Why:
* Filters should only be protected if they contain protected
variables, or have done in the past.
* Before T377765, it was possible to protect any filter, and at
least one filter was mistakenly protected.
* To check whether any other filters have been mistakenly
protected, it is helpful to run a query on all databases for
protected filters.
What:
* Add an option to maintenance/SearchFilters to allow searching
by privacy level.
Bug: T380290
Change-Id: I40837de7c63fb8001734df80524a0bf79ff50135
Why:
* The maintenance script RemoveProtectedFlagFromFilter was added
to fix a mistake where a filter was 'protected' that shouldn't
be.
* There are certain steps that should be taken before and after
the script is run. These are not yet documented.
What:
* Document that the script should only be run after checking that
no data will be leaked.
* Document that a note should be left for filter editors to
explain when and why the script was run.
Bug: T380290
Change-Id: Iffe35c87782fdd499937565f1f8da62bfd36f93d
Why:
* Protected variables were introduced to support temporary accounts
so that temporary users could be filtered based on their IP address.
* Filters that use protected variables are protected in order to
preserve privacy. This can't be undone.
* It is mistakenly possible to protect a filter that does not use
protected variables (T378553). We need a mechanism to fix these
mistakes.
What:
* Introduce a maintenance script that takes a filter ID and, if the
filter is protected, sets it to unprotected while maintaining any
other existing privacy levels.
Bug: T378551
Change-Id: I4dfe3970221397d5be5ea0697490d8c8e3726adf
Changes to the use statements done automatically via script
Addition of missing use statement done manually
Change-Id: If80031678a474157e4cc78a3d3621dab53aded67
Why:
* The SearchFilters.php maintenance script fails to produce any
filters when the --pattern option is not provided
* This is because the condition that checked for a missing pattern
did this after it was passed through ::addQuotes, which made
the value always truthy.
What:
* Fix this bug, so that the --consequence option can be provided
without the --pattern option.
Bug: T373148
Change-Id: I316d3f940a8e7616a56040077a20563ee653515b
Why:
* SearchFilters.php allows the caller to search by a regex that
is applied to the pattern.
* This script can be expanded to allow callers to specify what
consequence should be associated with the filters that are
outputted.
What:
* Add a 'consequence' option to the SearchFilters.php maintenance
script, which is applied through a LIKE query on the
af_actions column.
** This can be specified with or without the pattern option.
** Instead of making pattern required, the script now requires
that one of consequence or pattern is provided.
* Expand the tests for the script for this new code, along with
using the new ::expectCallToFatalError method to be able to
test previously untestable code.
Bug: T373148
Change-Id: I1b507d8f9dc1f4cf91ee4f83ccde745eb6d46d6d
get_debug_type() does the same thing but better (spelling type names
in the same way as in type declarations, and including names of
object classes and resource types). It was added in PHP 8, but the
symfony/polyfill-php80 package provides it while we still support 7.4.
Also remove uses of get_class() where the new method already provides
the same information.
For reference:
https://www.php.net/manual/en/function.get-debug-type.phphttps://www.php.net/manual/en/function.gettype.php
Change-Id: I5e65a0759df7fa0c10bfa26ebc3cda436630f456
Changes to the use statements done automatically via script
Addition of missing use statement done manually
Change-Id: I48fcc02c61d423c9c5111ae545634fdc5c5cc710
First patch in a series of dropping the old columns.
Wikis now need to run the maintenance script (e.g., via
update.php) prior to serving this commit.
Wikimedia wikis are already on SCHEMA_COMPAT_NEW stage.
Bug: T188180
Change-Id: I86ec2b816eed17b62bf02bfd085570f132011b3e
InsertQueryBuilder does not ignore insert of no rows,
adding some conditions to avoid calling the query builder
Change-Id: I1752b90cc3a7ec3a7f9ee32a1873bf8c82b6e02e
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.FunctionComment.MissingDocumentationPublic
Change-Id: I6075c76d53a899aac56af027f9a956a6b9e6a667
This requires 1.42 for some new names
Changes to the use statements done automatically via script
Addition of missing use statements and changes to docs done manually
Change-Id: Ic1e2c9a0c891382744e4792bba1effece48e53f3
Protected effectively means "public to subclasses" and should be
avoided for the same reasons as marking everything as public should
be avoided.
Change-Id: Iba674b486ce53fd1f94f70163d47824e969abb77
This patch migrates abuse_filter and abuse_filter_history tables
to new actor schema.
MigrateActorsAF was copy-pasted from core's
maintenance/includes/MigrateActors.php before removal (ba3155214).
Bug: T188180
Change-Id: Ic755526d5f989c4a66b1d37527cda235f61cb437
Looks like it's needed for the UpdateVarDumps script, so add a note
about that. Also add a type check to the script so that it produces a
clearer error message if it finds an entity with unexpected type.
Bug: T331861
Change-Id: I68f8f954ed754c4282e13599ce06118e2336ecbb
Follows-up Iaa1b4683c5c856.
* Match $IP pattern verbatim from most other WMF extensions.
* Improve descriptions a bit, and move/merge any meaningful
information from file docblock into class docblock. The file blocks
are visually ignored and identical in each file, and often out of
date or duplicated when given text separately from the class block.
See also similar changes in core:
https://gerrit.wikimedia.org/r/q/message:ingroup+owner:Krinkle
* Use `@internal` instead of `@private` as per Stable interface
policy.
Change-Id: I8bed9a625af003446c7e25f6b794931164767b5a
* Match $IP pattern verbatim from most other WMF extensions.
* Lowercase "Address".
* Change description to be more explicit.
* Change printed lint to be shorter once it starts running.
Change-Id: Iaa1b4683c5c856c752065797cf651ca7b1b46943
On second thought, no need to keep the migration script now, since it's
unusable anyway.
Also remove an usage in SpecialAbuseLog, likely a rebase artefact.
Change-Id: I938924b3617ef30046d8317e68a101ed2c1883d3
Something somewhere is leaving error_reporting in a dirty state
causing AbuseFilter's ConsequencesExecutorTest case to fail for
the core change Ic9fee6cdd88001025.
Per T253461, we're meant to eventually remove this anyway, so might
as well remove it in areas that are known to get it wrong somehow.
Change-Id: I2a665f09a357f2f2cc258d8c4011d49a7ab9c13b
So everything can be loaded using PSR-4. These classes weren't renamed,
nor the alias for the AbuseFilter class was deprecated, because they
should be refactored first.
Change-Id: Ia328db58eb326968edf5591daac9bacf8c2f75da
This makes VariableHolder a true value object, and introduces a
stateless service, VariableManager, to operate on it.
Note, in theory, this new service is still cyclically coupled with
LazyVariableComputed. However, it's now two stateless service being
coupled, not two smart/god value objects, so we've still earned
something. For now, the dependency is hidden by using a callback. Some
alternatives for that are mentioned in a code comment.
Bug: T261069
Change-Id: I2f2c84c8e91472ba36084a8bbb4a923f6e04354b