Configuring user permissions
From Pirates@Home
The Mediawiki software we are using for this glossary has a fairly robust system for controlling user permissions based on giving the permissions to "groups" and then assigning a user to a group.
A list of the available user rights and instructions on how to configure them via groups may be found at Meta:Help:User_rights.
This site is configured such that one has to authenticate to create or edit a page -- anonymous edits are not allowed.
I2U2 Requirements
The I2U2 glossary will be used by high school and maybe even junior high or middle schools students. While we would like to make the glossary open to editing by any participant, we will need some way to control the natural urge of some students to deface the site or play around with the glossary in inappropriate ways. We will use the Pirates@Home glossary as a test of various scenarios and schemes.
Pirates@Home permissions
The current configuration of the Pirates Glossary is that anybody on the Internet can read the glossary, and any authenticated member of the crew can contribute to an existing talk page. Only a member of the crew with non-zero Recent Average Credit (RAC) can create a talk page or edit an article. Only a member of the crew with RAC > 1.0 can create a new article.
This policy is implemented by creating the following permission groups:
- seaman
- A member of the crew with 0.01 < RAC < 1.0 is an ordinary 'seaman', and may edit an existing article, but may not create a new article.
- able_seaman
- A member of the crew is considered to be an able bodied seaman if they have RAC > 1.0. They are allowed to create new pages.
- chief
- Forum moderators on the BOINC project are considered to be a Chief Petty Officer (or chief for short). They may move (rename) articles, and additionally they have the wiki rights "patrol", "rollback", "protect" and "block" so that they can prevent mischief from the crew.
- officer
- Officers have the same rights as a chief, along with "userrights" and "createaccount" so that they can manage the crew and their work. These are the administrators for the BOINC project.
- brig
- A BOINC user who has been banned from the discussion forums is considered to be in the brig and can only read the wiki, but not edit, not even talk pages. Their status will revert back within an hour after the end of their suspension.
These policies may change from time to time as we test out the new authentication plug-in.
Technical Notes
Definitions of general group permissions are set in the file 'LocalSettings.php, but the specifics of the policy outlined above have been moved to a separate file, PiratePermissions.php.
A user who is a member of the "SysOp" group can do just about anything, including granting permissions to other users by making them members of a group. A user who is a member of the "bureaucrat" group can change the group assignments of other users (including making them SysOps, so this needs to be controlled). Most users are members of the group "user", which has the 'normal' set of permissions.
