Steward handbook

From Meta, a Wikimedia project coordination wiki

(Redirected from SH)
Jump to: navigation, search
Stewards Steward handbook
Shortcut:
SH
This page documents steward tools, and provides guidelines and suggestions about their use. See also CheckUser, oversight, and steward policies. For discussion of steward activity, see the Stewards' noticeboard.
Stewards

Contents

[edit] User groups & rights adjustment

[edit] Single wikis

Screenshot of Special:Userrights.

Stewards can use Special:Userrights on Meta to adjust users' access on any Wikimedia project by adding them to (or removing them from) local groups. Each group is assigned a set of rights in the MediaWiki configuration, listed by Special:ListGroupRights on each wiki.

  1. Enter the user name.
    • The format must be "Username@database_prefix" (for users on other wikis) or "Username" (for users on Meta-wiki).
    • The first letter of the name must be uppercase (unless the wiki allows case-sensitive first letters in names).
    • The database prefix consists of the language code for wikis with subdomains (replacing hyphens with underscores), followed by the project's prefix shown below.
  2. Click "Edit user groups". A new box will appear showing you what groups the user is already in, and which other groups are available.
  3. Reassign the groups.
    • To assign new groups, select them from the right-side box (select several by holding the ctrl or alt key, depending on your browser).
    • To remove groups, select them in the box on the left.
  4. Click "Save user groups".

[edit] Database prefixes

The prefixes for the main projects are shown below. For others, see the full list.

project prefix
Multilingual wikis
Commons commonswiki
Foundation foundationwiki
Incubator incubatorwiki
MediaWiki wiki mediawikiwiki
Multilingual Wikisource sourceswiki
Test Wikipedia testwiki
Wikispecies specieswiki
Wikis with subdomains
Wikibooks codewikibooks
Wikinews codewikinews
Wikipedia codewiki
Wikiquote codewikiquote
Wikisource codewikisource
Wikiversity codewikiversity
Wiktionary codewiktionary

Examples:

English Wikipedia Billy@enwiki
French Wikiversity Billy@frwikiversity
Classical Chinese Wikipedia Billy@zh_classicalwiki
Multilingual wiki Billy@sourceswiki

[edit] Rights

The following groups can be manipulated (among others on some wikis):

  • Very restricted groups
    • Steward – Do not manipulate the steward flag on any wiki except Meta, and only then after a steward election or when a steward has resigned.
    • Boardvote – For the use of Election Officials; allows user to view the IP addresses and user agents of all voters, and to strike out invalid votes.
  • Developer – not assigned anymore, this permission currently does nothing.

[edit] Encoding problems

Many browsers have difficulty manipulating user names in non-Latin characters. There are two ways to get around this problem:

  • Enter the URL-encoded name through the URL.
    1. First, get the URL-encoded name:
      • Copy it from the address bar of your browser while viewing their user page;
      • or, type "{{urlencode:{{PAGENAME}}}}" on the user's page, preview, and copy the text.
    2. Go to Special:Userrights, and in the address bar add "?user=" followed by the URL-encoded name. For example, http://meta.wikimedia.org/wiki/Special:Userrights?user=Foo+Bar.
  • Enter the user id (for example, "#55@frwiki" for user #55 on the French Wikipedia). There are a few ways to determine the user ID:
    • Ask the user. They can find it on Special:Preferences on that wiki.
    • Ask a developer in #wikimedia-tech.
    • If the user has edited on that wiki, you can find the ID by exporting that revision (if it is the latest) or exporting the whole history and locating that revision. Once located, look for the number inside "<id></id>" under "<contributor>" (make sure you're not getting the revision ID under "<revision>").
    • Use a tool hosted on the toolserver such as this one to find the user id.

[edit] Globally and wiki sets

Screenshot of Special:GlobalGroupPermissions (group selection).
Screenshot of Special:GlobalGroupPermissions (rights list).

Global accounts have the same name and password reserved on all public Wikimedia wikis (except previously-existing unattached local accounts). These global accounts can be assigned global groups, which give the user certain rights on all wikis where their global account can log in.

