Some general remarks on user group access as a response to recently expressed irritations:
Our system of access restriction via user groups might seem a little half-baked, because
- there is no systematic overview of the restricted pages and
- there is no obvious possibility to gain access to a restricted page for interested people.
A person who is creating a user group and restricting content to this group can do so almost unhindered. Of course there are active users who are watching ongoing restrictions. But as for the huge majority of the users these processes happen unnoticed. For the average user it is difficult to tell, which content is not accessible for her/him and whom she/he can contact to ask for access.
This is one reason why I suggested to add an overview of the existing usergroups and responsible contact persons to a to-be-created user portal in the wiki. Furthermore, in our last meeting several people suggested to make it more visible, which pages are accessible to all people and which pages are restricted. I support this point of view. These are issues that seem to be very important and that we should bear in mind during the further improvement of the wiki.
In general the creators of the MediaWiki Software did not intend to offer an information management system with access control. That might be a reason why it is difficult to restrict access to content with this software. On the MediaWiki.org pages there are several remarks on this issue, e.g. in the red box on top of this page. MediaWiki.org refers to CMS for the requirement of restricting access to pages and points out that extensions for access restriction do not guarantee that the content really can never be accessed by unauthorised people (or machines, I guess...).
(By the way: In the case of our Wiki there are round about 10 users that are Sysops and therefore are able to access any page - no matter if they are member of the user group that this page might be restricted to.) --Tanja 12:19, 5 March 2008 (CET)
Search for restricted pages
Is it possible to search for all pages, that are restricted to a certain user group? --Nicole 21:44, 30 November 2007 (CET)
- We haven't found a possibility until now :) --Inga 18:12, 3 April 2008 (CEST)
I noticed that WikiSysop added information about the "read-only" feature of the "user group access" plugin. Question: Has this been tested thoroughly in the CoLab context, i.e. many users are listed in more than one usergroup. What is expected to happen, if one page is restricted to 2 usergroups from which 1 has "read-only" privilege, but the user belongs to both groups? I played a bit and found some weird behavior for user Inga (part of group "MPDL" as well as "ViRR", but not of "SUB"):
<accesscontrol>MPDL(ro),,ViRR,,</accesscontrol> -> Inga can access & edit <accesscontrol>MPDL,,ViRR(ro),,</accesscontrol> -> Inga can access & edit <accesscontrol>MPDL(ro),,</accesscontrol> -> Inga cannot access <accesscontrol>MPDL(ro),,SUB,,</accesscontrol> -> Inga cannot access <accesscontrol>MPDL(ro),,SUB,,ViRR,,</accesscontrol> -> Inga can access & edit <accesscontrol>MPDL(ro),,SUB,,ViRR(ro),,</accesscontrol> -> Inga cannot access
- From my perspective it looks like this feature is NOT working and therefore I decided to remove the corresponding passage from the Warming Up. --Inga 18:27, 10 March 2008 (CET)
Before we had this marvelous page CoLab Usergroups, I created the Category:User groups to keep track of the user groups. Unfortunately the categorizing affects the functionality of the access restriction. This can somehow be outsmarted by closing the user's list on the user group page with an irrelevant user name, followed by one or more blank lines above the category syntax. Not the most comfortable and tidy solution I'd say... I suggest to de-categorize the user groups again and to delete the Category:User groups. I think we are good with the page CoLab Usergroups which has even more information and therefore do not need the category anymore. What does everybody else think? Is anybody in need of the category? --Tanja 09:35, 26 June 2008 (UTC)
<accesscontrol> and RSS feeds for Recent Changes
While creating a new "protected" article, please note that the tag <accesscontrol> is ignored by the RSS plug-in. Therefore, following entries are quite common in the CoLab RSS feed:
<item> <title>Accesscontrol test2</title> <link>http://colab.mpdl.mpg.de/mediawiki/index.php5?title=Accesscontrol_test2&diff=30232&oldid=prev</link> <description><p>summary klar</p> <p><b>New page</b></p><div><accesscontrol>MPDL</accesscontrol> <br /> <br /> HIER KOMMT DIE GEHEIME BOTSCHAFT</div></description> <pubDate>Thu, 12 Mar 2009 16:53:55 GMT</pubDate> <dc:creator>Inga</dc:creator> <comments>http://colab.mpdl.mpg.de/mediawiki/Talk:Accesscontrol_test2</comments> </item>
You can avoid this behavior by creating/saving a page including the <accesscontrol> first and adding the content in a second step. --Inga 17:12, 12 March 2009 (UTC)