Bots to edit protected pages
Closed, ResolvedPublic


Especially on wikinews where pages get protected after seven days, protected pages that need bot attention are particularly problematic.

Bots only handle non-controversial mindless tasks on pages. To wait for a page to get unprotected just to be able to add an interiwkilink or fix a double redirect does not feel very logical to me.

Furthermore I do not think it is wise to grant bots all adminship tools just so they can edit protected pages.

If a bots make controversial edits on any page (weather it is protected or not) they tend to get blocked and loose their botflag - so I do not believe abuse is an issue here.

For pages protected from bot edits (I cant think of a single valid case) there may be a 3rd level of protection above current 'full protection'.

Version: unspecified
Severity: enhancement


bzimport set Reference to bz13137.
bzimport added a subscriber: Unknown Object (MLST).
Huji added a comment.Feb 24 2008, 8:33 PM

I guess we can define a new permission like 'editprotected', which is set to true for sysops. Wikis like wikinews can define a new group of users (like Trusted Bots or something) with that permission on LocalSettings.php and then a Bureaucrat can assign trusted bots to this group, so they can change protected pages.

If there is no objection (and no-one comes up with a good reason for avoiding the above solution) I will create a patch for it in a couple of days.

Huji added a comment.Feb 25 2008, 10:37 AM

With r31247 it is now possible to give the 'editprotected' permission to a group of users, without making them sysops. For example, a line can be added to LocalSettings.php like this:

$wgGroupPermissions['bot' ]['editprotected'] = true;

to let all accounts with bot flag edit a protected page.

Thanks for the quick fix!

brian.mcneil wrote:

Can this be applied on en.wikinews? Do we need a vote on it?

Huji added a comment.Mar 1 2008, 8:13 AM

I'm afraid the local community should reach agreement about it, and then you should open a new bug here (not under MediaWiki section, but under Wikimedia > Site request section) linking to the page where the agreement has been archived. A developer with shell access will then apply the required changes for that specific wiki.

As the feature requested here is fullfiled, I'm marking it as FIXED again.

Huji added a comment.Mar 2 2008, 7:27 PM

With r31462, I undid the changes made to Title.php, because of a security flaw introduced with r31247. I and ialex are working on the correct solution to this bug.

Huji added a comment.Mar 19 2008, 11:24 AM

With r32164 I fixed the bug again, taking care of the cascading issues. For the correct usage see comment #2.

Change 71536 had a related patch set uploaded by Anomie:
Fix protection rights usage

Change 71536 merged by jenkins-bot:
Fix protection rights usage

So what is the conclusion? Can bots edit protected pages now?

Add Comment