Requests for comment/Page protection as a component

This RFC addresses a fix for overly tight coupling of MediaWiki core security logic.

Rationale
Make the article protection model easier to maintain and extend.

MediaWiki security does not have a clean interface, so the first to decouple from core code we might as well expose the internal API, then move the implementation into an extension. This will have the great benefit of making it trivial to experiment with improvements to page protection, or for administrators to replace its functionality entirely in favor of a model which better suits site requirements.

Implementation
We can and should proceed incrementally, first creating a security package, then moving functionality in small pieces. Each step must be backwards-compatible with existing logic, hook usages, and configuration, and it must be possible to reverse each patch after it has been deployed.

The core access control system currently in question consist of: a) "protected titles", or a blacklist of titles which are banned and cannot be created; and b) "page restrictions" or "page protection", which prevents editing by role, and can be cascaded to protect all transcluded pages or templates. There is also the basic role-based access. Each of these can be implemented as its own class, under includes/security.

Once the security code has been extracted, followon work to improve the security component will be easier. It might include granularization of permissions, and better internal and external APIs.

Resources

 * RFC discussion: https://tools.wmflabs.org/meetbot/wikimedia-office/2014/wikimedia-office.2014-09-17-21.01.log.html
 * Abandoned: https://gerrit.wikimedia.org/r/23999 - changes to core
 * Abandoned: https://gerrit.wikimedia.org/r/24142 - refactored as an extension
 * https://bugzilla.wikimedia.org/show_bug.cgi?id=40293 - bugtracker for this feature