Page MenuHomePhabricator

Bots to edit protected pages
Closed, ResolvedPublic


Especially on wikinews where pages get protected after seven days, protected pages that need bot attention are particularly problematic.

Bots only handle non-controversial mindless tasks on pages. To wait for a page to get unprotected just to be able to add an interiwkilink or fix a double redirect does not feel very logical to me.

Furthermore I do not think it is wise to grant bots all adminship tools just so they can edit protected pages.

If a bots make controversial edits on any page (weather it is protected or not) they tend to get blocked and loose their botflag - so I do not believe abuse is an issue here.

For pages protected from bot edits (I cant think of a single valid case) there may be a 3rd level of protection above current 'full protection'.

Version: unspecified
Severity: enhancement



Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:07 PM
bzimport set Reference to bz13137.
bzimport added a subscriber: Unknown Object (MLST).

I guess we can define a new permission like 'editprotected', which is set to true for sysops. Wikis like wikinews can define a new group of users (like Trusted Bots or something) with that permission on LocalSettings.php and then a Bureaucrat can assign trusted bots to this group, so they can change protected pages.

If there is no objection (and no-one comes up with a good reason for avoiding the above solution) I will create a patch for it in a couple of days.

With r31247 it is now possible to give the 'editprotected' permission to a group of users, without making them sysops. For example, a line can be added to LocalSettings.php like this:

$wgGroupPermissions['bot' ]['editprotected'] = true;

to let all accounts with bot flag edit a protected page.

brian.mcneil wrote:

Can this be applied on en.wikinews? Do we need a vote on it?

I'm afraid the local community should reach agreement about it, and then you should open a new bug here (not under MediaWiki section, but under Wikimedia > Site request section) linking to the page where the agreement has been archived. A developer with shell access will then apply the required changes for that specific wiki.

As the feature requested here is fullfiled, I'm marking it as FIXED again.

With r31462, I undid the changes made to Title.php, because of a security flaw introduced with r31247. I and ialex are working on the correct solution to this bug.

With r32164 I fixed the bug again, taking care of the cascading issues. For the correct usage see comment #2.

Change 71536 had a related patch set uploaded by Anomie:
Fix protection rights usage

Change 71536 merged by jenkins-bot:
Fix protection rights usage

So what is the conclusion? Can bots edit protected pages now?