Note that a right is a specific access (like "edit-interface"), and can't be given to a user directly; a group is an abstract grouping of rights (like "steward").

[edit] Managing groups

Stewards can create, edit, or delete a global group using Special:GlobalGroupPermissions. The scope of each wiki can be global (all public wikis), or defined for a specific set of wikis.

  • Edit:
    1. In the "Existing groups" box, click "View and edit permissions" for the group you want to edit.
    2. A list of possible rights will appear (see also mw:Help:User rights). Check the rights the group will have and uncheck those they won't.
    3. If the group needs access on specific wikis (instead of globally), select the set of wikis in the drop down menu above the list of rights (see Managing sets of wikis).
    4. Enter the reason for the change in the textbox below.
    5. Click "Save changes to group permissions". The changes will be applied immediately.
  • Create:
    1. Enter the group name in the "Create a new group" textbox.
    2. Click "Assign permissions".
    3. Check at least one right, and if applicable select the scope (see step 2 onward how to edit above).
  • Delete:
    1. Uncheck all its rights (see how to edit above).
    2. The group can be recreated later, and all former members will regain the same rights.

[edit] Managing group membership

Screenshot of Special:GlobalGroupMembership with example content.

Stewards can edit global accounts' membership using Special:GlobalGroupMembership. Placing a global account in global groups will give them all the rights assigned to that group on all public wikis.

  1. Enter the global account's user name the textbox.
  2. Select a wiki where they have a local account from the drop-down menu.
  3. Click "Edit user groups". A "Edit user groups" box will appear below.
  4. Check the global groups to assign. (Even if they are similarly named, global and local groups are not necessarily identical!)
  5. Enter the reason for the change in the textbox.
  6. Click "Save User Groups".

[edit] Managing sets of wikis (for global groups)

Stewards can define 'wiki sets' using Special:EditWikiSets, lists of wikis where global groups can be given access (instead of globally). It's not necessary to create a set of all wikis: that is the default for global groups if no set is selected.

  1. If you're creating a new set, click "Create a new set". Otherwise, click "view/edit" beside the name of the existing set to edit.
  2. Enter the set's name in the 'name' box. This is for the convenience of stewards, and can be changed any time.
  3. Select the appropriate type in the 'type' box (opt-in or opt-out).
  4. Enter the database prefixes, one per line, in the 'wiki' box.
  5. Enter the summary or reason for your change, which will appear in the global rights log.

[edit] Managing global accounts

Stewards can access unification information about a particular global account, unattach local accounts from the global account, delete the global account (restoring all local accounts), and lock out access to the account using Special:CentralAuth.

By hiding an account using Special:CentralAuth only the global account will indeed be hidden. Local accounts have to be hidden separately due to bug 14476. By installing MediaWiki:Gadget-hideuser.js this process can be simplified. Using Special:CentralAuth through a secure connection will allow you to block and hide all local accounts.

Warning: Accounts should never be locked except in cases of absolutely certain bad faith. Locking the account will prevent login on all wikis (displaying an incorrect-password error).

A log of actions is kept at the "globalauth" log.

[edit] Global access restriction

[edit] IP address blocks

Error shown to globally blocked users when they try to edit.

Stewards can block IP addresses and CIDR ranges on all public Wikimedia wikis using Special:GlobalBlock, and remove a global block using Special:GlobalUnblock. Current global blocks are listed on Special:GlobalBlockList and logged on Special:Log/gblblock.

Globally blocked IPs cannot edit any page on any wiki except MetaWiki (which allows users to appeal on Meta). When a global block conflicts with a local block, the strongest block will apply; for example, a global anonymous-only block will be overridden by a local full block.

Local administrators can unblock a globally-blocked address on single wikis using Special:GlobalBlockWhitelist on those wikis, and customize the error message using MediaWiki:Globalblocking-blocked.

[edit] Global account lock (& hide)

See "Managing global accounts" above.

