Talk:Policy for wiki

Web/Wiki administration
Just to say, the situation today is as folllows:


 * The vsop website is password protected (Basic authentication only)
 * Anonymous edits are not allowed
 * Anonymous creation of account are not allowed.
 * Some pages are restricted (see below)
 * The data/ directory is not (yet) password protected although the wiki includes direct links to it...
 * This should be done then. If we open the wiki, we must have the data directory protected. But then we have a problem: Part of the data will be released, but another part will still be non-published, and so not released. A question: When we open the wiki, can we then place the password protection on the data dir instead? i.e. just move it down one level? Or have protection on some sub-dirs and not on others? -- Tdall 15:24, 18 October 2006 (CLST)
 * Actually, we have a problem here, I think. And John should be in the loop, as he will provide some valuable expertise with .htaccess. Once website protection is gone, the wikipages are "protected" only by the restrict feature. The data dir cannot of course use this feature, as it is outside the wiki. The problem is that if a wiki page point to a HARPS fits file, the directory containing this fits must be open. Hence, if different stars are observed the same night, it's a bit problematic. I don't think you can protect on a per-file basis. We could also imagine that a external user need to require a password to access a given directory. Then we have to deal with hudreds of password... and once he got it, nothing can restrict him to explore the whole directory itself. One (temporary) solution, would be for us to work on a "observing-night" mode, i.e. releasing all the stars observed a given night at once. This could be implemented by a pass protection on all subdirectorioes, and removing the .htaccess of that subdir once the stars are released. If we plan to publish chunks of say, 200 stars, this is not unreasonable... We just have to deal with a password for each observing night directory. What do you think? -- C édric [[Image:kmail.png|16px]]T alk  03:46, 19 October 2006 (CLST)
 * Yeah, I think this sounds like the best option: Releasing, say, all P77 data in one go, so earlier than 2006-10-01 will be free, while later dates are still passwd protected. I think we should avoid the need to hand out passwords to outsiders. -- Tdall 14:44, 19 October 2006 (CLST)

For non-robots accounts,


 * Every VSOP person has only one account name
 * Every VSOP person can view all pages. (permission viewrestrict)
 * So far, only Cedric, Thomas and John can also restrict/unrestrict pages. (permission restrict)
 * This latter permission should be extended to all VSOPers. Done.
 * Cedric is the WikiSysop, and as such his account User:Cedric has also the sysop permission.
 * For ease of use, User:Cedric has also the Bureaucrat permission. (It avoids me to logout/login constantly between Cedric and WikiSysop for some special things).
 * Thomas has the WikiSysop userid/password combination even if his account User:Tdall does not have the sysop permission (but log in as WikiSysop would allow you to change your permissions.)
 * Robots have of course the bot permission (this gives some special features such as rollback) and viewrestrict and restrict, for the ease of use of their mechanic.