Last modified: 2012-10-29 16:39:58 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T21199, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 19199 - Granularize RevisionDelete (RevDelete) user rights
Granularize RevisionDelete (RevDelete) user rights
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
Revision deletion (Other open bugs)
unspecified
All All
: Normal enhancement with 1 vote (vote)
: ---
Assigned To: Aaron Schulz
:
Depends on:
Blocks: SWMT
  Show dependency treegraph
 
Reported: 2009-06-15 03:19 UTC by MZMcBride
Modified: 2012-10-29 16:39 UTC (History)
6 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description MZMcBride 2009-06-15 03:19:19 UTC
Currently, there are two levels of suppression, blocking non-admin viewing and blocking non-admin/admin viewing.

If a revision or log entry is hidden from non-admins, admins must have the "deleterevision" user right in order to see the suppressed data. However, there's no way to give users the ability to _see_ suppressed data but not actually be able to suppress data themselves.

A new user right should be added that allows users to only have view access for suppressed content. The "deleterevision" user right should continue to allow view and act access (as it does currently).
Comment 1 Risker 2009-06-23 05:55:56 UTC
I support the concept of granularizing this so that administrators may view revisiondeleted edits that have not been suppressed from admin view. The former is intended to cover edits, edit summaries and log entries that meet deletion criteria, to which administrators normally have access; the latter is intended to cover material that is oversightable under the privacy policy, and only those with the "deleterevision" user right have access to view and act. 
Comment 2 FT2 2009-06-23 08:56:07 UTC
In fact it would be useful if this is fully granularized.

For publicly visible material:
* The right to undertake admin-level revision deletion

For material which is admin-level deleted:
* The right to view the deleted material
* The right to modify the deletion settings (doesn't include the right to suppress)

For material which is suppressed:
* The right to view the suppressed material
* The right to modify the suppression settings

General:
* The right to suppress material


In practice the main change that would help most is the splitting of the 2nd and 3rd of these, so that there is the option to give a usergroup "read" but not "flag-amend" access to unsuppressed deleted material.
Comment 3 FT2 2009-06-23 09:13:52 UTC
To clarify, part of the impetus for this request is that testing and use of RevisionDelete is hindered because admins cannot in fact view material that is admin-deleted using RevisionDelete. 

Admin level RevDel (as presently configured) is therefore in effect a form of oversighting/suppression, because there is no ability for other admins to peer review that material or discuss its deletion. So it's in a bit of a limbo -- the use of RevisionDelete with the "also suppress from administrators" flag cannot really be legitimately tested at present because any material it could be tested on should by definition be oversightable and deleted with suppression. Right now we're relying on commonsense by oversighters and understanding from the community as we test admin-level RevisionDelete, but that's not ideal.

Granting admins the right to read (but not at this point modify flags for) deleted-but-not-suppressed revisions would allow RevDel to be tested more fully and remove this quandary. If the technical ability to do so was available in software, that could then be achievable.
Comment 4 Aaron Schulz 2009-09-22 22:01:45 UTC
*** Bug 20476 has been marked as a duplicate of this bug. ***
Comment 5 Aaron Schulz 2009-09-28 05:52:58 UTC
Started in r57007
Comment 6 Aaron Schulz 2009-10-28 07:21:54 UTC
(In reply to comment #0)
> Currently, there are two levels of suppression, blocking non-admin viewing and
> blocking non-admin/admin viewing.
> 
> If a revision or log entry is hidden from non-admins, admins must have the
> "deleterevision" user right in order to see the suppressed data. However,
> there's no way to give users the ability to _see_ suppressed data but not
> actually be able to suppress data themselves.
> 
> A new user right should be added that allows users to only have view access for
> suppressed content. The "deleterevision" user right should continue to allow
> view and act access (as it does currently).
> 

Done with deletedhistory right changes and new deletedtext right.
Comment 7 Kudu 2011-09-01 20:06:58 UTC
This is closed, but I just wanted to point out that admins now have the deletedhistory and deletedtext rights, so that it's no longer suppression in the way described by FT2.
Comment 8 Kudu 2011-09-01 20:07:26 UTC
This is closed, but I just wanted to point out that admins now have the deletedhistory and deletedtext rights, so that it's no longer suppression in the way described by FT2.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links