Help:Sysops and permissions
The way permissions are set-up on different wikis can vary, but in general...
Soft security - There are no permissions
Wikis are often set up to be freely and openly editable. This means anyone can edit the pages, often without even registering/logging in. This is only possible because wikis offer a unique kind of "soft security". By making it very simple to monitor edits, and revert changes to retrieve an older version of a page, a wiki doesn't need to be very restrictive at all.
There are no permissions. Everyone is an administrator. You don't need permission to edit, and you are encouraged to "be bold", go forth and edit!
...at least that is the theory. In practice MediaWiki software does offer many options related to permissions.
In the case of WikiSpooks, initial judgement is that we need to be slightly more restrictive than the default open standard. This means that document creation, uploading (other than for special anonymous uploads) and editing is restricted to registered users only. See here for the rationale. It is not cast in stone.
By default MediaWiki provides extra functionality to a group of trusted users called 'sysops' (or known more generally as 'administrators') Most of the time this should go largely unnoticed by the normal users of a wiki community. Everyone can get involved in editing pages, and even undertaking drastic reorganisation of the wiki. The extra powers of a sysop user are intended for use in settling disputes and preventing repeated vandalism.
Who are the sysops?
You can find out who the sysops are at Special:ListUsers/sysop
What can a sysop do?
There are a number of extra features available to sysops. The key ones are as follows:
- Protecting and unprotecting pages, and editing protected pages
- 'Protecting' a page prevents normal users from editing the page at all. There are several reasons why a particular page might be protected. For more information see Help:Protected pages. For sysop information see Help:Protecting and unprotecting pages
- Deleting pages, and undeleting.
- A page can be deleted semi-permanently, such that it is no longer available (even in the page histories) for normal users. Normal users do not have this power. See Help:Deleting a page. For sysop information see Help:Sysop deleting and undeleting.
- Blocking a user or IP address, and unblocking them.
- Users can be blocked from the wiki. This is a useful way of keeping out persistent vandals. Users are identified by their registered user name, or by I.P. address, and can be blocked permanently, or just short length of time to give them a "cooling off" period. See Help:Blocking users
- Patrolling, and seeing patrolled edits.
- This is a way of coordinating with other sysops, to ensure that every edit of the wiki has been checked over by a trusted user. See Help:Patrolled edits
Another level of permissions within a default MediaWiki set-up, is the 'bureaucrat' group.
The main thing a bureaucrat can do, which 'sysop' cannot, is promote users to be sysops (and demote sysops to normal users). See Help:Assigning permissions