write bots usually need to supply their products with a testsuite. However, many features need logging in (such as upload), and some of them even require sysop access or higher. What we do now? We create a group account and make it's password accessible to anyone (in fact, we can't prevent some badguy from capturing this account). Of course, it causes a hole in security of the wiki. It's normal for Testwiki, but even there it's impossible to grant sysop flags or higher to all, to test blocking, pages protection etc.

I suggest the following solution of this problem: we create a special user group, say "bottest". Accounts in it (simply referred to as 'bottesters' below) should have some limitations:
1) bottester can't change the password of it's account.
2) 'bot' flag should not work while account is flagged as bottester (all edits will be visible in RC).

Bottester should be able to:
1) delete pages, but only created by itself or other bottester.
2) block itself or another bottesters.
3) unblock bottesters blocked by itself or other bottesters (and only by them).
4) assign any flags (bot, patroller, sysop, bureaucrat) to other bottesters, or drop
these flags from bottesters.
etc.
Comment 1 Victor Vasiliev 2008-01-12 12:25:20 UTC
Such flag will need much core rewriting, though I can't understand why can't bot writer test thier bot on loccal wikis, etc. This change will cause many security issues (especially with shared accounts, which are forbidden on Wikimedia), so I close it as WONTFIX. 

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links