Wikipedia:Interface administrators: Difference between revisions
m Adding <br> |
I am not sold on this being an improvement on this page. We have not had an issue of disruption (which may have caused a similar addition elsewhere?) |
||
| Line 3: | Line 3: | ||
{{Procedural policy|WP:INTADMIN|WP:IADMIN}} |
{{Procedural policy|WP:INTADMIN|WP:IADMIN}} |
||
{{Nutshell|'''Interface administrators''' are highly trusted users able to edit all CSS/JS/JSON pages, gadgets, and MediaWiki messages.}} |
{{Nutshell|'''Interface administrators''' are highly trusted users able to edit all CSS/JS/JSON pages, gadgets, and MediaWiki messages.}} |
||
{{INTADMINRightPlace}} |
|||
<br> |
|||
[[File:Wikipedia Interface administrator.svg|right|150px]] |
[[File:Wikipedia Interface administrator.svg|right|150px]] |
||
Revision as of 01:47, 31 January 2020
 | This page documents a procedural policy of Wikipedia. It documents various processes by which the English Wikipedia operates. |
 | This page in a nutshell: Interface administrators are highly trusted users able to edit all CSS/JS/JSON pages, gadgets, and MediaWiki messages. |
Interface administrators (interface-admins) are users who can edit all Cascading Style Sheets (CSS), JavaScript (JS), and Javascript Object Notation (JSON) pages[1] and pages in the MediaWiki namespace. They are the only local user group with the ability to edit all CSS/JS pages.[2] These pages are executed by the browser of wiki editors and readers as code, which can be used to change how content is styled, change the behavior of pages, or even create complex tools to help with editing.
The ability to edit CSS/JS that is executed in other users' browsers is very powerful and extremely dangerous in the hands of a malicious user; interface administrators should be users who are highly trusted, have at least a basic understanding of CSS and JS, are aware of the privacy expectations of Wikimedia wikis, and have a decent understanding of how to secure their accounts (such as choosing strong and unique passwords and avoiding malware infection). The WMF Office requires all interface administrators to use two-factor authentication.[3]
There are currently 9 interface administrators (including one interface-admin bot). If you need assistance from an interface administrator, you can make a request at the Interface administrators' noticeboard. Note there is a similiar global group, who may use their access subject to the global rights policy.
Process for requesting
Per community discussions, interface admin rights may be granted only to existing administrators.[4][5] The Wikimedia Foundation requires interface administrators enable two-factor authentication (2FA) for legal and security reasons.[6]
- Venue: Wikipedia:Bureaucrats' noticeboard
- Process: Admin makes a request, with a rationale, at the bureaucrats’ noticeboard, to request interface administrator access. The request will remain open for 48 hours for first-time requests. Re-admin requests, not under a cloud, will not have a waiting period. No notice at other noticeboards is required. Bureaucrats may inquire about why admins are requesting access at their discretion. Editors may discuss the applicant, but the final decision rests with the reviewing bureaucrat. Bureaucrats may not assign access to themselves.[4]
- Duration of right: Permanent by default, can be temporary if requested.[7]
Removal of permissions
Permission should be removed by bureaucrats in the following circumstances:[7]
- Interface administrators who have made no edits or other logged actions for at least 2 months or who have made no edits using the permission for at least 6 months should have the user right removed.
- Voluntary request by the interface administrator at the bureaucrats' noticeboard.
- After misuse of the access by consensus (e.g. at Wikipedia:Administrators' noticeboard).
- Upon removal of administrator access, for any reason.
- By request of the Arbitration Committee.
Bots
Any bot operator requesting access for their bot(s) must permanently possess the user right themselves.[7]
All bot operators are required to enable 2FA for their bot accounts and create a strong account password, and are strongly urged to use OAuth for maximum security. Bureaucrats and BAG members may ask bot operators to enforce these security measures at their discretion.
Technical access
Interface administrators have full abilities with all CSS and JS pages that are located in the MediaWiki namespace or within the user space of other editors; administrators who are not interface administrators have the ability to view and delete those pages only. They also cannot view the deleted history of CSS or JS pages in those areas (even if they were the user who deleted it), nor can they restore any deleted revisions of those pages. Both regular administrators and interface administrators have full abilities with JSON pages in the MediaWiki namespace or within the user space of other editors.
Template:Interface administrators access table
Notes
- ^ Sitewide pages, such as MediaWiki:Common.js or MediaWiki:Vector.css, or the gadget pages listed on Special:Gadgets, and other user's subpages
- ^ Any administrator can edit other pages in the MediaWiki namespace and all JSON pages, and all registered users may edit their own personal js/css/json pages as used by Wikipedia:User scripts.
- ^ WMF 2FA requirement as published on metawiki.
- ^ a b Limited to administrators in this September 2018 RfC
- ^ Limited to administrators in this October 2018 RfC
- ^ Meta:Interface administrators: "For legal and security reasons, the Wikimedia Foundation has decided that Two factor authentication is required for this role on all projects".
- ^ a b c This process was approved in this RfC.