User:KuduIO/Adoption/Lessons/Permissions

Permissions
In order to keep the wiki running efficiently, some users have additional abilities (permissions) beyond those of basic users. These abilities are used for the maintenance of the site, but because of the potentially dangerous nature of these abilities, they are only given to trusted users.

The page here shows a table listing the rights of all types of users. I'll briefly cover the abilities of each type here, as well as how people get these abilities.

For the purposes of this tutorial, "permission" and "right" will refer to abilities, and "flag" and "group" will refer to the user groups which grant certain abilities.

Unregistered
Unregistered users have the lowest access levels. Because this is a wiki, they can still edit the site, but they are only able to edit pages which have not been protected or semi-protected. They cannot move pages (rename them) and they cannot create new pages that are not in their own userspace or in the Talk: namespace. They are sometimes referred to as "IP editors" or "anonymous users".

New accounts
New accounts are able to create pages, however are unable to move pages, or edit semi protected pages, as they have not been "autoconfirmed". For security reasons, an account must be at least four days old, and have 10 edits to make use of the privileges granted to autoconfirmed users. Count: (including autoconfirmed)

Established accounts (Autoconfirmed)
Autoconfirmed users have normal access levels to the site. They can edit any page that is not fully protected, they can move and create pages, and upload files. Again, users must hold an account for four days, and have made at least 10 edits, in order to use these features.

Rollbackers
Admins and other users who have been granted the "rollbacker" flag are given the ability to revert multiple edits by a single editor at once. This tool is accessible within a user's contributions, page histories, and diff screens, and adds an extra [ rollback ] link to the page. When this link is clicked, the page will be reverted back to the last revision made by a user other than the one being rolled back. Since January 9, 2008, this tool can be granted by administrators to non-administrators. Use of this tool is, as with other permissions, "no big deal," as this permission can be duplicated with tools such as WP:TW which can be freely used. Despite this, the tool should only be used against vandalism, as specified in the rollback policy, and should not be used in content disputes or to violate WP:3RR. Count:

Account Creators
Some of those who actively volunteer at Wikipedia account creation have their accounts "flagged" with the account creator group. This enables them to create more than 6 accounts every 24 hour period which is currently restricted for those who don't possess the sysop (see below) or account creator privileges. This 6 account a day quota was implemented to prevent the problematic use of multiple account creations. Additionally, account creators can override the anti-spoof check enabling them to create accounts that are similar to existing usernames another task that the average user is unable to perform. Please note that not all users who have access to the account creation tool have the account creator flag. This tool can be granted by administrators to non-administrators at WP:PERM. Count:

Autopatrolled
This is designed for those who actively create new articles, and is designed to reduce the workload of new page patrollers. With this user right active, articles created by a user are not listed at Special:NewPages and the articles are automatically marked as patrolled. It means that the user can be trusted not to submit inappropriate material, deliberately or otherwise, and that the user submits new material often enough that it is more efficient to mark it all as approved preemptively. Count:

IP Block Exempt
Occasionally, users who are in good standing will be affected by a block that was applied to another user. This is called an autoblock, and is automatically placed by the software to the IP address a blocked user last edited from, and any additional IP addresses they use while blocked. These are intended to prevent the blocked user from evading their blocks, but can affect others on a shared IP. If this happens to a user on a regular basis, or they are caught in a hard rangeblock, or for some exceptional reason need to edit from a blocked proxy, they can be granted the IP Block Exempt right if they meet certain conditions outlined at WP:IPBE. This permission is usually requested through an unblock request, and is removed as soon as it no longer becomes necessary. Users with the right may be "checkusered" (see below) occasionally to ensure it is not being abused. Count:

