User:Huji/Protection

This page contains the ideas we (I and IAlex) have about how to improve Page Protection feature.


 * The phrases  'edit'  and  'move'  are hard coded in some parts, such as Title::isProtected and Skin::makeGlobalVariablesScript while they should be changed to the equivallent item from $wgRestrictionTypes array.
 * The newly added permssion,  'editprotected' , should be implemented in its correct and secure way, to allow different groups of users to edit a protected page without having the right to protecte pages.
 * Care should be given to the fact that users with  'editprotected'  permission who don't have  'protect'  permission shouldn't be allowed to edit a page which is protected with cascading option on; otherwise, they can transculde a second page and actually protect it, without having the right to protect pages.
 * An appropriate error message should be shown when the above senario happens, so the user with  'editprotected'  permission would know why he can't edit/save the page.
 * The whole protection code should be rewritten in some parts; it still looks like it is treating "groups" rather than "rights".
 * The phrase  'sysop'  is hardcoded in some places (including documentation) which can be (?) replaced with a better word
 * (As we ended up with some nested IF clauses in our preliminary patches, we think that perhaps) some conditional clauses can be moved to a separate method, instead of being hard-coded over and over again.