Commit graph

126 commits

Author SHA1 Message Date
Thalia 47fb507e28 maintenance/SearchFilters: Allow searching by privacy level
Why:

* Filters should only be protected if they contain protected
  variables, or have done in the past.
* Before T377765, it was possible to protect any filter, and at
  least one filter was mistakenly protected.
* To check whether any other filters have been mistakenly
  protected, it is helpful to run a query on all databases for
  protected filters.

What:

* Add an option to maintenance/SearchFilters to allow searching
  by privacy level.

Bug: T380290
Change-Id: I40837de7c63fb8001734df80524a0bf79ff50135
2024-11-26 07:25:04 +00:00
Thalia 0ea7944ea3 Add documentation about running RemoveProtectedFlagFromFilter
Why:

* The maintenance script RemoveProtectedFlagFromFilter was added
  to fix a mistake where a filter was 'protected' that shouldn't
  be.
* There are certain steps that should be taken before and after
  the script is run. These are not yet documented.

What:

* Document that the script should only be run after checking that
  no data will be leaked.
* Document that a note should be left for filter editors to
  explain when and why the script was run.

Bug: T380290
Change-Id: Iffe35c87782fdd499937565f1f8da62bfd36f93d
2024-11-25 12:05:33 +00:00
Thalia 91456d79b2 Add RemoveProtectedFlagFromFilter maintenance script
Why:

* Protected variables were introduced to support temporary accounts
  so that temporary users could be filtered based on their IP address.
* Filters that use protected variables are protected in order to
  preserve privacy. This can't be undone.
* It is mistakenly possible to protect a filter that does not use
  protected variables (T378553). We need a mechanism to fix these
  mistakes.

What:

* Introduce a maintenance script that takes a filter ID and, if the
  filter is protected, sets it to unprotected while maintaining any
  other existing privacy levels.

Bug: T378551
Change-Id: I4dfe3970221397d5be5ea0697490d8c8e3726adf
2024-11-15 13:13:38 +00:00
Umherirrender 57ecef75c5 Use namespaced classes
Changes to the use statements done automatically via script
Addition of missing use statement done manually

Change-Id: If80031678a474157e4cc78a3d3621dab53aded67
2024-10-19 21:55:40 +02:00
Bartosz Dziewoński b0c9bdc177 Specify caller in DB queries
Found warnings about this in WMF production logs.

Change-Id: I5d47b0b1a15ab68e2fe2b2f5d14eb0c355b0b632
2024-09-11 15:20:11 +02:00
Dreamy Jazz aee25cfdaf Allow consequence to be used without pattern in SearchFilters.php
Why:
* The SearchFilters.php maintenance script fails to produce any
  filters when the --pattern option is not provided
* This is because the condition that checked for a missing pattern
  did this after it was passed through ::addQuotes, which made
  the value always truthy.

What:
* Fix this bug, so that the --consequence option can be provided
  without the --pattern option.

Bug: T373148
Change-Id: I316d3f940a8e7616a56040077a20563ee653515b
2024-08-27 11:19:56 +01:00
Dreamy Jazz 7ecc204050 Expand SearchFilters.php to search by consequence
Why:
* SearchFilters.php allows the caller to search by a regex that
  is applied to the pattern.
* This script can be expanded to allow callers to specify what
  consequence should be associated with the filters that are
  outputted.

What:
* Add a 'consequence' option to the SearchFilters.php maintenance
  script, which is applied through a LIKE query on the
  af_actions column.
** This can be specified with or without the pattern option.
** Instead of making pattern required, the script now requires
   that one of consequence or pattern is provided.
* Expand the tests for the script for this new code, along with
  using the new ::expectCallToFatalError method to be able to
  test previously untestable code.

Bug: T373148
Change-Id: I1b507d8f9dc1f4cf91ee4f83ccde745eb6d46d6d
2024-08-22 22:07:37 +01:00
Bartosz Dziewoński 237d54d545 Replace gettype() with get_debug_type() in exception messages etc.
get_debug_type() does the same thing but better (spelling type names
in the same way as in type declarations, and including names of
object classes and resource types). It was added in PHP 8, but the
symfony/polyfill-php80 package provides it while we still support 7.4.

Also remove uses of get_class() where the new method already provides
the same information.

For reference:
https://www.php.net/manual/en/function.get-debug-type.php
https://www.php.net/manual/en/function.gettype.php

Change-Id: I5e65a0759df7fa0c10bfa26ebc3cda436630f456
2024-08-12 23:05:16 +02:00
Umherirrender 73a15cdcbf Use IDatabase::buildComparison in MigrateActorsAF
Avoid IDatabase::addQuotes

Change-Id: I68712c407cec15eb7fac0303ad7fa94651f4e0be
2024-07-16 23:35:21 +02:00
Matěj Suchánek cb08d684d5 Remove AbuseFilterActorMigration
Bug: T188180
Change-Id: Idcacc9f63075b621bbc858a461dc6fb7ab7a9a39
Depends-On: I7dd5fc0f9d80636b0cdf3d995fe22c1f43a5b68d
Depends-On: Ibdb2b4096f26fc6752456a05f8d70a9a6d9609ad
2024-06-15 09:42:27 +02:00
jenkins-bot f5fa2511ef Merge "Use namespaced classes" 2024-06-12 20:40:36 +00:00
Umherirrender c3af3157b4 Use namespaced classes
Changes to the use statements done automatically via script
Addition of missing use statement done manually

Change-Id: I48fcc02c61d423c9c5111ae545634fdc5c5cc710
2024-06-12 20:01:35 +02:00
Matěj Suchánek e1858da1fa maintenance: Remove reference to cleanupUsersWithNoId.php
It isn't available anymore, and it wouldn't even make
any change.

Bug: T367129
Change-Id: Ifd926856264aef8f2648cdb983c7710d9f23aa77
2024-06-12 18:49:10 +02:00
Matěj Suchánek c2da0d4857 Drop $wgAbuseFilterActorTableSchemaMigrationStage
First patch in a series of dropping the old columns.
Wikis now need to run the maintenance script (e.g., via
update.php) prior to serving this commit.

Wikimedia wikis are already on SCHEMA_COMPAT_NEW stage.

Bug: T188180
Change-Id: I86ec2b816eed17b62bf02bfd085570f132011b3e
2024-06-10 12:08:30 +00:00
Amir Sarabadani 4fb92a37b8 Stop trying to update new storage method ES address pointers
We are trying to get rid of text table. See T183490 and explicitly see T362566.

Bug: T366705
Change-Id: Id133ff94e9518c7819c2e2fb8e01ee2a115c24d7
2024-06-05 19:20:25 +02:00
Umherirrender e1347e6d19 Use SelectQueryBuilder for sub queries in migrateActorsAF.php
Use ISQLPlatform::conditional() function to avoid the raw sql

Bug: T350968
Change-Id: Iaf565acfae9c8160a9f215bc55ce2018c7fac362
2024-05-21 16:52:07 +00:00
Umherirrender d0e85abda1 maintenance: Migrate to IReadableDatabase::newSelectQueryBuilder
Also use expression builder to avoid raw sql

Bug: T312420
Change-Id: I981f7d8107b7c4401056266c58db4457ad759f9c
2024-04-29 22:15:35 +02:00
Umherirrender 3691d773d3 Migrate to IDatabase::newUpdateQueryBuilder
Change-Id: I0b3fd864e5227068114ca7aa9e98361046f393c1
2024-04-15 23:07:44 +02:00
Umherirrender 2df93d2b0f Migrate to IDatabase::newInsertQueryBuilder/newDeleteQueryBuilder
InsertQueryBuilder does not ignore insert of no rows,
adding some conditions to avoid calling the query builder

Change-Id: I1752b90cc3a7ec3a7f9ee32a1873bf8c82b6e02e
2024-04-02 21:15:40 +02:00
libraryupgrader a8c9fab2cc build: Updating mediawiki/mediawiki-codesniffer to 43.0.0
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.FunctionComment.MissingDocumentationPublic

Change-Id: I6075c76d53a899aac56af027f9a956a6b9e6a667
2024-03-16 18:53:05 +00:00
Bartosz Dziewoński a105ddf99a maintenance: Replace unnecessary uses of LBFactory::waitForReplication()
Change-Id: I7289e76ffa94b4cb0298bddad7423bb855c77e55
2024-02-03 02:52:16 +01:00
Reedy 4ea577a777 Remove old maintenance scripts
Bug: T353923
Change-Id: I3e599dee3775ca3048205b915d6c341ed2e37b74
2024-01-18 05:50:19 +00:00
Umherirrender bd84a6514c Use namespaced classes
This requires 1.42 for some new names

