User:Chris Key/Sandbox/Proposal: Overhaul of user rights

IMPORTANT NOTICE
This is a draft proposal only, and very much a work in progress. Until this notice is removed I do not recommend following the proposal outlined in this document.

Background
''Problem statement as summarised by Dan Nessett. Rewrite.'' * The MW software is fully flexible and capable of supporting any group/rights architecture suitable for CZ.
 * The existing access rights architecture does not quite fit the roles and responsibilities associated with various CZ governance positions. For example, Constables need to perform certain operations on the wiki, some of which require Sysop privileges, some of which do not. Some rights granted to Constables by virtue of their position as Sysops on the wiki are not useful to them in the pursuit of their Constable role. Creating an architecture that more closely follows the governance structure increases the transparency of access rights management and use at CZ. Furthermore, it is useful to implement fine granularity access control structures that give users only the rights they need and no more. This improves the overall security posture of CZ.
 * When CZers without extra permissions observe terms like "Bureaucrat", "Sysop" and "Constable", they may become confused and think, for example, that the Sysop role is identified with the Constable role. They become frustrated when they contact a Sysop, asking them to perform a Constable function and are told that a Sysop does not have the organizational right to perform this function (even if they can technically perform it). Furthermore, arcane names like Bureaucrat or Dark Knight, due to their unfamiliarity or vaguely threatening connotations, may raise the level of discomfort of those unfamiliar with their technical meaning.
 * Since the technology used by CZ to develop and deliver its content is not monolithic (i.e., it is implemented by various software systems that do not interact with each other), we should clarify roles within these software systems by using group names similar, if not identical, to the roles defined within CZ.

Current System
Current user group rights can be seen at Special:ListGroupRights.

Overview
The example document at User:Chris_Key/Sandbox/Userrights will be used only as a starting point for this section.

User rights groups
Discussion of which user groups should be created and the rationale behind each of them.

Analysis of each user right
Detailed analysis of each and every user right that is avaliable will go here, including a summary of who should get it.

Summary
Create a table similar to that seen at Special:ListGroupRights.

Implementation
Include instructions on how to implement this, including modifications to LocalSettings.php for implementing the new setup and removing the old setup.

Testing
''Attempt to set up a clone on shared hosting with a full test of the proposed system. Failing that, conduct a thorough test on my personal clone.''