Last modified: 2011-09-01 21:47:56 UTC
HideUser could use the Admin-view permission level, which is currently available on RevisionDelete but not HideUser. Currently usernames can only be suppressed, including from admin-view, which presents a problem of all-or-nothing when it comes to dealing with abusive usernames and policy matters.
*** Bug 21129 has been marked as a duplicate of this bug. ***
Copying my comment from #21229: Usernames are the only place on the wiki where the choice is ignore or fully suppress. As a result, faced with severely offensive "trolling" usernames being set up, a liberal stance is being followed across a range of projects (I'm told) whereby these are being full-suppressed. This isn't just enwiki, it should be noted. Suppression is a very extreme action. Right now if those posts were anywhere else, they'd be admin-deleted or admin-level RevDeleted by those with access to such tools. Admin-level username hiding would match the rest of RevisionDelete which includes in every other function, both admin- and oversight- level removals, so that suppression can be kept once again to its tightly limited remit, and not be used on mere "offensive posts".
It looks like HideUser information is actually duplicated: a "hiddenname" flag is set in the block log, and the ipb_deleted field is also set. However, it doesn't *look* like that field has been repurposed as a bitfield yet; it easily could be, although there wouldn't be the 'usual' stuff to selectively show/hide.
There is no need to waste time prettifying user lists by hiding usernames. This wasn't designed for that.
Um.... user names can contain PII serious enough that they need to not be visible at all, even to admins. This bug is asserting that user names can also contain things that are bad enough that the general population should not see them, but not so bad that admins cannot. This is analogous to all other types of information that now is hideable, there are three classes of visibility. Therefore I don't think RESOLVED WONTFIX is a good resolution.
Re-opening. Not saying this should be a high priority, but I don't think it's a "never gonna happen so stop asking" thing.
What's happening here is that we have vandals who are trying to test the borders of the policy. Therefore they are deliberately creating usernames that would not have technically passed the border but harass editors who then come to us with the problem, in some cases with several edits being scattered around.
A. The stewards, and some enwiki oversighters, have used suppression EXTENSIVELY to hide vandal user names. If you have oversight permission, go to special:listusers and look for "MONGO"; there are 100+ hidden user names. Or "SlimVirgin" (20+), "Voice of All" (5), "FT2" (about 15). Or parse the last thousand or so entries in the suppression log. Some of these names contain personal information and are correctly suppressed, many do not. B. Enabling HideUser for all admins would expose hidden user names that contain personal information to all admins rather than restrict that information to oversighters. If HideUser is going to be made available to admins, it must be a two-tiered system. C. Even if enwiki Arbcom and Auditcom enforce stricter standards over enwiki oversighters, we have no control over the stewards. The current use of suppression to hide attack user names is far outside the written Meta:Oversight policy. D. Rather than implement a technical solution, change the policy to reflect how suppression and HideUser are really being used. If there are strong objections to HideUser being used so liberally, stewards and oversighters would have a responsibility and a duty to listen to the community and stop doing it. If no one objects, then there is no reason to stop and no reason to open it up to admins.
(In reply to comment #8) > C. Even if enwiki Arbcom and Auditcom enforce stricter standards over enwiki > oversighters, we have no control over the stewards. The current use of > suppression to hide attack user names is far outside the written Meta:Oversight > policy. Not so. The use of local oversight by stewards *is* within ArbCom's jurisdiction. To follow the existing schema, the new rights should be "hideuser" (admin) and "suppressuser" (oversighter / old hideuser).