Good evening/morning
There's a discussion on the french speaking wikipedia about granted some users the power to block vandals one day. Is that possible? I do think right now it's not, but is it possible to create a new level granted by bureaucrats that allows the user ONLY to use blocking for a preset time? Those users wouldn't have access to delete and other sysops abilities.
Before letting them going further into the organisation of this I though it was better to have a technical answer about it.
Sorry to bother you
Have a nice day
This would require a developer to create a group that only has the block additional privlidge, restrict access to the normal blocking interface, and create a special blocking interface that only allows blocks of a predetermined ammount of time.
xaosflux
----- Original Message ----- From: "Christophe Henner" christophe.henner@gmail.com To: wikitech-l@wikimedia.org Sent: Wednesday, November 15, 2006 7:41 PM Subject: [Wikitech-l] Different sysop levels
Good evening/morning
There's a discussion on the french speaking wikipedia about granted some users the power to block vandals one day. Is that possible? I do think right now it's not, but is it possible to create a new level granted by bureaucrats that allows the user ONLY to use blocking for a preset time? Those users wouldn't have access to delete and other sysops abilities.
Before letting them going further into the organisation of this I though it was better to have a technical answer about it.
Sorry to bother you
Have a nice day
-- schiste _______________________________________________ Wikitech-l mailing list Wikitech-l@wikimedia.org http://mail.wikipedia.org/mailman/listinfo/wikitech-l
On 11/15/06, Christophe Henner christophe.henner@gmail.com wrote:
Would a dev mind doing it if the french community decide to organize it?
In part, it's a pretty long-standing request: bureaucrats should be able to assign more limited groups, such as users who can only roll back edits, not just sysop/bureaucrat. It shouldn't be too hard to do, but none of us has done it yet, and several wikis have already asked.
The second part, limited blocking interface, is not currently on anyone's agenda, and while you might get lucky and find a dev willing to write an extension and a shell user willing to enable it, I don't think it's likely to happen for a single wiki's request, even one of the larger wikis, since it's a) not trivial to write, and b) probably not going to be viewed as a very useful extension. Sorry.
Thanks for this answer. You might not be sorry as I was expecting an answer like this one it was just to be sure and don't let the users organizing new levels if devs can't make an extension for this.
Thank you again for your fast answer. :)
On 16/11/06, Simetrical Simetrical+wikitech@gmail.com wrote:
In part, it's a pretty long-standing request: bureaucrats should be able to assign more limited groups, such as users who can only roll back edits, not just sysop/bureaucrat. It shouldn't be too hard to do, but none of us has done it yet, and several wikis have already asked.
There's Javascript that allows non-admins to do rollback in wide use on en:wp - it's just another form of edit, after all. There's no need to add a privilege level to MediaWiki.
- d.
On 11/16/06, David Gerard dgerard@gmail.com wrote:
There's Javascript that allows non-admins to do rollback in wide use on en:wp - it's just another form of edit, after all. There's no need to add a privilege level to MediaWiki.
Yes, it's a pretty dumb situation: on the one hand, only admins are allowed to "rollback". However, any user can artificially "rollback". Since any user can artifically rollback, no point making a special group for them...?
I'm sure there's a logical contradiction in there somewhere.
Steve
Steve Bennett wrote:
On 11/16/06, David Gerard dgerard@gmail.com wrote:
There's Javascript that allows non-admins to do rollback in wide use on en:wp - it's just another form of edit, after all. There's no need to add a privilege level to MediaWiki.
Yes, it's a pretty dumb situation: on the one hand, only admins are allowed to "rollback". However, any user can artificially "rollback". Since any user can artifically rollback, no point making a special group for them...?
I'm sure there's a logical contradiction in there somewhere.
The "rollback" right also allows bot flagging for Recent Changes purposes, and is performed server-side.