Administrators / Sysops
Administrators have much greater access compared to the average user. When approved to use the sysop tools, they have the ability to delete and restore (undelete) pages. In order to combat vandalism, they have access to a wider range of access tools - Automatic access to the "rollbacker" permission described above; The ability to grant rollbacker, account creator, IP block exemption permissions to other users; A special page called "UnwatchedPages", which shows a list of pages not on anyone's watchlist; the ability to protect and unprotect pages, locking a certain revision in place until someone with the authority to do so edits it (sysops can edit any protected page); the ability to view deleted contributions; and the ability to block a user for a defined or indefinite amount of time. They are also able to make changes to the MediaWiki interface, changing what users see when they edit a page or view special pages. Users obtain a sysop flag by entering and passing the Requests for Adminship process, where registered users decide by consensus if a user can be trusted with the tools. Generally, a minimum of 70% support is required to pass, however the exact amount varies on a case-by-case basis. Count:

Bureaucrats
Bureaucrats have control over the "nuts and bolts" of permissions, hence the crossed wrenches in their logo. They retain the ability to alter a user's permissions, but only when promoting users to admin or bureaucrat status. They are not able to demote users or grant further access levels — only stewards can. They can also alter a bot's access levels and rename accounts. Bureaucrats are selected through a process similar to that of admins, Requests for bureaucratship, although the process is much more rare and requires a significantly higher consensus. Count:

CheckUser
The CheckUser tool allows a user to check if an account is a sockpuppet of another, by being able to access which IP address an account has accessed the project from and when. The tool is only to be used when there is a specific need for it - a controversial and disruptive case of sockpuppet abuse. Requests for checkuser is where people may request use of the tool, however the ability to use it is generally granted by invitation only, or in rare cases by the Arbitration Committee. This is a special permission only granted to specific users and is not included with other access levels. Count:

Oversight
The oversight tool allows a user to hide a certain revision from the view of even admins - essentially deleting that one specific revision from the page history. This is done for very rare cases, generally pertaining to legal reasons such as private personal information, libelous content, or copyrighted information. This tool is only granted to users with a particular need for the tool, generally current or former members of the Arbitration Committee, as use of the tool requires a very good legal reasoning, as it is essentially an "oversight" of the requirements of the GFDL. This is a special permission only granted to specific users and is not included with other access levels. Count:

Stewards
Stewards have full access to a user's permissions. They have the ability to grant and revoke any higher access level, including sysop, bureaucrat, checkuser, oversight, steward, and bot access, on any project in any language. Stewards are elected by the Wikimedia Board of Trustees (with one exception, Chair Emeritus and Steward Jimbo Wales, who was simply appointed) annually or as needed. Stewards will generally carry further access levels on their main project, but the access level of "steward" only grants them the ability to mess around with permissions. Count: 37

These permissions are all critical to the operation of the Wiki, however it should be kept in mind that not having (or having) one of these access levels really is no big deal. The important thing about a wiki is that you are able to edit it as needed, not that you can limit the ability of others to do so. If a higher access level is granted to you, however, you should always remember that it was granted in the spirit of trust, and that you are expected to use the tools only as needed and always fairly.

See this list for info on some other less common user rights.

The assignment
Read through this lesson, then leave a message on my talk page with the answer to these questions (please do not copy your answer from the lesson above):
 * 1) What is a permission?
 * 2) What pages are unregistered users able to edit?
 * 3) What is an autoconfirmed account?
 * 4) What permissions do registered accounts have (that IPs don't)?
 * 5) Who can grant rollback?
 * 6) What does rollback enable you to do?
 * 7) What should you not use rollback for?
 * 8) What can account creators do?
 * 9) If you have the IP block exemption user right, what does it allow you to do?
 * 10) What does the autopatrolled user right allow you to do?
 * 11) What are administrators able to do?
 * 12) How do you request adminship?
 * 13) What are bureaucrat's main duties?
 * 14) What technical abilities do stewards have?
 * 15) What does checkuser enable a user to check?
 * 16) What is oversight?
 * 17) What type of a user must you be to be granted oversight?

Note to adopters: The correct answers are on the talk page.