Last modified: 2011-04-11 01:17:02 UTC
Could you please set it up to allow bureaucrats to desysop users in addition to sysopping them? This would help us in enforcing our administrator policy, [[incubator:Incubator:Administrators]]: Test administrators will be desysopped after a year or after a domain request for their langauge is completed. If the request is successful, they will automatically be sysopped at their new wiki. (and other bits) It does not matter if this is done (if ever) with: 1. http://www.mediawiki.org/wiki/Extension:Desysop or 2. A better solution would be to set $wgAddGroups, $wgRemoveGroups etc. there so bureaucrats can just do it themselves, using Special:Userrights. (suggested by Rob) Thanks.
Yes, this would be really useful for Incubator. Desysopping will happen regularly.
I propose to make seperate flag for test admins, because globally-elected sysops (not test sysops) should be only desysoped by stewards. Also, according to incubator policy, test admins are not allowed to edit interface
(In reply to comment #2) > I propose to make seperate flag for test admins, because globally-elected > sysops (not test sysops) should be only desysoped by stewards. Also, according > to incubator policy, test admins are not allowed to edit interface > It really doesn't matter which, it may be easiest to just install Extension:Desysop. But, I'll look into the other one later (have to go right now, if need be, I'll attach something).
The following should work: $wgGroupPermissions['test-admin']['delete'] = true; $wgGroupPermissions['test-admin']['undelete'] = true; $wgGroupPermissions['test-admin']['deletedhistory'] = true; $wgGroupPermissions['test-admin']['block'] = true; $wgGroupPermissions['test-admin']['blockemail'] = true; $wgGroupPermissions['test-admin']['rollback'] = true; $wgGroupPermissions['test-admin']['editinterface'] = false; ...and we'll probably need: $wgGroupPermissions['bureaucrat']['userrights'] = true;
we'll also need $wgRemoveGroups['bureaucrat'] = array( 'test-admin', ); and maybe $wgAddGroups['bureaucrat'] = false;
>we'll also need >$wgRemoveGroups['bureaucrat'] = array( 'test-admin', ); >and maybe >$wgAddGroups['bureaucrat'] = false; I think it should be following: $wgAddGroups['bureaucrat'] = array( 'test-admin', 'sysop', 'bureaucrat', 'bot' ); $wgRemoveGroups['bureaucrat'] = array( 'test-admin', 'bot'); Also Makesysop and Makebot must be disabled. Test admins also need protect right, don't they?
(In reply to comment #6) > >we'll also need > >$wgRemoveGroups['bureaucrat'] = array( 'test-admin', ); > >and maybe > >$wgAddGroups['bureaucrat'] = false; > > I think it should be following: > $wgAddGroups['bureaucrat'] = array( 'test-admin', 'sysop', 'bureaucrat', 'bot' > ); > $wgRemoveGroups['bureaucrat'] = array( 'test-admin', 'bot'); > > Also Makesysop and Makebot must be disabled. > > Test admins also need protect right, don't they? > Yeah, I forgot that one :-D but I think your 'crat array's work better. :-)
Changing bug name to reflect the current solution. :-)
I changed "test-admin" to "test-sysop" because an administrator also calls "sysop" and not "admin". (In reply to comment #6) > Test admins also need protect right, don't they? > This is not necessary, protecting pages happens rarely. And we have enough admins to protect a page, if it is needed.