The thing is I never spoke about rollback ^^
I know they're many .js script that give the "magical gift" to users. In my first mail I was speaking about give to some users acces to a "preset time blocking" page. I never mentionned rollback :)
David Gerard schrieb:
On 16/11/06, Simetrical Simetrical+wikitech@gmail.com wrote:
In part, it's a pretty long-standing request: bureaucrats should be able to assign more limited groups, such as users who can only roll back edits, not just sysop/bureaucrat. It shouldn't be too hard to do, but none of us has done it yet, and several wikis have already asked.
There's Javascript that allows non-admins to do rollback in wide use on en:wp - it's just another form of edit, after all. There's no need to add a privilege level to MediaWiki.
But the javascript is a pure resource eater and it is slow like nothing else. But: Why don't we just use the extension "GiveRollback"?? It's also in SVN repo, so there should be no bigger problem to enable it.
Regards, Marco
(HardDisk)
On 11/16/06, Marco Schuster CDL-Klever@gmx.net wrote:
But the javascript is a pure resource eater and it is slow like nothing else.
As a matter of fact, there are tools as VandalProof which allow for a pretty fast and pretty neat rollback by non-sysops. As VandalProof is access-restricted, I consider it similar to an extra group of "rollback users". However, it only works for enwiki at the moment, but afaik internationalisation is planned for later releases. Michael
On 11/16/06, David Gerard dgerard@gmail.com wrote:
On 16/11/06, Simetrical Simetrical+wikitech@gmail.com wrote:
In part, it's a pretty long-standing request: bureaucrats should be able to assign more limited groups, such as users who can only roll back edits, not just sysop/bureaucrat. It shouldn't be too hard to do, but none of us has done it yet, and several wikis have already asked.
There's Javascript that allows non-admins to do rollback in wide use on en:wp - it's just another form of edit, after all. There's no need to add a privilege level to MediaWiki.
That Javascript often fails and generates more load on servers than does the internal rollback (IIRC it makes four page requests instead of the one required by internal rollback). There are good reasons for providing broader access to the rollback button; please do not poopoo such requests so lightly, especially when adding a rollback level to MediaWiki is really very easy, and adding an interface to set it is a rather simple modification to the existing "makebot" functionality that already exists.
Kelly
On 16/11/06, Kelly Martin kelly.lynn.martin@gmail.com wrote:
That Javascript often fails and generates more load on servers than does the internal rollback (IIRC it makes four page requests instead of the one required by internal rollback). There are good reasons for providing broader access to the rollback button; please do not poopoo such requests so lightly, especially when adding a rollback level to MediaWiki is really very easy, and adding an interface to set it is a rather simple modification to the existing "makebot" functionality that already exists.
OK, I didn't know that :-)
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
- d.
On 11/16/06, David Gerard dgerard@gmail.com wrote:
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
This page might be helpful to find out more about the arguments about giving liberal rollback access: http://en.wikipedia.org/wiki/Wikipedia:Requests_for_rollback_privileges
Regards,
Sebastian
David Gerard schrieb:
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
because vandals will register with a "normal" nick, wait the few days and then they can easily do revert wars, mass vandalizing (afaik the rollback doesnt have a captcha so you could easily use a bot), etc, etc.
regards, marco
On 16/11/06, Marco Schuster CDL-Klever@gmx.net wrote:
David Gerard schrieb:
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
because vandals will register with a "normal" nick, wait the few days and then they can easily do revert wars, mass vandalizing (afaik the rollback doesnt have a captcha so you could easily use a bot), etc, etc.
They can and do do that now.
Hmm. Presumably the vandalbots would have fun spotting good rollbacks versus bad ones ...
- d.
David Gerard schrieb:
On 16/11/06, Marco Schuster CDL-Klever@gmx.net wrote:
David Gerard schrieb:
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
because vandals will register with a "normal" nick, wait the few days and then they can easily do revert wars, mass vandalizing (afaik the rollback doesnt have a captcha so you could easily use a bot), etc, etc.
They can and do do that now.
But with a much less effort.
