Phabricator/权限

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page Phabricator/Permissions and the translation is 73% complete.
Outdated translations are marked like this.
Other languages:
English • ‎español • ‎polski • ‎português • ‎čeština • ‎پښتو • ‎ไทย • ‎中文 • ‎日本語

phabricator.wikimedia.org上的角色和权限。

匿名用户

匿名用户可以只读查看所有公开信息。

注册用户

注册用户可以执行所有常见操作:创建和编辑任务、评论、上传模型和文件、编辑他们自己的个人简介...

任何维基媒体SUL用户和维基媒体LDAP用户可以注册。

ACL groups

Phabricator contain some ACL projects which is used to enforce policy restrictions. The following is a partial list of ACL projects; the description is usually only part of permissions of the groups.

ACL projects are for access control only; they are not meant to be used for task management. Tasks should be added to a corresponding team project (which is public).

Other than those indicated specifically, membership application are handled by tasks in the Phabricator project.

Trusted-Contributors
A minimal policy control group for access to certain features in phabricator which might be prone to abuse, including "protect as security issue" feature and personal Herald rules.
Triagers
Have permission of batch edits.
acl*Project-Admins
Create projects. See phab:T706 for permission request. Note public projects may be edited by all registered users.
acl*repository-admins
Create and edit Diffusion Repositories.
Policy-Admins and subprojects; acl*sre-team, acl*stewards, acl*otrs-admins, etc.
Various "policy admins" projects are used to manage access policies of Phabricator objects (for example, tasks and other projects). They are also used in space policies. Other than dedicated "policy admins" projects, ACL projects may also be created for otherwise defined restricted user groups or WMF teams.
acl*phabricator
Manages homepage dashboard and global Herald rules.
WMF-NDA
Access to tasks restricted to some of WMF employee, and volunteers who signed Trusted Volunteer Access & Confidentiality Agreement (see that page for process to sign).
acl*security
Access to Security issues. Members must be approved by Wikimedia Security Team and have 2FA enabled. 參見Access To Security Issues以了解群組成員。 Per phab:T244165, members consist of the following subgroups (Wikimedia Security Team may define additional subgroups):
acl*security_bugwrangler
For current bugwrangler(s).
acl*security_developer, acl*security_documentation, acl*security_legal, acl*security_management, acl*security_product_manager, acl*security_program_manager, acl*security_releng, acl*security_secteam, acl*security_sre, acl*security_trusa
Some groups of WMF employees, who have access to security issues for work purposes. NDA is signed as part of Terms of Employment.
acl*security_wmde
WMDE employees who have access to security issues for work purposes.
acl*stewards
(Some of) current stewards who have access to security issues.
acl*security_volunteer
Other volunteer with access to security issues.

管理员

管理员可以做很多事,并破坏它们,虽然从设计上讲他们在Phabricator中不是万能的。 他们可以访问受保护数据(除了您的密码)、并且他们可以在意外情況下向他人提供其访问权。然而,管理员不能绕过对象存取方針。

由于这些原因,管理员组的成员非常有限。 没有人可以在不签署NDA的情况下成为Phabricator的管理员。 加入/离开此团队的过程必须被定义(目前,請在phab:tag/phabricator/下提交任務並解釋你的原因)。 另请参见(已过时)Bugzilla管理员权限方针

Some tasks (e.g. removing Two Factor Authentication) may not be done by ordinary Phabricator administrators; They may only be performed by people with shell access to Phabricator servers.

Phabricator培训

参见帮助页面以了解更多有关使用Phabricator的信息。