I know that there are various approaches to permissions in MW, and it's quite possible there may be things I haven't seen in the docs. (My primary reference is "Help:User rights"). We're in the final process of setting up our site, and I was wondering if more experienced users would care to comment on the following rights strategy we've come up with, and perhaps offer suggestions.
The initial version of the site will be read-only to all users except sysops. This seems easy enough to accomplish with the general permissions settings, and then set them again when we have editable pages in place.
Some pages will never be editable by users. We don't want to use a separate namespace to separate user-editable vs. non-editable content, so simply using page protection seems like the way to go. Is there a way of batch protecting our initial pages? (Converted from MoinMoin). We don't have so many that this is necessary, but it would be nice to avoid setting protections for each by hand.
I also notice that my local experimental MW setup (under OS X) seems to have a limited range of protections that can be assigned to a page; in particular, my protect options only seems to know about sysops, unregistered users, and registered users. If I understand correctly, MW comes with various other groups (eg. bureaucrats) defined. Is there way to protect a a page so that it can, for example, be edited by sysops and bureaucrats but not by other users?
And, I would guess that the info in Help:User rights about the fact that MW doesn't yet have a special 'edittalk' permission is still accurate? It'd be nice to have all talk pages editable by registered users, but it's not important enough to us to put in a hack that probably won't be compatible with how an edittalk feature is implemented in some future release.
That's all, really :-) Again, please feel free to offer suggestions on different ways to do things, other documentation I should read, etc. etc.
Thanks, Ken