Phabricator/Permissions/pl

Role i uprawnienia w phabricator.wikimedia.org.

Użytkownicy anonimowi
Użytkownicy anonimowi mogą przeglądać wszystkie publiczne informacje jako tylko-do-odczytu.

Zarejestrowani użytkownicy
Zarejestrowani (zalogowani) użytkownicy mogą wykonywać wszystkie podstawowe czynności: tworzenie i edycja zgłoszeń, komentowanie, przesyłanie plików i edycję swojego profilu...

Zarejestrować się może użytkownik konta Wikimedia SUL lub Wikimedia LDAP.

ACL groups
Phabricator contain some ACL projects which is used to enforce policy restrictions. The following is a partial list of ACL projects; the description is usually only part of permissions of the groups.

ACL projects are for access control only; they are not meant to be used for task management. Tasks should be added to a corresponding team project (which is public).

Other than those indicated specifically, membership application are handled by tasks in the Phabricator project.


 * Trusted-Contributors
 * A minimal policy control group for access to certain features in phabricator which might be prone to abuse, including "protect as security issue" feature and personal Herald rules.


 * Triagers
 * Have permission of batch edits.


 * acl*Project-Admins
 * See T706 for permission request. Note public projects may be edited by all registered users.


 * acl*repository-admins
 * Create and edit Diffusion Repositories.


 * Policy-Admins and subprojects; acl*sre-team, acl*stewards, acl*otrs-admins, etc.
 * Various "policy admins" projects are used to manage access policies of Phabricator objects (for example, tasks and other projects). They are also used in space policies. Other than dedicated "policy admins" projects, ACL projects may also be created for otherwise defined restricted user groups or WMF teams.


 * acl*phabricator
 * Manages homepage dashboard and global Herald rules.


 * WMF-NDA
 * Access to tasks restricted to some of WMF employee, and volunteers who signed Trusted Volunteer Access & Confidentiality Agreement (see that page for process to sign).


 * acl*security
 * Access to Security issues. Members must be approved by and have 2FA enabled. Darian Patrick i administratorzy Phabricatora mogą zarządzać członkostwem tej grupy. Per T244165, members consist of the following subgroups (Wikimedia Security Team may define additional subgroups):
 * acl*security_bugwrangler
 * For current bugwrangler(s).
 * acl*security_developer, acl*security_documentation, acl*security_legal, acl*security_management, acl*security_product_manager, acl*security_program_manager, acl*security_releng, acl*security_secteam, acl*security_sre, acl*security_trusa
 * Some groups of WMF employees, who have access to security issues for work purposes. NDA is signed as part of Terms of Employment.
 * acl*security_wmde
 * WMDE employees who have access to security issues for work purposes.
 * acl*stewards
 * (Some of) current stewards who have access to security issues.
 * acl*security_volunteer
 * Other volunteer with access to security issues.

Administratorzy
Administrators can do and break a lot, although in Phabricator they are not all-powerful by design. They can access protected data (except your password), and they can make it accessible to others accidentally. However, administrators cannot bypass object access policies.

Z tych powodów możliwość przynależności do grupy Administratorzy jest ograniczona. Nie można zostać administratorem w Phabricatorze bez podpisania NDA. A process to join/leave this team must be defined (currently, please file a task under tag/phabricator/ and explain your reasoning). Also see the (now obsolete) Bugzilla administrator rights policy.

Some tasks (e.g. removing Two Factor Authentication) may not be done by ordinary Phabricator administrators; They may only be performed by people with shell access to Phabricator servers.

Phabricator Training
See the Help page to learn more about using Phabricator.