-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Rob Church wrote:
I don't, it's too easily confused with
$wgGroupPermissions and the two
aren't compatible. However, rename the variable to something
appropriate, e.g. $wgRightsManipulation (ick, someone think of a
better phrase) and the format makes some sort of sense, although of
course, we could then switch the middle portion to be "add" or
"remove".
It's possible ? although it drops the group blacklist feature, I'm not
sure someone will ever use the blacklist.
One thought that's fairly negligible at this
stage, and kinda obvious,
but if $wgRightsManipulation, or whatever, was not set, or set to
false or null (and that'd be the default), then any user with the
"userrights" permission could use the form, as it is now.
Of course.
I still feel this kind of complicated control is
better off as an
extension, let's face it; who's going to want to use it besides
Wikimedia and a couple of other large installs? Best to keep the core
implementation simple, I think. If people want it, it can be added.
An extension will either duplicate logic into another special page ?
like now (then every change will have to be done both in the base code
and in the extension), or use hooks written especially for it ? then it
will be much easier to do that in the page itself, and the extension
will be very short. After all, most of the changes in the branch are not
the permissions system, but the remote users, and the permissions system
itself is only set in one short function ? removing it won't really
simplify the code very much, especially if we add hooks behind it.
I'm not convinced of the need for a
"remote" permission. If access is
available and $wgAlternateMaster or whatever is set, then fine, it
happens, otherwise it doesn't.
I think $wgLocalDatabases ($wgAlternateMaster is only to reach enwiki)
is set in all Wikimedia sites, but only the stewards should touch the
remote users, and the local bureaucrats should only add sysops,
bureaucrats and bots, and remove bots *in their site*. Even if
$wgLocalDatabases is set only in Meta, the local bureaucrats of Meta who
are not stewards should not touch the remote users. Therefore,
'userrights_remote' should be set to false for local bureaucrats.
Rob Church
- --
#define Name RotemLiss
#define Mail mail-AT-rotemliss-DOT-com
#define Site
www.rotemliss.com
#define KeyFingerPrint 4AFD 8579 A449 4267 BED9 38E5 6EF8 5B1F EBDE 7AC0
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iD8DBQFE4rxEbvhbH+veesARAp28AJsF9quCrd/ChG2AkmezFSDDlgZxUwCfW7Oi
KgYK7gtS4J6Y5YomYM4v3NM=
=S67f
-----END PGP SIGNATURE-----