MediaWiki checks the edit permission for various non-edit actions (move, delete, rollback etc) as a generic "does this user have write access to this page" test. This is problematic as sometimes we want users to have some kind of write access to a page, but not edit access specifically. It is especially problematic with grants which are supposed to limit activity in a granular way (a move or rollback bot should not be able to edit) but that's not possible currently because without the edit right everything else fails. (See T212851: Confusing error for OAuth consumers with rollback but not edit grant for a specific example.)
Description
Description
Related Objects
Related Objects
Event Timeline
Comment Actions
Probably there should be separate edit and change permissions, and other write permission checks (and edit itself) should check change instead of edit as a generic access check mechanism. Except that would break legacy logic which tries to prevent access to some specific page by revoking the edit permission only. The other way around (keep using edit as a generic check and add a really-edit and also check that for editing) would be a less smoother migration path but would end up with misleading names. Not sure what's the best approach here.