(In reply to comment #9) > I changed "test-admin" to "test-sysop" because an administrator also calls > "sysop" and not "admin". > Okay, but keep in mind that if the group is created we should be able to alter how it shows up in the MediaWiki pages. > (In reply to comment #6) > > Test admins also need protect right, don't they? > > > > This is not necessary, protecting pages happens rarely. And we have enough > admins to protect a page, if it is needed. > It wouldn't be too much of a hassle to add that as well, but you're right, they don't need it completely. :-)
So here is the code to make it easier, because the code was divided over a few comments. A developer has to disable the extensions Makebot and Makesysop, and has to add this code to LocalSettings.php: # Create the group "test-sysop" $wgGroupPermissions['test-sysop']['delete'] = true; $wgGroupPermissions['test-sysop']['undelete'] = true; $wgGroupPermissions['test-sysop']['deletedhistory'] = true; $wgGroupPermissions['test-sysop']['block'] = true; $wgGroupPermissions['test-sysop']['blockemail'] = true; $wgGroupPermissions['test-sysop']['rollback'] = true; $wgGroupPermissions['test-sysop']['protect'] = false; # A bureaucrat is able to add and remove this right $wgGroupPermissions['bureaucrat']['userrights'] = true; $wgAddGroups['bureaucrat'] = array( 'test-sysop', 'bot', 'sysop', 'bureaucrat' ); $wgRemoveGroups['bureaucrat'] = array( 'test-sysop', 'bot' );
(In reply to comment #11) > A developer has to disable the extensions Makebot and Makesysop, JeLuF tells me that Makesysop & makebot can't be disabled, because they are global extensions for the WM projects.
(In reply to comment #12) > (In reply to comment #11) > > A developer has to disable the extensions Makebot and Makesysop, > > JeLuF tells me that Makesysop & makebot can't be disabled, because they are > global extensions for the WM projects. > That's a problem, because Makesysop and $wgAddGroup are incompatible
Yes, but when we bureaucrats then would go to Special:Makesysop but see the form from Special:Userrights and there we can also give sysop rights. Where's the problem?
(In reply to comment #14) > Yes, but when we bureaucrats then would go to Special:Makesysop but see the > form from Special:Userrights and there we can also give sysop rights. Where's > the problem? > AFAIR MakeSysop doesn't understand $wgAddGroup and $wgRemoveGroup, so bureaucrats will get stewards' rights.
I just tested it with MediaWiki 1.11.0rc1 and it worked (I could give sysop, test-sysop etc. rights as bureaucrat, but I couldn't add groups like checkuser, what only stewards can do).
(In reply to comment #16) > I just tested it with MediaWiki 1.11.0rc1 and it worked (I could give sysop, > test-sysop etc. rights as bureaucrat, but I couldn't add groups like checkuser, > what only stewards can do). > And what about crosswiki functions? I wrote a bug about disabling it
I didn't test.
To the developers: It is tested, it works, so please add this right as explained on comment #11 (except disabling those extensions because it isn't possible) Thank you.
This will work (also disabling extensions is not required): $wgGroupPermissions['bureaucrat']['makesysop']=false; // disallow access to the crosswiki userrights page Special:Makesysop $wgGroupPermissions['bureaucrat']['userrights']=true; // allow to use non-crosswiki Special:Userrights $wgAddGroups['bureaucrat'] = array( 'test-admin', 'sysop', 'bureaucrat', 'bot' ); $wgRemoveGroups['bureaucrat'] = array( 'test-admin', 'bot'); $wgGroupPermissions['test-admin']['delete'] = true; $wgGroupPermissions['test-admin']['undelete'] = true; $wgGroupPermissions['test-admin']['deletedhistory'] = true; $wgGroupPermissions['test-admin']['block'] = true; $wgGroupPermissions['test-admin']['blockemail'] = true; $wgGroupPermissions['test-admin']['rollback'] = true; $wgGroupPermissions['test-admin']['editinterface'] = false;
Please use "test-sysop" (not "test-admin") for consistency with "sysop".
Because of a change in bug 11645, the code is different: 'groupOverrides' => array( 'incubatorwiki' => array( 'test-sysop' => array( 'delete' => true, 'undelete' => true, 'deletedhistory' => true, 'block' => true, 'blockemail' => true, 'rollback' => true, ) ), ), 'wgAddGroup' => array( 'incubatorwiki' => array( 'bureaucrat' => array( 'test-sysop', 'sysop', 'bureaucrat', 'bot' ), ), ), 'wgRemoveGroup' => array( 'incubatorwiki' => array( 'bureaucrat' => array( 'test-sysop', 'bot' ), ), ), This should be the right code, I hope I didn't write any mistakes. Thank you.
Done.
(In reply to comment #23) > Done. > Thank you soo much JeLuF! /me huggles :-D
