Page MenuHomePhabricator

Improve ArticleFeedbackv5 permissions
Closed, ResolvedPublic


Permissions are now a mess: documentation is all about "editors, monitors, oversighters", while code is more specific like "aftv5-hide-feedback, aftv5-delete-feedback, aftv5-feature-feedback, ..."

Right now, the code largely uses "aftv5-feature-feedback" to identify "an editor" - even if the functionality has nothing to do with "featuring", which leads to confusing code (there have been multiple permissions issues before)

Either stop using "aftv5-feature-feedback" as a generic identifier for "editor" usecases (and instead start using multiple permissions like e.g. "aftv5-see-hidden-feedback" but make sure they're all assigned to the correct groups of people), or make the "editor" identifier ("aftv5-feature-feedback") less confusing.

Version: unspecified
Severity: normal



Event Timeline

bzimport raised the priority of this task from to High.Nov 22 2014, 12:59 AM
bzimport added a project: ArticleFeedbackv5.
bzimport set Reference to bz39497. has gotten this kick-started already.

Fabrice: could you please review - we've constantly been talking in terms like editors/monitors/oversighters, missing some of the listed intermediary groups (like administrators)
I'll assume the list to still be accurate and update/fix all permissions according to the list (and refactor the rest as described in previous comment)

To shed some clarity on the user groups (there's recently been some confusion about "readers"), this is how I'll be naming the groups internally.
We can either talk about "confirmed users" or "editors", doesn't matter to me, just want to make sure we agree on the terminology. Once agreed upon, I'll also update to reflect these internal names.

every member (apart from blocked users) = reader
registered members = member
(auto-)confirmed users = editor
rollbacker/reviewer = monitor
administrator (= sysop) = administrator
oversight = oversighter

  • Bug 39282 has been marked as a duplicate of this bug. ***

This seems like a very reasonable way to improve permissions for Article Feedback. Thanks for this excellent recommendation!