https://bugzilla.wikimedia.org/show_bug.cgi?id=52723
--- Comment #43 from Kunal Mehta (Legoktm) <[email protected]> --- (In reply to comment #39) > (In reply to comment #37) > > Is the current thinking to give users on any wiki the right to use > > Special:MassMessage to spam users on any other wiki? > > Yes. The design idea here was that this is already possibly by any user. > Anyone > can open up a bunch of browser tabs and post to dozens of wikis quickly > without > even logging in. Or, for example, I've been posting to hundreds of wikis for > years without a privileged account using only a very simple Python script. It might be worth noting that the MassMessage bot account used automatically adds itself to the 'bot' group, but isn't able to override full protections or anything like that. > > > It seems to me you'd want something like: > > > > * Users on Meta can trigger cross-wiki notifications; > > * Users on any other wiki can only trigger local notifications. > > This was considered and it's probably easy enough to implement these > restrictions, but as I said above, I'm not sure they're necessary. An initial version of the extension had this differentiation, but it was removed in https://gerrit.wikimedia.org/r/#/c/78047/. I don't mind revisiting the concept either (file a bug for it?), as it wouldn't be hard to implement technically. > My view was > to take a "wait and see" approach. If local administrators begin to abuse or > misuse the tool, we can always add in restrictions later. > > > Otherwise you end up with an audit trail mess. Having a single log in one > > place and a single place to set policy around these things seems highly > > desirable. I actually wrote [[mw:Extension:CentralLogging]] for this problem a while back, but it wouldn't work in the WMF environment. > The bot currently provides an audit trail by (optionally?) appending an HTML > comment containing the originating wiki, message sender's name, etc., I > believe. Lego can confirm this. The audit trail is not optional (though a wiki could choose to blank the message and make it useless). An example is <https://test2.wikipedia.org/w/index.php?title=User_talk:Legoktm&action=edit§ion=2>, which includes the origin wiki, sender, and spamlist used. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
