On Tue, 04 Jun 2013 17:35:24 -0700, Chris Steipp csteipp@wikimedia.org wrote:
The biggest issue we hit with the permissions was trying to balance fine granularity and not overwhelming the user with the list of what was being requested and have them blindly agree to it.
We initially were going to use your patch and limit based on module, but there were a few places where that seemed too course. But then if we just used user rights, then to edit a page the user needed to grant 8 (iirc) permissions.
I would certainly welcome discussion on the tradeoffs.
I see no problem with needing to grant 8 permissions for simple things. There is nothing inherently wrong with listing 8 strings inside of the scope you ask for.
The only possible issue I can see would be the grant page overloading the user with a list of permissions. However that is only an issue if that page is implemented in a lazy way. Just dumping the permissions instead of properly formatting and grouping them.
For example, assuming the rights "read, edit, autoconfirmed, createpage, createtalk, deletedhistory, deletedtext" are requested.
The WRONG way to display this would be: * Read pages (read) * Edit pages (edit) * Create pages (which are not discussion pages) (createpage) * Create discussion pages (createtalk) * Edit semi-protected pages (autoconfirmed) * View deleted history entries, without their associated text (deletedhistory) * View deleted text and changes between deleted revisions (deletedtext)
This set of permissions can be vastly simplified by grouping, filtering, and combining permissions.
Firstly on a public wiki read can be dropped from the list. The pages are public so getting a user's read rights doesn't grant you any new permissions.
Next autoconfirmed. This one you might just filter out to. Does anyone know of any situation you'd expect OAuth to let an app "Edit any page I can edit, but not the semi-protected ones I could usually edit."?
edit, createpage, and createtalk can actually be grouped and combined into a single entry and group. Likewise deletedhistory and deletedtext can be combined into one entry in a separate common group.
Like so: ((Grant this app permission to)) ## Editing * Edit existing content and create pages and talkpage as me. ## Administrative * View deleted history entries, text, and changes.
"Edit existing content and create pages and talkpage as me." is a combination entry in the list of things being granted. The text varies by what permissions are being granted.
edit,createpage,createtalk = "Edit existing content and create pages and talkpage as me." edit,createpage = "Edit existing content and create pages as me." edit,createtalk = "Edit existing content and create talkpages as me." edit = "Edit existing content as me."