Page MenuHomePhabricator
Create Task
Maniphest T357762

Grant checkuser-temporary-account-no-preference to the steward group
Closed, ResolvedPublic1 Estimated Story Points
Actions

Description

Per foundation policy, users with the checkuser and steward groups should be automatically granted access. This means that they should not need to check the preference to view temporary account IPs.

Following T356304: Ensure that checkusers and stewards do not have to check a preference for IP reveal right, a right was granted that allows users to view temporary account IPs without needing to check the preference. This was granted to the checkuser group but has not been granted to the steward group as this is a global group and the rights granted to the group are modified using Special:GlobalGroupPermissions.

Acceptance criteria

Related Objects
Search...

Event Timeline

Dreamy_Jazz created this task.Feb 16 2024, 11:46 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 16 2024, 11:46 AM
Dreamy_Jazz added a project: Wikimedia-Site-requests.Feb 16 2024, 11:46 AM
Dreamy_Jazz added a project: Trust and Safety Product Sprint (Sprint Kazoo (Jan 29 - Feb 9 2024)).
Dreamy_Jazz set the point value for this task to 1.
Dreamy_Jazz moved this task from Priority Backlog to In Progress on the Trust and Safety Product Sprint (Sprint Kazoo (Jan 29 - Feb 9 2024)) board.Feb 16 2024, 12:29 PM
Dreamy_Jazz updated the task description. (Show Details)Feb 16 2024, 1:33 PM
Dreamy_Jazz added a subscriber: Urbanecm_WMF.

@Urbanecm_WMF, is this something that you could do?

Dreamy_Jazz updated the task description. (Show Details)Feb 16 2024, 1:35 PM
Dreamy_Jazz added a parent task: T324492: Temporary accounts - MVP.
Urbanecm_WMF added a comment.Feb 16 2024, 1:48 PM
In T357762#9550340, @Dreamy_Jazz wrote:

@Urbanecm_WMF, is this something that you could do?

Sure, done: https://meta.wikimedia.org/w/index.php?title=Special:Log&logid=55126472. I also added the view logs permission, since it makes no sense to add one but not the other. Do we want to enable the permissions for any other global group? staff and ombuds come to my mind as CU equivalents, at least.

(mid-term, we should do global-rollbacker as well, but that's in discussion in the document, and presumably will be tracked in a different task in the future)

Dreamy_Jazz added a comment.EditedFeb 16 2024, 1:51 PM
In T357762#9550377, @Urbanecm_WMF wrote:
In T357762#9550340, @Dreamy_Jazz wrote:

@Urbanecm_WMF, is this something that you could do?

Sure, done: https://meta.wikimedia.org/w/index.php?title=Special:Log&logid=55126472. I also added the view logs permission, since it makes no sense to add one but not the other. Do we want to enable the permissions for any other global group? staff and ombuds come to my mind as CU equivalents, at least.

(mid-term, we should do global-rollbacker as well, but that's in discussion in the document, and presumably will be tracked in a different task in the future)

I'm tempted to ask others before adding to staff and ombuds considering that they are not explicitly listed in the policy. However, my opinion would be to give both the checkuser-temporary-account-no-preference and checkuser-temporary-account-log right to staff and ombuds.

I've asked others and while that is being discussed we can keep this open and expand it to be granting these rights to other global groups.

Dreamy_Jazz reassigned this task from Dreamy_Jazz to Urbanecm_WMF.Feb 16 2024, 1:54 PM
Tchanders edited parent tasks, added: T325451: Implement: Users with right privileges are able to view IP addresses; removed: T324492: Temporary accounts - MVP.Feb 16 2024, 2:11 PM
JJMC89 subscribed.Feb 16 2024, 3:46 PM

Ombuds need to have the same access as CUs (checkuser-temporary-account-no-preference, checkuser-temporary-account-log) to perform oversight/review of CU actions.

Dreamy_Jazz edited projects, added Trust and Safety Product Sprint (Sprint Piano (Feb 19th - 1st March)); removed Trust and Safety Product Sprint (Sprint Kazoo (Jan 29 - Feb 9 2024)).Feb 20 2024, 1:00 AM
Urbanecm_WMF added a subscriber: Tchanders.Feb 24 2024, 3:17 PM
In T357762#9550379, @Dreamy_Jazz wrote:

I've asked others and while that is being discussed we can keep this open and expand it to be granting these rights to other global groups.

Is there any update, please? Also CC @Tchanders.

In T357762#9550966, @JJMC89 wrote:

Ombuds need to have the same access as CUs (checkuser-temporary-account-no-preference, checkuser-temporary-account-log) to perform oversight/review of CU actions.

I agree the right should be granted, but before applying an on-wiki change, waiting for TSP buy-in as well. Either way, this is a preparation for a future release, so it is not particularly urgent.

Tchanders added a subscriber: Madalina.Feb 26 2024, 2:07 PM

@Urbanecm_WMF I've added this to the scope of T356294: Restrict which groups have access to Special:GlobalContributions and updated our private questions document with Legal in the same way.

Right now, this conversation is taking place with Legal - no conclusion yet even on the original scope of that task. @Madalina is overseeing this conversation.

Perhaps we could move this task forward, as long as the outstanding questions are captured in T356294. (I've stalled that task to make status clearer.)

Dreamy_Jazz updated the task description. (Show Details)Feb 26 2024, 2:08 PM
Johannnes89 subscribed.Feb 26 2024, 4:45 PM
Dreamy_Jazz moved this task from Priority Backlog to Needs review on the Trust and Safety Product Sprint (Sprint Piano (Feb 19th - 1st March)) board.Feb 27 2024, 9:43 AM

Closing this task with the understanding that the rest of the unresolved questions are being sent to legal in T356294 makes sense to me. Therefore, we should be able to close this task as long as @Urbanecm_WMF agrees.

Dreamy_Jazz closed this task as Resolved.Mar 5 2024, 5:08 PM
Dreamy_Jazz moved this task from Needs review to Done on the Trust and Safety Product Sprint (Sprint Piano (Feb 19th - 1st March)) board.
JJMC89 mentioned this in T367170: Assign IP reveal rights to certain groups for testwiki rollout.Jun 11 2024, 4:54 PM
Niharika mentioned this in T356294: Restrict which groups have access to Special:GlobalContributions.Wed, Oct 16, 4:25 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits