wikimedia/mediawiki-extensions-AbuseFilter
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git synced 2024-11-23 21:53:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
7763 commits 196 branches 0 tags 100 MiB
Commit graph

4 commits

Author SHA1 Message Date
Dreamy Jazz 774f4f02ef Create protected variable access logs POSTSEND 
Why:
* The ProtectedVarsAccessLogger::logViewProtectedVariableValue
  method creates a debounced log entry for accessing protected
  variable values.
* This log can be created when a user calls the 'abuselog' query
  API. This API query is made using a GET request.
* Because the ProtectedVarsAccessLogger creates the log
  when it is called, the TransactionProfiler raises a warning
  about writing to the primary DB on a GET request.
* We should address this warning by creating the log entry on
  POSTSEND, in a similar way to how the CheckUser extension
  creates CheckUser log entries.

What:
* Wrap the call to ProtectedVarsAccessLogger::log in
  ::logViewProtectedVariableValue with a DeferredUpdate callback
  that is run POSTSEND.
** As part of this, the expectations that the code only uses the
   replica DBs are silenced inside the DeferredUpdate as the
   PostSend-GET expectations do not usually allow for writes.
   The only other method would to be create the log via a job,
   but we want the log creation to occur quickly and reliably.

Bug: T379083
Change-Id: If14e65b27b0bdd4fd0b99319024ffa281bf44656
 2024-11-11 14:33:47 +00:00
STran b66daede0a Log specific views of protected variables 
Like CheckUser, AbuseFilter should also log when specific protected
logs are viewed.

- Add support for debouncing logs to reduce log spam
- Log when AbuseFilterViewExamine with protected variables available
  is accessed
- Log when SpecialAbuseLog with protected variables available is
  accessed
- Log when QueryAbuseLog with protected variables available is accessed

Bug: T365743
Change-Id: If31a71ea5c7e2dd7c5d26ad37dc474787a7d5b1a
 2024-10-02 00:53:34 -07:00
STran 0b3d0b3b6d Write protected variables access logs to CheckUser if installed 
Write logs related to temporary accounts to CheckUser if the extension
is available so that logs are topically centralized.

Bug: T373525
Depends-On: I35d50df7cd6754e29d964cc716fb3c42406272df
Change-Id: Ic95f211f4db7ce6dc2d769d2f3af206f4a3935e4
 2024-09-18 07:59:05 -07:00
STran cbfaaa591d Log changes to protected variables access 
Similar to how CheckUser logs access to IP information about temporary
accounts, AbuseFilter needs to log whenever protected variables are
accessed.

- Implement ProtectedVarsAccessLogger which handles access logging
- Log whenever a user changes their ability to access protected
  variables via Special:Preferences

Bug: T371798
Change-Id: Ic7024d9c5f369eb33c4198a59638de9a1d58b04b
 2024-09-13 01:39:09 -07:00