Jump to content

Manual:Establishing a hierarchy of bureaucrats

From mediawiki.org

It may be desirable to have a hierarchy of bureaucrats. That way, if one of them goes rogue, they will not be able to remove user rights from all other bureaucrats, unless they are of the highest rank. Bureaucrats can, thus, be given different ranks depending on how trustworthy they are deemed to be.



Under this system, the ranks and powers are as follows:

Rank Can add or remove
Colonel Majors, Captains, Lieutenants, Sysops
Major Captains, Lieutenants, Sysops
Captain Lieutenants, Sysops
Lieutenant Sysops



Especially on wikis that have low standards for promoting users to sysop (e.g. on some wikis, users can become sysop within days or hours of creating an account), some users might be trustworthy enough to be allowed to add and/or remove user rights from sysops (as long as these user rights actions are subject to being reversed by other bureaucrats, and as long as there are higher-ranking bureaucrats around who can strip them of their rank if they abuse their powers), but not trustworthy enough to have power to assume total control. This is especially important in situations in which the site owner may be absent for long periods, and not able to access the server to reverse the rogue bureaucrat's coup.

Alternative options


An alternative to this approach is to establish a system like Wikipedia's in which bureaucrats can add users to groups, but only stewards can remove users from groups. A drawback to this is that a rogue bureaucrat could still wreak havoc by adding a large number of unsuitable sysops, or a rogue sysop could wreak havoc by taking a large number of inappropriate sysop actions, before a steward has a chance to intervene. On a large site like Wikipedia that has high standards for promoting users to superuser status and many stewards, any of whom is likely available at any given moment, this is not such a problem. On smaller sites, or those with laxer standards for promoting users to superuser status, it could be an issue. A hierarchy enables a more precise calibration of user rights to trustworthiness and helps ensure that each level of superusers has plenty of oversight, without granting too many people expansive and unchecked powers over the wiki.



There are a few subtleties involved in this process. For one, it is not enough to merely add the different levels of bureaucrats to $wgAddGroups and $wgRemoveGroups; a permission must also be set using $wgGroupPermissions before they will show up in Special:UserRights. In this example, the officers are all given the powers of sysops (as defined by the default configuration) and the four levels of bureaucrats are colonels, majors, captains, and lieutenants. Also, the code should be placed at the end of LocalSettings.php, after the require_once lines for extensions such as Renameuser or DeleteBatch, so that the code eliminating the bureaucrat group will not be overridden by their default group permissions.

Establish the new groups


Start by adding this code to the end of LocalSettings.php:

// Colonels can add or remove whatever groups they wish
$wgGroupPermissions['colonel']['userrights'] = true;
// Majors, Captains and Lieutenants can only add or remove groups lower-ranking than their own
$wgAddGroups['major'] = array ( 'captain', 'lieutenant', 'sysop' );
$wgRemoveGroups['major'] = array ( 'captain', 'lieutenant', 'sysop' );   
$wgAddGroups['captain'] = array ( 'lieutenant', 'sysop' );
$wgRemoveGroups['captain'] = array ( 'lieutenant', 'sysop' );   
$wgAddGroups['lieutenant'] = array ( 'sysop' );
$wgRemoveGroups['lieutenant'] = array ( 'sysop' );
// Give all these officers sysop powers.
$wgHierarchyGroups = array (
foreach ( $wgHierarchyGroups as $thisGroup ) {
	foreach ( $wgGroupPermissions['sysop'] as $thisSysopPermission => $thisSysopValue ) {
		if ( $thisSysopValue === true ) {
			$wgGroupPermissions[$thisGroup][$thisSysopPermission] = true;

Transfer permissions from bureaucrats to other groups


Take a look at your Special:UserGroupRights page and consider what rights, presently assigned to bureaucrats (e.g. renameuser, deletebatch, etc.) you want assigned to another group besides bureaucrat. Take care of that by adding the appropriate code to LocalSettings.php, e.g.:

// Give colonels the permissions formerly assigned to bureaucrats
$wgGroupPermissions['colonel']['renameuser'] = true;
$wgGroupPermissions['colonel']['deletebatch'] = true;

Add users to the new groups, remove users from the bureaucrat group, and abolish the bureaucrat group


Login to your bureaucrat account, go to Special:UserRights, and add whatever users you want to be colonels, majors, captains, lieutenants, etc. to those groups. Then remove all the bureaucrats from the bureaucrat user group. Make sure you add yourself, or whoever is going to be in charge, to the colonel group before removing yourself from the bureaucrat group, or else you will have stripped yourself of the user rights permissions needed to finish the transition to the new hierarchy. When you are done with that, add this code to LocalSettings.php to abolish the bureaucrat group entirely:

// Get rid of the bureaucrat group
unset ( $wgGroupPermissions['bureaucrat'] );
unset ( $wgRevokePermissions['bureaucrat'] );
unset ( $wgAddGroups['bureaucrat'] );
unset ( $wgRemoveGroups['bureaucrat'] );
unset ( $wgGroupsAddToSelf['bureaucrat'] );
unset ( $wgGroupsRemoveFromSelf['bureaucrat'] );

If you end up with any stray bureaucrats still in the user_groups table, you can run this SQL query:

DELETE FROM user_groups WHERE ug_group='bureaucrat';

See also