:Access Control Guide

From Agony Unleashed
Revision as of 22:39, 4 December 2007 by Jaku Lonaru (Talk | contribs) (Namespaces)

Jump to: navigation, search

Access Control Guide

Each of the user classes in the Agony e107 site are translated into a group in the wiki site. All permissions granted to users are based on these groups.

Access to a page is controlled in three ways: Categorization, Namespace, and Authorship.

Categories

Any wiki page can be categorized by adding special text to the page. This special text isn't displayed where it's placed, but does result in the category being listed at the bottom of the page. To add a category to a page insert text that follow this form "[[Category:Name]]". Here's an example:

[[Category:Public]]
==Main title of page==
Some text in page

Only some categories are considered access control categories. For the full list see Access Control Categories

For read access a user must have read permission for at least one of the assigned access control categories for a page.

For all other permissions (edit, move, etc...) a user must have that permission for ALL assigned categories for a page.

In order to add or remove a category from a page, the user, in addition to being able to edit the page, must also posses "create" permission for all currently assigned categories including the category(s) being added/removed.

Namespace

Every page in the wiki belongs to a namespace. The namespace a page belongs two is usually determined by the presence of a prefix in the name. For example Agony:Main_Page is a page in the Agony namespace. Pages with no prefix are placed in the main namespace. However, namespaces cannot be created just by adding a Namespace: prefix. Namespaces have to be configured by the site owner. Any page with a Namespace: prefix that isn't recognized will be placed into the main namespace.

Certain namespaces are treated as exclusive. This means that in order to read/edit a page in an exclusive namespace, read/edit permission for both the namespace AND any access control categories is required. This means that it is not possible to make a private namespace page public just by adding the Category:Public category.

Each regular content namespace also has a separate "talk" namespace. Every page can have an associated "talk page. The talk page has the same name as the regular page but has "_talk" appended. You normally get to the talk page by clicking the "Discuss" link at the top of the page.

Authorship

Authorship of a page is only considered when a page has no access control categories and is part of a namespace with no access control constraints. In that case a page is only accessible to the creator of the page and then only if the creator is the only editor.

Permissions

Permissions Description
read Permission to read an article.
edit Permissions to edit an article
move Permission to rename an article. This is required for both the source and destination name.
create

Permission to create an article.

Permission to add or remove an access category.

createtalk Permission to create a talk page.
talk Permission to make comments on a talk page.
delete Permission to delete/undelete a page.


Access Control Categories

Category Description
Category:Public Pages with this category are public and are readable by anyone with a browser and access to the internet. Lieutenants can comment on existing talk pages, and Lt. Commanders can create, edit and move public content and create talk pages.
Category:Agony Pages with this category can only be viewed by Agony members. Ensigns can make comments on existing talk pages, Lieutenants can create talk pages, and Lt Commanders can create, edit and move pages.
Category:Agony/Restricted Pages with this category can only be read and edited by Lt. Commanders and above.
Category:Agony/Leadership Pages with this category can only be read and edited by Captains and above.
Category:Agony/Leadership/Senior Pages with this category can only be read and edited by Vice Admirals and above.
Category:Agony/Ensign Pages with this category can only be read and edited by Ensigns and above.
Category:Agony/Lieutenant Pages with this category can only be read and edited by Lieutenants and above.
Category:Agony/LtCommander Pages with this category can only be read and edited by Lt. Commanders and above.
Category:Agony/Commander Pages with this category can only be read and edited by Commanders and above.
Category:Agony/Captain Pages with this category can only be read and edited by Captains and above.
Category:Agony/ViceAdmiral Pages with this category can only be read and edited by Vice Admirals and above.
Category:Agony/SquadronAdmiral Pages with this category can only be read and edited by Squadron Admirals and above.
Category:Agony/OperationsAdmiral Pages with this category can only be read and edited by OperationsAdmirals and above.
Category:Agony/Alpha Pages with this category can only be read and edited by Alpha Squadron Members.
Category:Agony/Alpha/Leadership Pages with this category can only be read and edited by the Alpha Squadron Leader.
Category:Agony/Bravo Pages with this category can only be read and edited by Bravo Squadron Members.
Category:Agony/Bravo/Leadership Pages with this category can only be read and edited by the Bravo Squadron Leader.
Category:Agony/Charlie Pages with this category can only be read and edited by Charlie Squadron Members.
Category:Agony/Charlie/Leadership Pages with this category can only be read and edited by the Charlie Squadron Leader.
Category:Agony/Delta Pages with this category can only be read and edited by Delta Squadron Members.
Category:Agony/Delta/Leadership Pages with this category can only be read and edited by the Delta Squadron Leader.
Category:Agony/Echo Pages with this category can only be read and edited by Echo Squadron Members.
Category:Agony/Echo/Leadership Pages with this category can only be read and edited by the Echo Squadron Leader.
Category:PVP_University/BASIC Pages with this category can only be read by PVP-BASIC students. BASIC instructors can manage the content.
Category:PVP_University/WOLFPACKS Pages with this category can only be read by PVP-WOLFPACKS students. WOLFPACKS instructors can manage the content.
Category:PVP_University/COVOPS Pages with this category can only be read by PVP-COVOPS students. COVOPS instructors can manage the content.
Category:PVP_University/FLYBYS Pages with this category can only be read by PVP-FLYBYS students. FLYBYS instructors can manage the content.


