On Fri, Apr 3, 2009 at 9:51 AM, Aryeh Gregor
<Simetrical+wikilist@gmail.com<Simetrical%2Bwikilist@gmail.com>
wrote:
> On Fri, Apr 3, 2009 at 12:01 PM, Robert Rohde <rarohde(a)gmail.com
wrote:
> > That said, I'm also not
sure why we couldn't trust sysops with this.
> > Assuming the limitation is not technical (i.e. the servers won't
> > explode)
>
> I think Domas might have objections if the number of renames suddenly
> increased by a factor of 10, actually. He's complained about them
> before. They have to update an awful lot of rows.
>
> > and renames are undoable (they are right?)
>
> In principle, yes. Of course they can get stuck half-done, and if you
> rename someone twice in quick succession I don't know what will happen
> with the job queue.
>
> Renaming is not currently a simple operation, because of our schema.
> We encode the username all over the place. If it were just in the
> user table, renaming would be less of a big deal, since we'd change
> one row plus maybe some stuff in RC. But we have to change a ton of
> rows in a ton of tables, almost all of which (for long-established
> users) will be cold and so will be dug out from disk. So we have to
> defer things, so they can be in a half-finished state, so it's slow
> and messy.
>
> Also keep in mind that if someone is renamed without their knowledge,
> they'll be unable to log into their account. The error message will
> only say that the user doesn't exist, or -- if a user is created with
> the same name -- it will just tell them their password is wrong!
> Forcible renames are scary for this reason as well.
I agree that admins might not be necessarily trusted with permissions which
would screw up site operations. We do no administrator ID verification, and
the length and breadth of high load website operations/architecture
experience is not a selection criteria. Limiting it to people who
understand what effects it could have, and who are better known to the
community/foundation, seems sensible.
Any reason not to set this up as a new userright we can have Arbcom hand to
admins on request/review/background verification?
We already have them as a mechanism to extend admin rights to CU. This is
less sensitive than that - but we don't have any mechanism in place to
handle anything between "admins can add themselves to this" and CU right
now.
OTRS might sorta count there, but it's sideways of the on-wiki
administrative structure.
--
-george william herbert
george.herbert(a)gmail.com