For example, a revert of a big sized article (let's talk of a 80kb article) takes much much more traffic than a simple revert.
regards, Marco
Marco Schuster wrote:
David Gerard schrieb:
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
because vandals will register with a "normal" nick, wait the few days and then they can easily do revert wars, mass vandalizing (afaik the rollback doesnt have a captcha so you could easily use a bot), etc, etc.
Firstly: they can only revert-war or mass-vandalise until they're blocked. So make sure you block them quickly enough ;-)
Secondly: You've already mentioned Captcha. Why is it not an option to implement a Captcha for every rollback that is requested less than (say) a minute after the previous rollback?
Timwi
On 11/16/06, Timwi timwi@gmx.net wrote:
Marco Schuster wrote:
David Gerard schrieb:
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
because vandals will register with a "normal" nick, wait the few days and then they can easily do revert wars, mass vandalizing (afaik the rollback doesnt have a captcha so you could easily use a bot), etc, etc.
Firstly: they can only revert-war or mass-vandalise until they're blocked. So make sure you block them quickly enough ;-)
Secondly: You've already mentioned Captcha. Why is it not an option to implement a Captcha for every rollback that is requested less than (say) a minute after the previous rollback?
. . . for non-admins, anyway?
On Thu, 16 Nov 2006 18:15:21 -0500, Simetrical wrote:
On 11/16/06, Timwi timwi@gmx.net wrote:
Marco Schuster wrote:
David Gerard schrieb:
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
because vandals will register with a "normal" nick, wait the few days and then they can easily do revert wars, mass vandalizing (afaik the rollback doesnt have a captcha so you could easily use a bot), etc, etc.
Firstly: they can only revert-war or mass-vandalise until they're blocked. So make sure you block them quickly enough ;-)
Secondly: You've already mentioned Captcha. Why is it not an option to implement a Captcha for every rollback that is requested less than (say) a minute after the previous rollback?
. . . for non-admins, anyway?
A minute seems a bit long; Normal vandal fighting with JS tools is faster than that. Maybe it would be more useful to limit the scope (i.e. no bot flag) than to throttle them, since it's already possible to roll back fairly quickly with JS tools or bots, but with a bit more strain on the servers.
Steve Sanbeg schrieb:
On Thu, 16 Nov 2006 18:15:21 -0500, Simetrical wrote:
On 11/16/06, Timwi timwi@gmx.net wrote:
Marco Schuster wrote:
David Gerard schrieb:
What's the reason for not everyone having rollback? What would happen if everyone who'd had an account for a few days could use it?
because vandals will register with a "normal" nick, wait the few days and then they can easily do revert wars, mass vandalizing (afaik the rollback doesnt have a captcha so you could easily use a bot), etc, etc.
Firstly: they can only revert-war or mass-vandalise until they're blocked. So make sure you block them quickly enough ;-)
Secondly: You've already mentioned Captcha. Why is it not an option to implement a Captcha for every rollback that is requested less than (say) a minute after the previous rollback?
The current captcha (the math formula) wouldn't use anything as it can easily be overrided with any programming langauage that supports eval()-like functions.
. . . for non-admins, anyway?
A minute seems a bit long; Normal vandal fighting with JS tools is faster than that.
In peak times it may be even slower or non-working as most scripts don't retry if they get errors, which happen often :-(
Regards, Marco Schuster
On 11/17/06, Marco Schuster CDL-Klever@gmx.net wrote:
because vandals will register with a "normal" nick, wait the few days and then they can easily do revert wars, mass vandalizing (afaik the rollback doesnt have a captcha so you could easily use a bot), etc, etc.
Q: Why don't we give more great functionality to our users? A: Because there are evil people out there.
I don't like this reasoning.
Steve
On 11/20/06, Edward Z. Yang edwardzyang@thewritingpot.com wrote:
Steve Bennett wrote:
Q: Why don't we give more great functionality to our users? A: Because there are evil people out there.
I don't like this reasoning.
Whether or not you like it has little bearing on the issue.