Changes to the use statements done automatically via script
Addition of missing use statements and changes to docs done manually

Change-Id: Ic1e2c9a0c891382744e4792bba1effece48e53f3
2023-12-10 23:03:12 +01:00
Umherirrender cd7e9d31a7 Use namespaced Title
Bug: T321681
Change-Id: I66fd9b70a5de06ac3c81bdf6a2a5bca64ed094c2
2023-08-19 19:49:36 +02:00
jenkins-bot 0c33716f5b Merge "Mark protected stuff in classes with no subclasses as private" 2023-06-23 18:35:48 +00:00
thiemowmde 9316a7d65f Mark some unused public class features as private
These are not used anywhere outside of these classes.

Change-Id: I0a0a5cf1e84133bae69b95da771c285ee27f926c
2023-06-23 12:32:38 +02:00
thiemowmde 24888bea15 Mark protected stuff in classes with no subclasses as private
Protected effectively means "public to subclasses" and should be
avoided for the same reasons as marking everything as public should
be avoided.

Change-Id: Iba674b486ce53fd1f94f70163d47824e969abb77
2023-06-23 12:28:06 +02:00
thiemowmde b63d5c138e Use much more narrow IReadableDatabase and related where possible
Much more narrow interfaces. This code doesn't need more.

Change-Id: Iab0f1da27968246333a4a555b02bfb750cf9eedb
2023-06-14 19:42:01 +00:00
Matěj Suchánek f23ef62fc7 Fix MigrateActorsAF
Bug: T336224
Change-Id: I65115602032abbf29001d169855962607b8e4795
2023-05-09 19:44:14 +02:00
Matěj Suchánek 0628dbdab6 Add tests for extension.json and services
Change-Id: Ie83e4a85a408e1ba1d2cc827c4bf353bdd5500df
2023-03-28 09:35:02 +02:00
jenkins-bot 9fcf5d92d1 Merge "Use actor table in AbuseFilter" 2023-03-26 00:25:50 +00:00
Matěj Suchánek bb78cb0a56 Use actor table in AbuseFilter
This patch migrates abuse_filter and abuse_filter_history tables
to new actor schema.

MigrateActorsAF was copy-pasted from core's
maintenance/includes/MigrateActors.php before removal (ba3155214).

Bug: T188180
Change-Id: Ic755526d5f989c4a66b1d37527cda235f61cb437
2023-03-22 14:01:29 +01:00
Daimona Eaytoy 31210e66f5 Re-add BC alias for the VariableHolder class
Looks like it's needed for the UpdateVarDumps script, so add a note
about that. Also add a type check to the script so that it produces a
clearer error message if it finds an entity with unexpected type.

Bug: T331861
Change-Id: I68f8f954ed754c4282e13599ce06118e2336ecbb
2023-03-13 13:46:09 +01:00
Matěj Suchánek 86ac5bdb40 Clean up database access in non-deployed code
Change-Id: Ibcc41c2dd7f60a806199eaa2c47628a28dadd143
2023-03-03 18:55:08 +01:00
Timo Tijhof d2fc2ff8bb maintenance,includes: Clean up file headers
Follows-up Iaa1b4683c5c856.

* Match $IP pattern verbatim from most other WMF extensions.

* Improve descriptions a bit, and move/merge any meaningful
  information from file docblock into class docblock. The file blocks
  are visually ignored and identical in each file, and often out of
  date or duplicated when given text separately from the class block.

  See also similar changes in core:
  https://gerrit.wikimedia.org/r/q/message:ingroup+owner:Krinkle

* Use `@internal` instead of `@private` as per Stable interface
  policy.

Change-Id: I8bed9a625af003446c7e25f6b794931164767b5a
2022-09-29 17:56:49 +01:00
Timo Tijhof 9092ffab30 PurgeOldLogIPData.php: Minor doc and code clean up
* Match $IP pattern verbatim from most other WMF extensions.
* Lowercase "Address".
* Change description to be more explicit.
* Change printed lint to be shorter once it starts running.

