Allow site config to be overridden by trusted users

[edg2s]

Fixes #19

[edg2s]

This does away with the JSON approach of #60 as that adds no real security.

Instead we can maintain a list of trusted OAuth accounts that will be allowed to use the site config feature.

Anyone who is V+2 can be added to this list, as V+2ers can already execute arbitrary code on the server.

To begin with we should use the regex feature to allow / \(WMF\)$/ as I believe these names are protected.

[DannyS712]

Would love to be able to do this, but how exactly does the code detect if a user is V+2? OAuth connects to SUL, and being able to vote V+2 is based on gerrit permissions on an account that may not be connected.

[edg2s]

This patch requires us to manually maintain a list of trusted users.

[MatmaRex]

I like this but I'd also like to avoid maintaining that list for the rest of my life, hmm…

[edg2s]

One could host the user list in a Gerrit repo, then v+2ers could add themselves.

[DannyS712]

One could host the user list in a Gerrit repo, then v+2ers could add themselves.

That would also require CR+2, though that should not be a problem since the two usually go together. That would also ensure that the list only includes those that want to be included and plan to use the tool

Sounds like a good idea to me. New repo, something like mediawiki/tools/patchdemoconfig (in case the actual code from this ever moves, not using patchdemo) inheriting from mediawiki/* with a simple text file that users are told they can self-merge changes to, file just holds a list of allowed user names