Namespaces

Namespace Description
Main Any Agony member may create content in this namespace but the content will only be accessible by the creator until it is categorized.
User Every user has a page in this namespace associated with their account. By default only the user can read or edit this page. A user can grant broader access to their page by adding access control categories.
Project This is a special name space associated with the wiki web site. It's name is determined by the site name. Here's the About page for this web site: Agony Empire:About. This namespace is only editable by Vice Admirals and above, however Lt. Commanders and above may create and comment on talk pages.
MediaWiki This is a special namespace that contains wiki interface information, like user interface messages. This namespace is only editable by the directors.
Template This namespace is intended for special includable pages. If you visit Wikipedia and notice a special box of text at the top of the article this is likely due to inclusion of a template. A template page can be included by adding {{Template:Name}} to the page source. For more on templates see Help:Templates
Help This namespace is intended to contain help pages related to the web site. Pages in this namespace can be viewed by anyone with a browser and access to the internet. content in this namespace is editable by Lt. Commanders and above.
Category This namespace is reserved for categories. If a page for a given category is created, then besides an text, it will include a link to every page that has been assigned that category. If the category is an access control category, then read permission to that category is required in order to view that categories page.
Image This is a special namespace. All uploaded image files (jpg, png, svg) get placed in this namespace. By default an image is viewable only by the user that uploaded it. In order for an image to be viewed by others, the uploader must edit the image page and add one or more access control categories. At this time only lt. commanders and above are allowed to upload images to the wiki.
Agony This namespace is an exclusive namespace and was created to contain content that will always be internal to Agony. Because it is an exclusive namespace it is not possible to accidentally or intentionally grant access beyond agony members. Ensignes and above may read and comment about this content, lieutenants may create talk pages and lt. commanders may create and edit content in this namespace. Only captains and above may rename content in this namespace and only vice admirals and above may delete content in this namespace.
Intel This namespace is an exclusive namespace and was created to contain intelligence related information. So, for example, pages could be created for every alliance, corp and character of interest. Because this namespace is exclusive it is not possible to accidentally or intentionally release content beyond its intended audience. Only lt. commanders and above may may read, edit or create content in this namespace. captains may move content, and only vice admirals may delete content in this namespace.

Transclusion

A page is transcluded if it's contents have been included in another page. See Help:Templates for more on how to do this. Access control checks on the transcluded page are not performed. This means that if a restricted page is transcluded to a public page, anyone will be able to read the transcluded content. For this reason most namespaces have been marked as not allowing transclusion. The only exceptions are the Template and Image namespaces.

Care must always be take when transcluding pages to ensure that unintentional information disclosure is not going to occur.

Declassifying Content

MediaWiki maintains all versions of every page and these versions are accessible to anyone who has access to the current (most recent) version. All versions are contrained by namespace permissions, but only the categories of the current version are checked when determining access to older versions. For this reason, special care must be taken when broadening access to a page.

If access to a page needs to be broadened (declassified) there are three ways to do this.

Copy

  1. Edit the page to remove all restricted content.
  2. Create a new page.
  3. Copy the wiki source from the old page to the new page and make sure the content is appropriate for the intended access level.


Move & Edit

  1. Edit the page to remove all restricted content.
  2. Move the old page to Pagename_restricted
  3. Edit the original page, remove the link and insert the wiki source from the old (now renamed) page.

Delete & Undelete

  1. Edit the page to remove all restricted content.
  2. Delete the page.
  3. Undelete the page, but only check the most recent version.