@neriah: In the future, please follow https://meta.wikimedia.org/wiki/Requesting_wiki_configuration_changes when requesting such kinds of changes. Thanks! :)

Note: If you are curious and want to try making this configuration change yourself, please follow https://wikitech.wikimedia.org/wiki/Wikimedia_site_requests and give it a try!

Change 667306 had a related patch set uploaded (by Zabe; owner: Zabe):
[operations/mediawiki-config@master] component: Add 'autoreview' and 'interface-admin' protection level to hewikisource

https://gerrit.wikimedia.org/r/667306

It did not work.

The changes have not been deployed yet.

So when will it work?

When a sysadmin deploys the changes. I added @Urbanecm as a reviewer to the patch, so maybe he takes a look at this.

@neriah: Hi, please see https://wikitech.wikimedia.org/wiki/Wikimedia_site_requests#Lifecycle_of_a_request - thanks!

@Aklapper @ZabeMath I do not understand. what am I supposed to do now? Turn elsewhere?

@neriah: Thanks for the feedback. No need to turn elsewhere. :) I've tried to improve https://wikitech.wikimedia.org/wiki/Wikimedia_site_requests#Lifecycle_of_a_request and if is something is still unclear, please elaborate so we can try to clarify. We are currently between step 3 and step 4 in that list of six steps, as we are waiting for someone to give a "Code-Review +2" review in Gerrit on the proposed configuration change.

Send the right code for you?

I don't understand, sorry?

Do you want the appropriate code for your server?

@neriah: We have code proposed: https://gerrit.wikimedia.org/r/c/667306

The Hebrew Wikipedia already has it, right?

@neriah kinda, see T60207 and T102466.

OK.

Hello everyone,

I'm a Backport Deployer, who was asked by @Zabe to deploy the patch in question. I'm uncomfortable with doing so now, without understanding the need for the interface-admin-level protection, and without further discussion.

The interface-admin group was introduced to make sure only people who really need to edit sitewide CSS/JS can do so. I'm concerned that introducing a new protection level restricted to interface admins would turn that group into a "group for technicans", which is not its purpose. For instance, it should not be granted to people who need to edit interface messages.

Furthermore, the patch allows sysops to edit pages protected by this proposed restriction level. That doesn't make sense to me - why is it necessary?

Please don't take this personally; I'm merely not convinced that this is a good change to deploy. This is not a final decision, which will be made based on a discussion in this task.

@Tgr @Ladsgroup Hello, tagging a few people who could have an opinion on this. What do you think?

The task description links to a discussion, but as far as I can tell with Google Translate that discussion is about a wholly different issue.

@Urbanecm The main page templates need to be protected with high protection, and there are also non-sysop users who want to edit them. Now they are condemned that only those with 4 days of experience can edit, but want to raise it. I defended all these patterns, because of the corruption. It is necessary. I do not want anyone to be able to create an account, wait 4 days, and destroy the main page. Need higher protection. And as for interface protection, I wanted it for the "edit posts".

Sounds like you want something like T102466: Add "protectedtemplate" protection level in Hewiki?

yes.

That doesn't need interface admin right. You really shouldn't use that right for something it's not designed for.

@Ladsgroup what? I did not understand...

@Ladsgroup, @Zabe When will they handle the request? I opened the vote on interface protection for this. If this is an extension, I'll open a vote on it.

@neriah so you basicly want 2 protection levels, which are like those in hewiki? One for autoreviewers and one to protect templates, which are editable by sysops and interface-admins?

yes.

@neriah So, the 'editautoreviewprotected' one is doable. The other one violates the point "Grant Interface admins other permissions" at https://meta.wikimedia.org/wiki/Limits_to_configuration_changes. It would be fine to create an extra group "templateeditor" (see enwiki or commons), which could edit at a new protection level. This user group could be given to trusted users then. Would that be ok?

@Zabe, I do not know if it is possible to create a new permission, because I did not ask in wikisource if it is possible. Is it possible without creating a new permission?

@neriah We can do the 'editautoreviewprotected' one. As I already said giving interface admins other permissions is not allowed, which makes the other one simply another admin level, which is redundant.

@Zabe Are you planning to remove the interface editor permission?

In T275076#7035597, @neriah wrote:

@Zabe Are you planning to remove the interface editor permission?

No, I think there is a misunderstanding here. I just wanted to say that it is not allowed to create a protection level and then give interface admins permission to edit it (see https://meta.wikimedia.org/wiki/Limits_to_configuration_changes).

@Zabe So how is there such a thing in hewiki?

In T275076#7038370, @neriah wrote:

@Zabe So how is there such a thing in hewiki?

I have no idea. @Urbanecm, do you know?

@Zabe Can you then install only the first protection? (Not by the interface editors)

Change 702761 had a related patch set uploaded (by Zabe; author: Zabe):

[operations/mediawiki-config@master] Add 'editautoreviewprotected' protection level to hewikisource

https://gerrit.wikimedia.org/r/702761

Change 667306 abandoned by Zabe:

[operations/mediawiki-config@master] Add 'editautoreviewprotected' and 'templateeditor' protection level to hewikisource

Reason:

superseeded by https://gerrit.wikimedia.org/r/c/operations/mediawiki-config/ /702761. The issues mentioned in the -2 is no longer part of that one.

https://gerrit.wikimedia.org/r/667306

Change 702761 merged by jenkins-bot:

[operations/mediawiki-config@master] Add 'editautoreviewprotected' protection level to hewikisource

https://gerrit.wikimedia.org/r/702761

Mentioned in SAL (#wikimedia-operations) [2021-07-12T11:26:18Z] <wmde-fisch@deploy1002> Synchronized wmf-config/InitialiseSettings.php: Config: [[gerrit:702761|Add 'editautoreviewprotected' protection level to hewikisource (T275076)]] (duration: 00m 57s)

@Zabe Is it also possible to enable the "editautoreviewprotected" bot (allow it to edit pages protected by the new protection)?

In T275076#7206518, @neriah wrote:

@Zabe Is it also possible to enable the "editautoreviewprotected" bot (allow it to edit pages protected by the new protection)?

You mean allowing bots to edit pages with this new protection level? Yes that would be possible.

@Zabe, So can you add?

Change 704191 had a related patch set uploaded (by Zabe; author: Zabe):

[operations/mediawiki-config@master] Add 'editautoreviewprotected' to bot on hewikisource

https://gerrit.wikimedia.org/r/704191

Change 704191 merged by jenkins-bot:

[operations/mediawiki-config@master] Add 'editautoreviewprotected' to bot on hewikisource

https://gerrit.wikimedia.org/r/704191

Mentioned in SAL (#wikimedia-operations) [2021-07-12T23:27:41Z] <urbanecm@deploy1002> Synchronized wmf-config/InitialiseSettings.php: 6c581493fbe5d9c372fd44635b704d04040d8b38: Add editautoreviewprotected to bot on hewikisource (T275076) (duration: 00m 57s)

In T275076#7206932, @neriah wrote:

@Zabe, So can you add?

Done