Would it be better if I phrased this is "this is bad reasoning, please don't do this"? Yes, there are vandals. Yes, we have ways of dealing with them. No, we should not avoid implementing something on the faulty assumption that its use by vandals will outweigh its benefits?
Has rollback-for-everyone even been trialled?
Steve
Steve Bennett wrote:
Would it be better if I phrased this is "this is bad reasoning, please don't do this"?
Yes. :-) (sorry about being a little pedantic)
Yes, there are vandals. Yes, we have ways of dealing with them. No, we should not avoid implementing something on the faulty assumption that its use by vandals will outweigh its benefits?
Well, there's really no way to know whether or not the problems that it could pose by vandals would outweight the benefits. There's quite a bit of prior art on sleeper accounts, see: http://en.wikipedia.org/wiki/Wikipedia:Long_term_abuse
Has rollback-for-everyone even been trialled?
I don't think so.
On 11/20/06, Edward Z. Yang edwardzyang@thewritingpot.com wrote:
Well, there's really no way to know whether or not the problems that it could pose by vandals would outweight the benefits. There's quite a bit of prior art on sleeper accounts, see: http://en.wikipedia.org/wiki/Wikipedia:Long_term_abuse
We could trial it. Give it to anyone with over 3000 accounts (and not on that list). Then lower the threshold to 2000, 1000, 500...at some point, the vandals with sleeper accounts will become a sufficiently big problem to discourage lowering it further.
Steve
Steve Bennett wrote:
On 11/20/06, Edward Z. Yang edwardzyang@thewritingpot.com wrote:
Well, there's really no way to know whether or not the problems that it could pose by vandals would outweight the benefits. There's quite a bit of prior art on sleeper accounts, see: http://en.wikipedia.org/wiki/Wikipedia:Long_term_abuse
We could trial it. Give it to anyone with over 3000 accounts (and not on that list). Then lower the threshold to 2000, 1000, 500...at some point, the vandals with sleeper accounts will become a sufficiently big problem to discourage lowering it further.
I would have thought that the people on that list would be the only ones with 3000 accounts!
On 11/20/06, Alphax (Wikipedia email) alphasigmax@gmail.com wrote:
We could trial it. Give it to anyone with over 3000 accounts (and not on that list). Then lower the threshold to 2000, 1000, 500...at some point, the vandals with sleeper accounts will become a sufficiently big problem to discourage lowering it further.
I would have thought that the people on that list would be the only ones with 3000 accounts!
Heh! Edits, dammit.
Steve
Steve Bennett wrote:
Heh! Edits, dammit.
As the MediaWiki developers have previously decided when implementing the semi-protection feature, doing this sort of throttling based on edit counts is not feasible performance-wise. Anything would have to be done by how old the account is.
On 11/21/06, Edward Z. Yang edwardzyang@thewritingpot.com wrote:
As the MediaWiki developers have previously decided when implementing the semi-protection feature, doing this sort of throttling based on edit counts is not feasible performance-wise. Anything would have to be done by how old the account is.
Oh yeah. Um. Is that the *only* way? Any alternatives whereby we assign all vaguely trustworthy users to some "vaguely trustworthy" account group? Based on...I don't know.
For my own curiosity, why *is* it so DB-intensive to count the number of edits for a user? Is there no view/table that marries users up to their edits?
For the sake of this discussion, edits would definitely be a more desirable trust metric than age, as creating a sleeper account that sits dormant for 3 months is a lot less effort than creating an account then making some large number of (even trivial) edits with is.
Steve
On 11/21/06, Steve Bennett stevagewp@gmail.com wrote:
For my own curiosity, why *is* it so DB-intensive to count the number of edits for a user? Is there no view/table that marries users up to their edits?
It's just that there's no edit count stored directly in the database at present (at least not that I can see in a quick glance at the schema). You have to do a count, which is O(N). An edit count could be added, presumably, if it were deemed useful, but I'm not the person to ask about whether that would slow things down or not, or otherwise be deemed undesirable.
wikitech-l@lists.wikimedia.org