Last modified: 2011-03-13 18:04:30 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T9270, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 7270 - Email address not shown in Special:Userrights
Email address not shown in Special:Userrights
Status: RESOLVED WONTFIX
Product: MediaWiki
Classification: Unclassified
Special pages (Other open bugs)
unspecified
All All
: Lowest normal with 1 vote (vote)
: ---
Assigned To: Nobody - You can work on this!
: patch, patch-need-review
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-09-08 18:28 UTC by Carl Duisberg
Modified: 2011-03-13 18:04 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Dispaly real name, email address and email confirmation status in Special:Userrights (1.33 KB, patch)
2006-09-08 18:31 UTC, Carl Duisberg 		Details
Add an attachment (proposed patch, testcase, etc.)

Description Carl Duisberg 2006-09-08 18:28:57 UTC 
The page Special:Userrights is used to assign critical privileges in the Wiki
like ''Sysop'' or ''Bureaucrat''. This requires being sure about the identity of
the person, whom privileges are assigned. Valuable information to do so is the
email address and the email confirmation status. A further hint but not reliable
is the ''real name''.

Unfortunately the page Special:Userrights does not show any of the necessary
information. This forces resorting to phpMyAdmin for checking the user.

Especially when administring sites with a more restrictive role concept, where
editing (and reading) privileges have to be specifically assigned to new readers
this is not acceptable.
Comment 1 Brion Vibber 2006-09-08 18:29:59 UTC 
Users' email addresses are considered private data, and are not revealed to other users.
Comment 2 Carl Duisberg 2006-09-08 18:31:18 UTC 
Created attachment 2328 [details]
Dispaly real name, email address and email confirmation status in Special:Userrights

The appended patch shows the relevant information. It is using existing text
messages. It might be preferrable to create new messages instead of
'emailauthenticated' and 'emailnotauthenticated'.
Comment 3 Carl Duisberg 2006-09-08 18:38:42 UTC 
(In reply to comment #1)
> Users' email addresses are considered private data, and are not revealed to
other users.

Special:Userrights can only be used by bureaucrats and not by any other users.

Assignment of userrights like 'bureaucrat' without any hint about the identity
is bound to ruin the Wiki.
Comment 4 Brion Vibber 2006-09-08 18:41:17 UTC 
Would violates Wikimedia privacy policy, and the lack of it
doesn't appear to have ruined all wikis so far.
Comment 5 Rotem Liss 2006-09-08 18:43:14 UTC 
(In reply to comment #3)
> Special:Userrights can only be used by bureaucrats and not by any other users.

They also shouldn't see it, if the user doesn't want them to see it. Also, they
might use this page *only* to see the E-mail address, which is of course
unacceptable.

> Assignment of userrights like 'bureaucrat' without any hint about the identity
> is bound to ruin the Wiki.

Send an E-mail to the user with some code, and if he replies with the code, you
can verify his identity. You shouldn't see his E-mail address unless he writes
it in his user page, or in any other place.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links