On Tue, Jun 4, 2013 at 9:00 PM, Tyler Romeo tylerromeo@gmail.com wrote:
I'm sure you did, but it's kind of useless if nobody provides an explanation. Do you really expect me to just accept that "some WMF engineers somewhere decided it was best"?
I should have logged and posted our irc chats around this, but I didn't think of that at the time. That's my fault. I'll try and reconstruct the discussions we had on wiki.
There's a difference between the permissions interface in the actual API and the permissions interface in the UI. A bot may ask for "read|writeapi|edit|createpage|createtalk", but the UI will only show the user "Create and edit pages", because all users can read so there's no point in asking, writeapi is an implied permissions needed for edit, and createpage and createtalk are two sides of the same coin. In other words, the rationale should not be "we will confuse the user", because we decide what to show the user. It's impossible to come up with a single interface that will be perfect for both humans and bots.
This was something we discussed, but keeping around another way of grouping rights seemed to add more complexity than the idea that Brad had. For example if the group changes, do users need to re-authorize? Otherwise they may have authorized "Create and edit pages" for one client, but the rights would be different for another client if the "Create and edit pages" group was updated.
I'm not sure we made the right choice, but let me try and reconstruct those discussions on wiki to give the reasons, and let's continue the discussion.