[edit] Guidelines for processing requests

[edit] User access

  1. Check the Steward requests/Permissions page regularly
  2. Check that the procedure on that page has been followed and that the request does not violate any policies or guidelines (see the following sections for details)
  3. If the request is valid, fulfill it using Special:Userrights (see above for instructions)
  4. Mark the request as fulfilled (this is most often done with {{done}}) or rejected ({{not done}}) as appropriate.
  5. Tell the user, preferably on his own wiki, that he is now an admin and/or bureaucrat and invite him to join the admin channel by using Template:Invite.
  6. Leave the request on Steward requests/Permissions to allow follow-up comments and questions. Move a section to the archives only after no new comments have been added for two or three days.

[edit] General advice

  • Checking facts: If a user claims they already have a certain right, you can verify this by checking Special:Listusers on the local project. If the steward has any doubts about the request, they should discuss with one or more regular users of the local project.
  • Promoting very new users: There is no approved policy regarding the promotion of very new users for projects with no local community. New users should generally not be given rights until they have spent more time editing projects. However, stewards might grant new users temporary rights until a community has time to build up, at which point it can hold a vote to confirm the user's status.

[edit] Administrator and bureaucrat rights

  • If the wiki has a community, the community should have approved the user's request, generally on a local request page. The user should wait at least a week—perhaps two if the community is very small—before placing his request on Meta.
  • If the wiki has no community, or if it has too few active users to hold a meaningful discussion of the issue, it is probably advisable to grant temporary rather than permanent rights. Three months is a common period for temporary rights.
  • Be sure the community does not already have a local bureaucrat. Stewards should only grant administrator and bureaucrat requests on wikis with no local bureaucrats. The only exception to this is if all local bureaucrats have been inactive for a period of time.

[edit] CheckUser rights

  • Read the CheckUser policy carefully. Pay particular attention to the Access section, which specifies several important rules regarding the bestowal of this status. The use of this tool can have legal implications, so knowing and following the policy is of the utmost importance. Breach of the rules in this policy may result in removal of steward rights.
  • Send this e-mail to the user to request that they identify to the Wikimedia Foundation, record on the request page that the mail has been sent.
  • If the user claims to have identified to the Foundation already, ask for confirmation of this fact from the Volunteer Coordinator.
  • Grant rights only after receiving confirmation of identification from the Wikimedia Foundation.
  • After granting access, list the user in the appropriate section on CheckUser.
  • Ask the user to subscribe to checkuser-l, and notify the listadmins that the user has been approved.

[edit] Oversight rights

  • Read the policy at Hiding revisions carefully.
  • On the English Wikipedia, only the Arbitration Committee can approve a request for this status.
  • There is not yet a definite policy for the granting of this status at other wikis.
  • After granting access, list the user at Hiding revisions.

[edit] Removal of access

  • If a user requests that his own rights be removed, check that he has confirmed his identity as explained on Steward requests/Permissions.
  • If a user requests that another user's rights be removed, be sure that the action complies with the local wiki's policy on removal of rights. This will often involve sifting through a lengthy debate on a local request page to confirm the validity of the procedure.
  • After removing a user's checkuser or oversight rights, don't forget to remove them from the corresponding lists.

[edit] Temporary rights

  • The precise duration is a matter of discretion; one month and three months appear to be the most common. Six months is probably too much.
  • After granting the request, move the section to Steward requests/Permissions/Approved temporary—do not leave it on Steward requests/Permissions, as this may cause confusion—and state clearly the date on which the rights are to be removed.
  • Check the subpage occasionally and remove access from users whose expiry dates have passed.

[edit] CheckUser information

  • See Steward requests/Permissions.
  • If local checkusers exist in a project, checks should generally be handled by those. In emergencies or for multi-project checkuser checks as in the case of cross-wiki vandalism stewards may perform local checks. Stewards should remove checkuser access on the projects upon completion of the checks and notify the local checkusers or checkuser email list. (from the official CheckUser policy page).
  • Note: The German Wikipedia requests that strictly all CheckUser queries are announced on de:Wikipedia:Checkuser/Anfragen (please ask the local users with access if you need help with formulation, or with what exactly should be published).