Change-Id: Iaa1b4683c5c856c752065797cf651ca7b1b46943
2022-09-22 23:20:32 +01:00
Umherirrender 3cb0195c4c PurgeOldLogIPData: Fix quoting for postgres
Use addQuotes to quote the empty string instead of hard-coding "",
which not working in postgres

Change-Id: I15bf8c840b3a34dff4db976cb11e740209322bb9
2022-07-09 23:40:15 +02:00
Daimona Eaytoy 496c2ee370 Add logging when the 'block' action fails
Also avoid using User, use Authority instead.

Bug: T303059
Change-Id: I419ab3726d95ef600e2aa14dca5fa14066d245e3
2022-03-05 19:12:53 +00:00
Daimona Eaytoy 020f8a09b4 Remove leftovers of AbuseFilterAflFilterMigrationStage
On second thought, no need to keep the migration script now, since it's
unusable anyway.

Also remove an usage in SpecialAbuseLog, likely a rebase artefact.

Change-Id: I938924b3617ef30046d8317e68a101ed2c1883d3
2021-09-25 03:48:37 +02:00
Timo Tijhof 3f33e08bac Remove various AtEase and error_reporting
Something somewhere is leaving error_reporting in a dirty state
causing AbuseFilter's ConsequencesExecutorTest case to fail for
the core change Ic9fee6cdd88001025.

Per T253461, we're meant to eventually remove this anyway, so might
as well remove it in areas that are known to get it wrong somehow.

Change-Id: I2a665f09a357f2f2cc258d8c4011d49a7ab9c13b
2021-09-16 02:59:37 +00:00
libraryupgrader 5377ebe819 build: Updating dependencies
composer:
* mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0

npm:
* postcss: 7.0.35 → 7.0.36
  * https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I2b382f3bb236fb44eb24c6a257b13b8fd886541c
2021-07-21 18:51:18 +00:00
Umherirrender 360d41c8ec Replace uses of DB_MASTER with DB_PRIMARY
Change-Id: I60719654b2062bbe52d2eadef8b942cea477e522
2021-05-13 01:43:37 +02:00
libraryupgrader 06cdddc9d0 build: Updating composer dependencies
* mediawiki/mediawiki-codesniffer: 35.0.0 → 36.0.0
* php-parallel-lint/php-parallel-lint: 1.2.0 → 1.3.0

Change-Id: I92d6f6d6f817765df24f845103a489624f4290f2
2021-05-02 06:41:54 +00:00
Daimona Eaytoy 005cc83642 Increase coverage for more classes
Change-Id: Iae6a24291f821fda77a45d8c1584de010af6a834
2021-01-17 17:38:58 +00:00
Daimona Eaytoy 45f0a66616 Move remaining classes to own namespace
So everything can be loaded using PSR-4. These classes weren't renamed,
nor the alias for the AbuseFilter class was deprecated, because they
should be refactored first.

Change-Id: Ia328db58eb326968edf5591daac9bacf8c2f75da
2021-01-04 12:11:58 +01:00
Daimona Eaytoy d2fa65673c Move maintenance scripts to a separate namespace
Depends-On: Iaf3c218abd5578d604a89634c38d9156bb19a0d2
Change-Id: Ifcc2bff9e400fde564179fe6b96496ceae6b8623
2021-01-04 12:09:00 +01:00
Daimona Eaytoy 6e27a9ddb3 Cleanup variables-related classes
Change-Id: I20a7fe1a40255043ed0d125dee61ea6052dda69c
2021-01-02 18:19:38 +01:00
Daimona Eaytoy 762d71c51d Create a dedicated namespace for variables-related classes
Some cleanup is left for later to keep the diff easier to read.

Change-Id: Ife445b5e47e707ab77ec867ac3b005866aa74ef2
2021-01-02 18:16:48 +01:00
Daimona Eaytoy d3b330b6d4 Create a VariablesManager service
This makes VariableHolder a true value object, and introduces a
stateless service, VariableManager, to operate on it.

Note, in theory, this new service is still cyclically coupled with
LazyVariableComputed. However, it's now two stateless service being
coupled, not two smart/god value objects, so we've still earned
something. For now, the dependency is hidden by using a callback. Some
alternatives for that are mentioned in a code comment.

Bug: T261069
Change-Id: I2f2c84c8e91472ba36084a8bbb4a923f6e04354b
2021-01-02 17:15:31 +00:00
Matěj Suchánek f5b18a36bf Move special page classes to own namespace
Change-Id: Ic2d13518924e77b1be96d1a7489abcd07e6d1dab
2021-01-02 10:54:13 +01:00