Last modified: 2012-12-13 11:17:48 UTC
Currently, permissions are only checked correctly when modifying existing items, not when creating items. The reason is that permission checks are title based, but we can only have a title after the item has been recorded in the database. Which we don't want to do if the user shouldn't be allow to create the item. So... make a dummy title? or just check user rights, and not title based permissions? Note: the ultimate permission check should be implemented in Item::save().
The simplest (and probably most robust solution) may be to construct a dummy Title for a page in the data namespace, e.g. Data:Q0, and call userCan() on that. This would bypass page protection against creation as well as the title backlist and similar things, but these do not apply to the ID-based titles used by wikidata anyway. (side note... should the title blacklist apply to item labels and aliases?)
Picked for sprint 9.
See ItemContent::UserCanEdit
Consider API wbsetitem({}) and the Special:CreateItem page.
Verified in Wikidata demo time for sprint 15