[edit] Other steward tasks

  • Ideally, one or several stewards should be 'on duty' in the #wikimedia-stewards IRC channel at any given time. Users of small wikis are encouraged to use this channel to report emergencies, but it has also been used for conversation about and among stewards, and for discussion of routine matters.

[edit] Email templates

To be sent to users with access to private data:

[edit] Communication with other stewards

Mailing list: There is a private stewards mailing list, for discussions of policy and private requests.

IRC: The public #wikimedia-stewards channel is a place to ask for help, announce emergencies, or discuss ongoing events with stewards and others. stewardbot will flag stewards' attention if you say !steward in the channel.

Meta: High-level discussion about policy and other wikis can takes place on the Meta:Stewards noticeboard and Meta:Babel.

[edit] Tools and bug reports

[edit] Major bugs

Bug # Summary Component Group(s) affected Severity Status
12896 (vote/watch) Spam Blacklist shouldn't be fooled by similar-looking Unicode characters SpamBlacklist sysop, steward major reopened
14629 (vote/watch) Titleblacklist entires with <newaccountonly> should affect automatically created accounts with SUL too TitleBlacklist sysop, steward major reopened
16545 (vote/watch) Special:ListGlobalUsers/group should note when rights apply to the current wiki / when the wiki is in the relevant wiki set CentralAuth steward major reopened
18183 (vote/watch) Hide globally hidden user names on Special:Log/globalauth CentralAuth steward high
18303 (vote/watch) Output a canonical form to IRC RC feed (never localized!) core SWMT major
18526 (vote/watch) Improve hiding of usernames by looking for reverts with edit summaries containing the username Deleting oversight, steward major
18860 (vote/watch) Special:Emailuser doesn't check whether user's IP is blocked Special pages sysop, steward major
19227 (vote/watch) global block should prevent password resets GlobalBlocking steward major
19273 (vote/watch) AntiSpoof doesn't actually stop simple spoofing AntiSpoof SWMT major
19725 (vote/watch) Suppressed edits still appear in Special:DeletedContributions and Special:Undelete Deleting oversight, steward major
20186 (vote/watch) Allow filtering history and contributions lists for revision deletion History, diffs oversight, steward; sysop major
20267 (vote/watch) Public Autoblock is not hidden on Special:BlockList after hideuser Blocking oversight, steward; sysop major
20290 (vote/watch) Add "hide placeholder" Revision deletion oversight, steward; sysop major
20954 (vote/watch) Local contribution lists of globally hidden accounts no longer visible to stewards CentralAuth steward major
21279 (vote/watch) Delete/RevisionDelete links breaking / urgent schema issue Deleting oversight, steward; sysop major

