Simetrical wrote:
On 9/10/07, werdna(a)svn.wikimedia.org
<werdna(a)svn.wikimedia.org> wrote:
Revision: 25720
Author: werdna
Date: 2007-09-10 08:10:48 +0000 (Mon, 10 Sep 2007)
Log Message:
-----------
* (bug 8834) Split off permission for editing user JavaScript and CSS from editinterface
to a new permission key editusercssjs.
I'm not sure this is a distinction that should be made in core.
Anyone with editinterface can effectively take over another user
account anyway if not stopped, can't they?
Only until we finish getting rid of the HTML messages. :)
And anyone with
editusercssjs can likewise pose almost any security risk as someone
with editinterface. There's no reason to have this different except
discouragement.
I'd disagree; they're rather distinct in essence.
+$wgGroupPermissions['sysop']['editusercssjs'] = true;
Also note that this manner of implementation will cause a regression
in any existing wikis that have disabled editinterface for sysops.
It's possibly negligible, but it should at least be mentioned in the
config-changes section of the release notes.
*nod*
-- brion vibber (brion @
wikimedia.org)