Last modified: 2010-05-15 15:33:00 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 2963 - User groups poorly designed.
User groups poorly designed.
Product: MediaWiki
Classification: Unclassified
User preferences (Other open bugs)
PC Linux
: Normal enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
Depends on:
  Show dependency treegraph
Reported: 2005-07-25 19:05 UTC by Dylan Griffiths
Modified: 2010-05-15 15:33 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Dylan Griffiths 2005-07-25 19:05:07 UTC
I'm hoping to get some attention onto this so that it'll get into the 1.5.x
branch.  The current user permissions setup is completely lacking in mediawiki.
 There is some kind of permission settings for users in MediaWiki, but I've been
unable to find decent documentation for it.  Looking at the db directly, there
is only a blob describing permissions.  This is inadequate.

I propose a modified version of the permission/groups scheme I designed for the
Scoop weblog software.  In this case, every use is a member of a group (even
anonymous people).  Each group has a set of permission bits, which can be Y, N,
or empty.  Empty means check the value of the default group (which no-one is
assigned to).

read: y, write: y, delete: n

read: , write: , delete: 

read: , write: , delete: y

read: , write:, delete: y

This allows you to define sets of groups which have finely-grained permission
settings (such as an intermediate editors class, or a class of users which can
delete pages permanently) without allowing people complete Wiki control. 
Additionally, you can setup the pages to allow only certain groups to read/write
them.  This is beneficial for corporate environments, where the completely-open
nature of the wikis could lead to issues, as well as when wikis are used for
personal-webpage management.

Another great benefit of this setup is that you can edit the permission bits for
a group via something like phpMyAdmin, or raw sql statements.  When you extend
the permission bit set during future branches, you can set a default "safe"
value, and allow the admins of the sites to put in their own values on the extra

I don't think a BLOB is an acceptable method of encoding user permissions,
especially if mediaWiki is to work well and play with other SQL-aware web
applications on the server.
Comment 1 Brion Vibber 2005-07-25 19:57:33 UTC
Already implemented in 1.5 months ago.

Note You need to log in before you can comment on or make changes to this bug.