[edit] Minor

Bug # Summary Component Group(s) affected Severity Status
1542 (vote/watch) Log spam blacklist hits SpamBlacklist sysop, steward enhancement
4055 (vote/watch) farm / meta activities / logs should be duplicated at related wiki's Special pages all enhancement
4459 (vote/watch) Create a special page to handle additions, removals, changes and logging of spam blacklist entries SpamBlacklist sysop, steward enhancement
5575 (vote/watch) Emailing CheckUser results CheckUser checkuser, steward enhancement
11069 (vote/watch) Expand functionality of Special:nuke on meta to all wiki's within Wikimedia Nuke sysop, steward enhancement
12343 (vote/watch) Deleting a page should not affect the old protection Page editing sysop, steward enhancement
13789 (vote/watch) Restore the global CheckUser log CheckUser checkuser, steward normal
13953 (vote/watch) Allow global user CSS/JS CentralAuth sysop, steward enhancement
14476 (vote/watch) Hiding a global account via CentralAuth should trigger local blocks using wpHideName Site requests steward enhancement reopened
14699 (vote/watch) More versatile searching in CheckUser log CheckUser checkuser, steward enhancement reopened
14824 (vote/watch) Renaming users to a globally-reserved name should verify password/email first CentralAuth bureaucrat, steward enhancement
14862 (vote/watch) Allow global renaming of global users CentralAuth steward enhancement
15273 (vote/watch) please add "Prevent account creation" to global block GlobalBlocking steward enhancement
15294 (vote/watch) Allow blocking of global accounts CentralAuth steward normal assigned
15536 (vote/watch) Allow stewards to forcibly create a global account for non-unified users CentralAuth steward normal
16325 (vote/watch) Blacklisted links should mean the page can't be saved SpamBlacklist sysop, steward normal
17308 (vote/watch) Allow globalgrouppermissions to be assigned as a local right CentralAuth steward normal
17494 (vote/watch) Local user rename interferes with checking SUL-status of account CentralAuth checkuser, steward normal
17824 (vote/watch) Optionally place a local block when globally blocking GlobalBlocking steward low
17850 (vote/watch) Please create newprojects-l for announcing the creation of new wikis community community enhancement
17881 (vote/watch) Special:Log/suppress needs better error handling core oversight, steward enhancement
18057 (vote/watch) Special:CentralAuth has no conflict detection whatsoever CentralAuth steward normal
18060 (vote/watch) Lockandhide should be logged in the suppression log CentralAuth steward enhancement
18098 (vote/watch) MediaWiki:Globalblocking-block-intro should match MediaWiki:Blockiptext GlobalBlocking steward lowest
18104 (vote/watch) Schema request change so deleted edits are identified by revisionID not timestamp (prevents DIFFs from breaking) Deleting sysop, steward enhancement
18137 (vote/watch) Set up IRC rc feed(s) for usabilitywiki IRC SWMT, steward normal assigned
18182 (vote/watch) Add block-options to Special:CentralAuth CentralAuth steward normal reopened
18214 (vote/watch) Differentiate between manual and automatic account creations in #central IRC notifications CentralAuth steward enhancement
18335 (vote/watch) Log entries for deleting log entries are opaque core oversight, steward normal
18383 (vote/watch) RevisionDelete: hidden users appear in log entries created after the hiding core oversight, steward normal
18412 (vote/watch) Choosing an expiry from the dropdown should hide the other expiry textbox GlobalBlocking steward low
18413 (vote/watch) Add a dropdown for pre-defined block reasons on GlobalBlocking form GlobalBlocking steward low
18493 (vote/watch) Unify various deletion systems core community enhancement
18511 (vote/watch) Remove "hiderevision" permission from the Oversight group Oversight oversight, steward normal reopened
18577 (vote/watch) replace "show/hide" by an icon core oversight, steward enhancement
18598 (vote/watch) Create a maintenance script to convert oversighted content to suppressed with revision deletion, and the corresponding log entries too core oversight, steward normal
18660 (vote/watch) Allow abuse filter to globally block as an action AbuseFilter steward low
18723 (vote/watch) Add levels of hiding similar to revision deletion CentralAuth steward normal
18780 (vote/watch) Enable RevisionDelete on WMF wikis for admins Site requests sysop, steward enhancement
18805 (vote/watch) Suppress username and Special:Listusers core oversight, steward enhancement
18834 (vote/watch) Show estimate of number of edits to be reverted in rollback link History/Diffs sysop, steward enhancement reopened
18836 (vote/watch) Special:Log to include useful groupings of logs Special pages sysop, steward enhancement
18837 (vote/watch) Add Special:Log/centralauth as an alias for Special:Log/globalauth and Special:GlobalAuth as an alias for Special:CentralAuth CentralAuth sysop, steward enhancement
18917 (vote/watch) Add user group membership to Special:CentralAuth/Username CentralAuth steward normal
18918 (vote/watch) Special:CentralAuth/Username should output a sortable table CentralAuth steward normal
19199 (vote/watch) Granularize RevisionDelete (RevDelete) user rights Revision deletion sysop, steward enhancement
19234 (vote/watch) Removal wiki set site request steward enhancement
19283 (vote/watch) Allow deleting wikisets CentralAuth steward normal
19823 (vote/watch) RevisionDelete: No recreate-warning after a page has been suppress-deleted Page editing oversight, steward normal
20188 (vote/watch) Add a local note on Special:Block if the account is yet globally locked CentralAuth sysop, steward normal
20189 (vote/watch) Add checkboxes for revision deletion on Special:Contributions, Special:DeletedContributions and Special:Undelete Deleting oversight, steward; sysop enhancement
20206 (vote/watch) Improval of transparency for deleted/suppressed revisions History, diffs oversight, steward; sysop normal
20571 (vote/watch) Special:CentralAuth should load a snippet of Special:Log/globalauth CentralAuth steward normal
20775 (vote/watch) Possibility to see deleted edits for checkusers checkuser checkuser enhancement
20839 (vote/watch) Filter deletion log by page deletions, undeletions and revision deletions Revision deletion steward; sysops, all enhancement
20928 (vote/watch) Change visibility fails if existing states not identical. Use tri-state buttons? Special pages oversight, steward; sysop enhancement
21312 (vote/watch) Request for feature: RevisionMove Special pages oversight, steward; sysop enhancement

