This page is a translated version of the page Staff group and the translation is 63% complete.

某些维基媒体基金会的受薪雇员会被加入到职员用户组。该用户组拥有一些特殊的技术或法律方面访问权。

背景

維基媒體基金會一直在評估職員用戶組的成員以最小化這類極度專業工具的擴散。職員用戶組的成員資格會持續不斷地重新評估,以確保某一成員獲得的工具是其確實所需的。當一名成員在一段時間內不再需要職員權限,或某些行為觸發了風險評估時,這些重評估將是良好安全措施的一部分。

以前,是否擁有職員權限相對隨意,通過咨詢負責這些權限的員工決定。後來,相關處理進程已經正式化以防止濫用和誤用職員權限。要取得職員權限,需要一位上級審核(意味著新部門員工需要主管級的審核,新經理需要C級審核)、一份書面的用權範例備案,定期對相關權限進行複審以確保其用權符合前述範例、一個簡短的訓練課程以解釋相關權限的正確和錯誤使用和一份對職員權限附帶的權限和責任的書面確認信。

以前,防止濫用的保護措施很少。現在,我們在系統內部署了許多制衡措施。例如,在英文維基百科,仲裁委員會會複審所有日誌操作並與Jan(基金會負責授權的職員)討論問題操作以確保其符合方針。在其他維基計劃沒有此類委員會,信任與安全(T&S)團隊會審查職員行為。這已經導致了部分職員受到紀律處分,故此是措施不是空談。

分配

職員的權限是由全域信任與安全團隊負責人和負責申請員工權限的維基媒體基金會二級經理所管理。

维基媒体监管员职员添加或删除职员全域用户组的权限(former link),他们还将根据全域信任與安全團隊負責人或其指定人员的要求,添加或删除工作人员全球用户组的用户账户。没有要求证明社区已达成共识,也没有要求证明上述要求(包括批准)。

Rationale and responsibility of advanced permissions assignment for Wikimedia Foundation staff are currently recorded in a locked Google spreadsheet. A mirror of that page can be found at WMF Advanced Permissions.

權限

下表列出了职员用户组可用的用户权限,并解释了职员必须拥有这些权限的原因。

用户权限 目的
abusefilter-access-protected-vars ...
abusefilter-hidden-log ...
abusefilter-hide-log ...
abusefilter-log-detail ...
abusefilter-log-private ...
abusefilter-modify ...
abusefilter-modify-global ...
abusefilter-modify-restricted ...
abusefilter-privatedetails ...
abusefilter-privatedetails-log ...
abusefilter-protected-vars-log ...
abusefilter-revert ...
abusefilter-view ...
abusefilter-view-private ...
apihighlimits phab:T293431
autoconfirmed ...
autopatrol ...
bigdelete At times, the T&S or technical team need the ability to delete pages with a high number of revisions for technical reasons, or for legal compliance reasons.
block ...
blockemail ...
browsearchive ...
centralauth-merge ...
centralauth-unmerge ...
centralnotice-admin ...
checkuser The T&S team uses this right for legal compliance (subpoena, etc.) and safety reasons (investigations of threats)
checkuser-log The T&S team uses this right for legal compliance (subpoena, etc.) and safety reasons (investigations of threats)
checkuser-temporary-account-log ...
checkuser-temporary-account-no-preference T367170
delete The T&S team uses this right for legal compliance and copyright purposes.
deletedhistory The T&S team uses this right for legal compliance and copyright purposes.
deletedtext The T&S team uses this right for legal compliance and copyright purposes.
deletelogentry The T&S team uses this right for legal compliance purposes.
deleterevision The T&S team uses this right for legal compliance and copyright purposes.
edit ...
editcontentmodel ...
editinterface The T&S team uses this right for legal compliance and copyright purposes (i.e., to change the copyright notices, etc.). Other staff members use it to support the development of other projects and technical initiatives.
editprotected ...
editsemiprotected ...
editsitecss ...
editsitejs ...
editsitejson ...
editusercss

This was done for a couple of reasons.

First, we have had times when we saw a user insert some code in their own user.js and user.css files that really shouldn't be there, and then propagate that code out to the wikis by adding a transclusion from their own user files to, for instance, Mediawiki:Common.js of a smaller wiki, and thereby add google tracking code, for instance. This allows staff to easily (and in a logged fashion) remove such code.

Second, in order to include a stylesheet for those users who hold staff rights which colors red the interface buttons for things that they really shouldn't touch without a REALLY good reason (i.e., the execute checkuser button).

This is a reminder for new staff who didn't come from the community that these are specialized rights, and not everyone has access to them, and serves as a mental "speedbump" against using them.
edituserjs
edituserjson
extendedconfirmed ...
flow-create-board ...
flow-delete ...
flow-edit-post ...
flow-hide ...
flow-suppress ...
gadgets-definition-edit ...
gadgets-edit ...
globalblock-exempt ...
globalblock-whitelist ...
hideuser ...
import ...
importupload ...
ipblock-exempt ...
ipinfo ...
ipinfo-view-full ...
ipinfo-view-log ...
managementors ...
move ...
move-rootuserpages ...
move-subpages ...
movefile ...
movestable ...
mwoauthmanageconsumer ...
mwoauthmanagemygrants ...
mwoauthproposeconsumer ...
mwoauthsuppress ...
mwoauthupdateownconsumer ...
mwoauthviewprivate ...
mwoauthviewsuppressed ...
noratelimit ...
nuke ...
oathauth-disable-for-user ...
oathauth-enable ...
override-antispoof ...
patrolmarks ...
protect ...
purge ...
reupload ...
reupload-shared ...
review ...
rollback ...
sendemail ...
setmentor ...
skipcaptcha ...
stablesettings ...
suppressionlog ...
suppressredirect ...
suppressrevision ...
tboverride ...
tboverride-account ...
templateeditor ...
transcode-reset ...
transcode-status ...
unblockself ...
undelete ...
unwatchedpages ...
upload ...
upload_by_url ...

參見