Archive:Bugzilla administrator rights policy: Difference between revisions

This policy or procedure is maintained by the Wikimedia Foundation. Please note that in the event of any differences in meaning or interpretation between the original English version of this content and a translation, the original English version takes precedence.

Wikimedia policies
Wikimedia projects
Access to nonpublic personal data Access to temporary account IP addresses Code of conduct for Wikimedia technical spaces, including events Cookie statement Data retention guidelines Digital Millennium Copyright Act (DMCA) Donor privacy General disclaimer Human rights Licensing Office actions Privacy Terms of Use Wikimedia Maps Terrorist and violent extremist content procedures and guidelines Trademarks Universal code of conduct Enforcement guidelines
Foundation Board and staff
Code of Conduct Code of conduct of the Board of Trustees Conflict of interest Confidentiality agreement of the Board of Trustees Credit card usage Delegation of authority Duty entertainment Foreign corrupt practices act policy Gifts Non-discrimination Travel and expense Travel approval Whistleblower
Other
Expense reimbursement Feedback privacy statement Friendly space policy Legal policies Non-wiki privacy policy Open access policy Peering policy Phabricator Terms of Use Purchasing and disbursements procedures Requests for user information Service provider travel guidance
v t e

This document describes when to hand out administrator rights in Wikimedia Bugzilla.

Background

Some users at bugzilla.wikimedia.org have administrator rights and hence more powers than other users. Without guidelines why a user is an administrator, this can create mistrust. Furthermore, having a large number of administrators can create coordination issues. A list of current Bugzilla administrators can be found at m:System administrators#List.

Guideline

When none of the tasks listed below under "Tasks which require being an administrator" are to be executed by a specific Bugzilla user, a combination of other, more specific Bugzilla group memberships should be handed out instead of handing out admin and/or editusers group membership. This also helps avoiding a large number of Bugzilla administrators and related coordination issues.

If admin group membership is handed out to individuals who are not employees of the Wikimedia Foundation it is required to sign an indefinite non-disclosure agreement first, due to legal requirements (e.g. access to security bugs).

Tasks which require being an administrator

Membership in the Bugzilla admin group is required for the following tasks:

Bugzilla in general

• editing or blocking Bugzilla accounts, e.g. in case of violations against the code of conduct policy (this is inherited from editusers group membership: editusers group membership de facto means admin group membership, as an account with editusers group membership can edit his/her account and set admin group membership.)
• deleting attachments (instead of just marking them as private)
• editing Bugzilla field values and custom fields
• editing the bug status workflow
• viewing the generated SQL query by using the &debug=1 URL parameter

The list above is not necessarily complete. (Thanks to Byran Jones (:glob) for input.)

Specific Wikimedia Bugzilla configuration

• Marking comments and attachments as private and accessing comments and attachments marked as private requires membership in the insidergroup group. The insidergroup group is currently (2013-05-26) set to consist of the admin and security groups.
• In order to be able to edit/ban Bugzilla accounts and/or hide Bugzilla comments in emergency cases (e.g. spamming over public holidays when most people are not on duty), the Wikimedia Foundation Operations team has a dedicated Bugzilla account.

See also

• Code of conduct policy
• Privacy policy