Change Details

* Affected components: Configuration/Page protection/User management * Engineer for initial implementation: TBD. * Code steward: TBD.[1] ### Motivation Currently, content that should be restricted from viewing cannot be kept on wiki, unless the entire wikis is restricted from viewing. Allowing users to store more secure information on wiki would * Eliminate the need for keeping separate wikis (eg CheckUserWiki) * Allow information that should only be visible to certain users to be stored on wiki (eg for #wikijournals) * Allow non-WMF wikis to manage information visibility in a more fine-tune manner * Be required to convert AbuseFilter filters to wikipages while maintaining visibility restrictions * Restricted task T160266 ##### Requirements * System administrators must be able to configure read restrictions for individual namespaces (not individual pages, for now) * Extensions must be able to specify read restrictions for added namespaces * Restrictions must prevent views without the proper rights from viewing the content, history, or logs for a page, including in recent changes, via the api, and in other users' contribution histories ------- ### Exploration //(Proposals and considerations will be documented here.)// {T230668} has some background, as does {T156788} For efficient caching, pages in view-protected namespaces should not transcludable https://gerrit.wikimedia.org/r/#/c/mediawiki/core/+/585322/ is a proof of concept patch that allows such configured read restrictions for namespaces, and applies those restrictions to viewing RecentChanges, viewing Contributions, and attempting to perform actions on an article, including viewing it [1] Per https://www.mediawiki.org/wiki/Developers/Maintainers * #core_platform_team is responsible for configuration and page protection * #contributors-team is responsible for user management

* Affected components: Configuration/Page protection/User management * Engineer for initial implementation: TBD. * Code steward: TBD.[1] ### Motivation Currently, content that should be restricted from viewing cannot be kept on wiki, unless the entire wikis is restricted from viewing. Allowing users to store more secure information on wiki would * Eliminate the need for keeping separate wikis (eg CheckUserWiki) * Allow information that should only be visible to certain users to be stored on wiki (eg for #wikijournals) * Allow non-WMF wikis to manage information visibility in a more fine-tune manner * Be required to convert AbuseFilter filters to wikipages while maintaining visibility restrictions T227595 * Restricted task T160266 ##### Requirements * System administrators must be able to configure read restrictions for individual namespaces (not individual pages, for now) * Extensions must be able to specify read restrictions for added namespaces * Restrictions must prevent views without the proper rights from viewing the content, history, or logs for a page, including in recent changes, via the api, and in other users' contribution histories ------- ### Exploration //(Proposals and considerations will be documented here.)// {T230668} has some background, as does {T156788} For efficient caching, pages in view-protected namespaces should not transcludable https://gerrit.wikimedia.org/r/#/c/mediawiki/core/+/585322/ is a proof of concept patch that allows such configured read restrictions for namespaces, and applies those restrictions to viewing RecentChanges, viewing Contributions, and attempting to perform actions on an article, including viewing it [1] Per https://www.mediawiki.org/wiki/Developers/Maintainers * #core_platform_team is responsible for configuration and page protection * #contributors-team is responsible for user management

* Affected components: Configuration/Page protection/User management * Engineer for initial implementation: TBD. * Code steward: TBD.[1] ### Motivation Currently, content that should be restricted from viewing cannot be kept on wiki, unless the entire wikis is restricted from viewing. Allowing users to store more secure information on wiki would * Eliminate the need for keeping separate wikis (eg CheckUserWiki) * Allow information that should only be visible to certain users to be stored on wiki (eg for #wikijournals) * Allow non-WMF wikis to manage information visibility in a more fine-tune manner * Be required to convert AbuseFilter filters to wikipages while maintaining visibility restrictions T227595 * Restricted task T160266 ##### Requirements * System administrators must be able to configure read restrictions for individual namespaces (not individual pages, for now) * Extensions must be able to specify read restrictions for added namespaces * Restrictions must prevent views without the proper rights from viewing the content, history, or logs for a page, including in recent changes, via the api, and in other users' contribution histories ------- ### Exploration //(Proposals and considerations will be documented here.)// {T230668} has some background, as does {T156788} For efficient caching, pages in view-protected namespaces should not transcludable https://gerrit.wikimedia.org/r/#/c/mediawiki/core/+/585322/ is a proof of concept patch that allows such configured read restrictions for namespaces, and applies those restrictions to viewing RecentChanges, viewing Contributions, and attempting to perform actions on an article, including viewing it [1] Per https://www.mediawiki.org/wiki/Developers/Maintainers * #core_platform_team is responsible for configuration and page protection * #contributors-team is responsible for user management