mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-09-23 10:18:22 +00:00
Validate the abusefilter-blocker name
In T209565#4826952 I discovered that if the "abusefilter-blocker" message is an invalid username, we silently end up without a system user, thus risking to break something. Instead of silently failing, emit a warning and use the default name. As I wrote in the code comment, we'd better avoid throwing, because the message can be modified by anyone, who could then break the site. Change-Id: Ifa866bd9676945bf94e7e481adf6ad0d6cf4370c
This commit is contained in:
parent
102f6f7497
commit
4950bf6664
|
@ -2106,6 +2106,19 @@ class AbuseFilter {
|
|||
$username = wfMessage( 'abusefilter-blocker' )->inContentLanguage()->text();
|
||||
$user = User::newSystemUser( $username, [ 'steal' => true ] );
|
||||
|
||||
if ( !$user ) {
|
||||
// User name is invalid. Don't throw because this is a system message, easy
|
||||
// to change and make wrong either by mistake or intentionally to break the site.
|
||||
wfWarn(
|
||||
'The AbuseFilter user\'s name is invalid. Please change it in ' .
|
||||
'MediaWiki:abusefilter-blocker'
|
||||
);
|
||||
// Use the default name to avoid breaking other stuff. This should have no harm,
|
||||
// aside from blocks temporarily attributed to another user.
|
||||
$defaultName = wfMessage( 'abusefilter-blocker' )->inLanguage( 'en' )->text();
|
||||
$user = User::newSystemUser( $defaultName, [ 'steal' => true ] );
|
||||
}
|
||||
|
||||
// Promote user to 'sysop' so it doesn't look
|
||||
// like an unprivileged account is blocking users
|
||||
if ( !in_array( 'sysop', $user->getGroups() ) ) {
|
||||
|
|
Loading…
Reference in a new issue