jenkins-bot has submitted this change and it was merged.
Change subject: (bug 50287) Restrict local uploads on Meta-Wiki
......................................................................
(bug 50287) Restrict local uploads on Meta-Wiki
Per community request, I'm restricting local uploads on Meta
to the 'sysop' and the newly created 'uploader' user groups.
To do that, I'm taking away all upload-related user rights
from all users: 'reupload-own' which is assigned by default
to the 'user' group, and 'upload' and 'reupload' which are
assigned to the 'autoconfirmed' user group.
As requested, I'm also removing the same rights from users in
the 'confirmed' user group and creating a new 'uploader' group
with 'upload', 'reupload' and 'reupload-own' user rights. Since
no upload rights are assigned to the 'sysop' group by default,
I'm adding the said rights to that group as well (because they
wouldn't be able to upload anything otherwise).
[Unrelated: I'm removing the 'move' definition since this right
is already taken away from the 'user' group in wgGroupOverrides2.]
As requested, bureaucrats will be able to add and remove users
from the new 'uploader' group.
Bug: 50287
Change-Id: I78737791fccde75e0c90af7e6a45539d0dfdce6e
---
M wmf-config/InitialiseSettings.php
1 file changed, 21 insertions(+), 3 deletions(-)
Approvals:
Reedy: Looks good to me, approved
jenkins-bot: Verified
diff --git a/wmf-config/InitialiseSettings.php
b/wmf-config/InitialiseSettings.php
index 7e40475..010774f 100644
--- a/wmf-config/InitialiseSettings.php
+++ b/wmf-config/InitialiseSettings.php
@@ -7111,11 +7111,29 @@
),
'metawiki' => array(
- 'user' => array( 'move' => false ), // sigh. tired of this
shit. brion -2007-01-10
+ /* 'user' => array( 'reupload-own' => false ), // bug 50287 */
+ 'autoconfirmed' => array( // bug 50287
+ 'upload' => false,
+ 'reupload' => false,
+ ),
+ 'confirmed' => array( // bug 50287
+ 'upload' => false,
+ 'reupload' => false,
+ ),
'steward' => array( 'userrights-interwiki' => true ), // new
steward stuff, yay 2007-12-27
'flood' => array( 'bot' => true ),
'autopatrolled' => array( 'autopatrol' => true ),
'centralnoticeadmin' => array( 'centralnotice-admin' => true,
'editinterface' => true ), //adding to allow CN access without local sysop JRA
2013-02-21
+ 'uploader' => array( // bug 50287
+ 'upload' => true,
+ 'reupload' => true,
+ 'reupload-own' => true,
+ ),
+ 'sysop' => array( // bug 50287
+ 'upload' => true,
+ 'reupload' => true,
+ 'reupload-own' => true,
+ ),
),
'mkwiki' => array(
'autopatrolled' => array( 'autopatrol' => true ),
@@ -7805,7 +7823,7 @@
'coder' => array( 'coder' ),
),
'+metawiki' => array(
- 'bureaucrat' => array( 'ipblock-exempt', 'centralnoticeadmin',
'flood' ), // Bug 46639
+ 'bureaucrat' => array( 'ipblock-exempt', 'centralnoticeadmin',
'flood', 'uploader' ), // Bug 46639
'checkuser' => array( 'ipblock-exempt' ),
'sysop' => array( 'autopatrolled' ),
),
@@ -8228,7 +8246,7 @@
'bureaucrat' => array( 'transwiki', 'import', 'coder',
'svnadmins' ),
),
'+metawiki' => array(
- 'bureaucrat' => array( 'sysop', 'bureaucrat', 'ipblock-exempt',
'flood', 'translationadmin', 'centralnoticeadmin' ), //
https://bugzilla.wikimedia.org/show_bug.cgi?id=37198
+ 'bureaucrat' => array( 'sysop', 'bureaucrat', 'ipblock-exempt',
'flood', 'translationadmin', 'centralnoticeadmin', 'uploader' ), // bug 37198,
50287
'checkuser' => array( 'ipblock-exempt' ),
'sysop' => array( 'autopatrolled' ),
),
--
To view, visit https://gerrit.wikimedia.org/r/71252
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I78737791fccde75e0c90af7e6a45539d0dfdce6e
Gerrit-PatchSet: 4
Gerrit-Project: operations/mediawiki-config
Gerrit-Branch: master
Gerrit-Owner: Odder <tom...@twkozlowski.net>
Gerrit-Reviewer: Reedy <re...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