[edit] Resolved bugs

Bug # Summary Component Group(s) affected Severity Status
15814 (vote/watch) Special:RevisionDelete should have clearer logs for individual revisions Special pages sysop, steward enhancement resolved, fixed
15842 (vote/watch) Enable image renaming on WMF wikis Site requests sysop, steward enhancement resolved, fixed
17864 (vote/watch) Special:Userrights doesn't accept input properly core bureaucrat, steward; sysop normal resolved, fixed
17787 (vote/watch) Allow blocking email for IPs core checkuser, steward; sysop normal resolved, duplicate
17806 (vote/watch) Specific log for revision deletions Revision deletion oversight, steward; sysop enhancement resolved, wontfix
18472 (vote/watch) Suppression log filtered by "offender", as Oversight log can be. core oversight, steward enhancement resolved, fixed
18531 (vote/watch) Hiding can hide a bit too well core oversight, steward enhancement resolved, fixed
18724 (vote/watch) Allow different levels of hiding with wpHideUser Blocking oversight, steward normal resolved, resolution later
18725 (vote/watch) add revision suppression UI on deleted revision page core oversight, steward enhancement resolved, fixed
18753 (vote/watch) RevDeleted to link to the actual revision(s) involved for all users core oversight, steward enhancement resolved, duplicate
18862 (vote/watch) RevisionDelete should have a MediaWiki -dropdown page, and dropdown menu for common revision deletion reasons Revision deletion sysop, steward enhancement resolved, fixed
19163 (vote/watch) Special:GlobalBlock/127.0.0.1 should load global block log snippet GlobalBlocking steward normal resolved, fixed
19387 (vote/watch) Checkuser log omissions - urgently needing fixing CheckUser checkuser, steward major resolved, fixed
19905 (vote/watch) Sysop undeletion removes revision deletion restrictions Revision deletion oversight, steward major resolved, fixed
20476 (vote/watch) Create new right/permisson to view hidden revision Revision deletion oversight, steward; sysop resolved, duplicate
20478 (vote/watch) Add a note to Special:Block when the IP is already globally blocked GlobalBlocking sysop, steward enhancement resolved, fixed

[edit] Tools

user or wiki activity
  • CrossActivity: one user's edit/sysop/bureaucrat activity on all wikis.
  • Stewardry: sysops/bureaucrats/checkusers/oversighters on a wiki by date of last activity (log and edits).
  • Steward activity statistics: times of the last log actions per steward.
  • User contributions: contributions and block status on all wikis for the given user name.
other
  • CrossBlock: block status of given IP, CIDR range, or user on all wikis with links to prefilled block/unblock forms.
  • SULutil: information about a given global account, and information and unification status for each local account with that name.
  • SUL log: a log of account unifications, filterable by lock/hidden status.
  • User rights statistics: counts members of each user group on every wiki.
JavaScript
  • StewardScript: adds shortcuts to the Meta interface for quicker stewarding.
IRC
  • StewardBot: a Python script which accepts commands from authorized stewards on IRC and performs utility operations related to steward activities.
Retrieved from "http://meta.wikimedia.org/wiki/Steward_handbook"