On Wed, Feb 13, 2013 at 9:22 PM, Marco Fleckinger
<marco.fleckinger(a)wikipedia.at> wrote:
Having a "can review all extensions" group
is easy, but allowing for
exemptions will be a pain to manage the ACLs for. For every extension
that opts out of being reviewed by this group, we'd have to adjust its
ACL to block the inherited permissions.
How about instead of "can review all extensions", we make it easier to
request review rights on non-WMF extensions?
Good idea, but in general there could just be 3+ different classes of
extensions? The class can be calculated by its importance, e.g. installed on
WMF-sites, number of other wikis using it, etc.
Having classes of extensions is difficult to maintain from an ACL
standpoint. Permissions in Gerrit are directly inherited (and there's no
multiple inheritance), so things in mediawiki/extensions/* all have the
same permissions. So having rules that apply to only some of those
repositories requires editing ACLs for each repository in each "group."
-Chad