Raquel Rice wrote:
I have a user that I would like to have some, but not all, of the same rights of sysop. I've created a new user group ... let's say "editor". I'm also using a "userCanHook" function to limit certain functions for users who are not sysop. However, I'd like to allow "editor" some of the functions which are allowed sysops.
If I add a user to "editor" and to "sysop" then disallow "editor" from certain of the functions using $wgGroupPermissions will I be able to disallow those sysop functions from "editor"?
Will "editor" override "sysop" or will "sysop" override "editor"?
Permissions are additive.
Note that setting a particular permission to 'false' for some group just means that membership in the group does not provide that permission; it doesn't take it away if another group the user is in confers the same permission.
Given this scenario: * group A provides permissions P and Q * group B provides permissions Q and R * user Alice in group A * user Bob in group B * user Charles in both groups A and B
then: * Alice has permissions P and Q * Bob has permissions Q and R * Charles has permissions P, Q, and R
So, unless you did something very strange with your hook (in most cases a hook for userCan should not be necessary), then a user's being in 'editor' will not cause them to lack any permissions that their being in 'sysop' gives them.
-- brion vibber (brion @ pobox.com / brion @ wikimedia.org)