Page MenuHomePhabricator
Create Task
Maniphest T207323

Proposal to create acl*oversight and acl*checkuser ACL projects
Closed, InvalidPublic
Actions

Assigned To
None
Authored By
TheresNoTime
Oct 17 2018, 7:46 PM
Tags
Referenced Files
None
Subscribers
Aklapper
Krenair
Legoktm
TheresNoTime
TonyBallioni
Tokens
"Dislike" token, awarded by Krenair."Like" token, awarded by stwalkerster."Like" token, awarded by Rxy.

Description

It would be useful to have ACL projects for current oversighters/checkusers, so that privacy/security related tasks which are relevant to the group (such as T207085) can be viewed by the functionary group without having to manually add them.

I propose:

  • acl*oversight, which we can keep up to date with users who currently hold oversight on any project
  • acl*checkuser, which we can keep up to date with users who currently hold checkuser on any project

I don't mind maintaining that list, along with the help of some other stewards etc.

Per 'Project management#Types of Projects' I believe this will need to be discussed - I hope the benefits are relatively clear, and welcome any suggestions or comments.

Related Objects

Event Timeline

TheresNoTime created this task.Oct 17 2018, 7:46 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 17 2018, 7:46 PM
Rxy awarded a token.Oct 18 2018, 1:12 AM
Liuxinyu970226 moved this task from Incoming to Projects to create on the Project-Admins board.Oct 18 2018, 10:06 AM
stwalkerster awarded a token.Oct 22 2018, 7:32 PM
TonyBallioni subscribed.Oct 22 2018, 7:41 PM

This seems like it would be pretty useful.

Legoktm subscribed.Oct 22 2018, 7:57 PM

Security tasks are generally kept to a limited audience of MediaWiki developers plus a few other people. We created an ACL for stewards because there was a repeated need to add them to individual tasks, and they're already an incredibly trusted group of people who are relatively well known to developers, and are familiar with our workflows.

I don't think adding all oversighters and all checkusers to individual security tasks is a good idea. There's no need for everyone to be CC'd to T207085. A few of them? Sure.

I would suggest nominating one to two people as liasons for each group who can be cc'd as necessary and inform other oversighters/CUs about the presence of bugs that are pertinent. In the past we've done it informally.

TheresNoTime added a comment.Oct 22 2018, 8:07 PM

@Legoktm on reflection, I'm agreed entirely i.r.t "I don't think adding all oversighters and all checkusers to individual security tasks is a good idea" - there are a few other cases where general, non-security tasks are of immediate interest to the greater CU/OS community, but I'm not sure using an acl* project would be useful there.

Appears that this task can be closed...

Krenair closed this task as Invalid.Oct 22 2018, 8:13 PM
Krenair subscribed.

per requestor

Krenair awarded a token.Oct 22 2018, 8:14 PM
Legoktm added a comment.Oct 22 2018, 9:42 PM
In T207323#4687063, @Samtar wrote:

@Legoktm on reflection, I'm agreed entirely i.r.t "I don't think adding all oversighters and all checkusers to individual security tasks is a good idea" - there are a few other cases where general, non-security tasks are of immediate interest to the greater CU/OS community, but I'm not sure using an acl* project would be useful there.

I would suggest watching the CheckUser, MediaWiki-Revision-deletion, and/or Stewards-and-global-tools projects depending on what you want.

Krenair mentioned this in T204160: Create a security issue task type with additional attributes.Nov 10 2018, 5:44 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits