-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Rob Church wrote:
I don't, it's too easily confused with $wgGroupPermissions and the two aren't compatible. However, rename the variable to something appropriate, e.g. $wgRightsManipulation (ick, someone think of a better phrase) and the format makes some sort of sense, although of course, we could then switch the middle portion to be "add" or "remove".
It's possible ? although it drops the group blacklist feature, I'm not sure someone will ever use the blacklist.
One thought that's fairly negligible at this stage, and kinda obvious, but if $wgRightsManipulation, or whatever, was not set, or set to false or null (and that'd be the default), then any user with the "userrights" permission could use the form, as it is now.
Of course.
I still feel this kind of complicated control is better off as an extension, let's face it; who's going to want to use it besides Wikimedia and a couple of other large installs? Best to keep the core implementation simple, I think. If people want it, it can be added.
An extension will either duplicate logic into another special page ? like now (then every change will have to be done both in the base code and in the extension), or use hooks written especially for it ? then it will be much easier to do that in the page itself, and the extension will be very short. After all, most of the changes in the branch are not the permissions system, but the remote users, and the permissions system itself is only set in one short function ? removing it won't really simplify the code very much, especially if we add hooks behind it.
I'm not convinced of the need for a "remote" permission. If access is available and $wgAlternateMaster or whatever is set, then fine, it happens, otherwise it doesn't.
I think $wgLocalDatabases ($wgAlternateMaster is only to reach enwiki) is set in all Wikimedia sites, but only the stewards should touch the remote users, and the local bureaucrats should only add sysops, bureaucrats and bots, and remove bots *in their site*. Even if $wgLocalDatabases is set only in Meta, the local bureaucrats of Meta who are not stewards should not touch the remote users. Therefore, 'userrights_remote' should be set to false for local bureaucrats.
Rob Church
- -- #define Name RotemLiss #define Mail mail-AT-rotemliss-DOT-com #define Site www.rotemliss.com
#define KeyFingerPrint 4AFD 8579 A449 4267 BED9 38E5 6EF8 5B1F EBDE 7AC0