- Affected components: Configuration/Page protection/User management
- Engineer for initial implementation: TBD.
- Code steward: TBD.
Currently, content that should be restricted from viewing cannot be kept on wiki, unless the entire wikis is restricted from viewing. Allowing users to store more secure information on wiki would
- Eliminate the need for keeping separate wikis (eg CheckUserWiki)
- Allow information that should only be visible to certain users to be stored on wiki (eg for WikiJournals)
- Allow non-WMF wikis to manage information visibility in a more fine-tune manner
- Be required to convert AbuseFilter filters to wikipages while maintaining visibility restrictions T227595
- Restricted task T160266
- System administrators must be able to configure read restrictions for individual namespaces (not individual pages, for now)
- Extensions must be able to specify read restrictions for added namespaces
- Restrictions must prevent views without the proper rights from viewing the content, history, or logs for a page, including in recent changes, via the api, and in other users' contribution histories
(Proposals and considerations will be documented here.)
T230668: Fully implement read/view restrictions in mediawiki core has some background, as does T156788: Improve support for read access restriction / access control
For efficient caching, pages in view-protected namespaces should not transcludable
https://gerrit.wikimedia.org/r/#/c/mediawiki/core/+/585322/ is a proof of concept patch that allows such configured read restrictions for namespaces, and applies those restrictions to viewing RecentChanges, viewing Contributions, and attempting to perform actions on an article, including viewing it