Commit graph

6218 commits

Author SHA1 Message Date
Umherirrender 32f7ae140e Use ::class for class name
This works also for non-existing classes,
because it is resolved on compile time

Change-Id: Ia3a1484c9c4f46a128c367ddd057c41dd560111d
2021-04-08 20:54:48 +02:00
Daimona Eaytoy 3e2153b86b Update userCanViewRev to use Authority
Change-Id: Ia10acf499ce33af03eeea45e34779a00e6628fe1
2021-04-07 13:55:10 +02:00
DannyS712 5d8ac68310 Convert AbuseFilterDBTest to pure unit tests
No integration needed, use a mock user.

Change-Id: I206d019aec626e6e4c16de10ecf30a29d5ab12e5
2021-04-06 16:28:35 +00:00
Translation updater bot 85eab17de8 Localisation updates from https://translatewiki.net.
Change-Id: I5106f90cf220a87f60715d222ef0f43230fca3a7
2021-04-06 12:01:13 +02:00
Matěj Suchánek edc347aee2 Clean up AbuseFilterViewRevert
- mark properties as private (unused outside)
  and rename them to avoid legacy naming
- do result filtering server-side
- order query by timestamp

Change-Id: If2d714753a2b040c5cefa8f8126f82a3c08dab44
2021-04-02 19:29:12 +02:00
jenkins-bot 69c2b2ca79 Merge "Api: inject AbuseFilterPermissionManager where needed" 2021-04-02 16:20:14 +00:00
Translation updater bot 7e565776cd Localisation updates from https://translatewiki.net.
Change-Id: I6b2e865b0f98e31bde375c5b6e462a4a49f18205
2021-04-02 09:48:00 +02:00
Translation updater bot 5b598954b5 Localisation updates from https://translatewiki.net.
Change-Id: I2fa9dfa8d5c463d85f939440f94f4d1f54b931bc
2021-04-01 08:36:19 +02:00
Umherirrender b849e5daea Move documentation from hooks.txt to hook interfaces
The new system allows to have documentation directly at the interfaces

Change-Id: I3e8afb3605dea80db95e314b3dd42087e9bc1b06
2021-03-31 21:50:30 +02:00
Translation updater bot 3a8ae56eb1 Localisation updates from https://translatewiki.net.
Change-Id: Ibe0e3bc56563570f218a47f38b53ba04befaae04
2021-03-31 08:34:52 +02:00
Translation updater bot bb82ff7a50 Localisation updates from https://translatewiki.net.
Change-Id: I5964fa5a92beabe305ec3104af153c35cf208f83
2021-03-29 08:34:58 +02:00
DannyS712 1bd0b02441 Api: inject AbuseFilterPermissionManager where needed
Some of these api modules still retrieve other services
statically, this patch is focused just on injecting the
permission manager and setting up DI

Bug: T259960
Change-Id: Ic5196f230d68604fdf321f705377a1e6e1e2efca
2021-03-28 15:22:59 +00:00
jenkins-bot e616e5b71c Merge "selenium: Remove ChromeDriver dependency" 2021-03-26 19:02:24 +00:00
daniel 65c5fd6b51 Construct UserIdentityValue without actorId
The actorId parameter to the UserIdentityValue constructor has been
deprecated.

Change-Id: I4a22e761276a9fefa15c7b1554a0d03980d0c663
Needed-By: I9925906d11e47efaec3c1f48d5cb3f9896a982c1
2021-03-26 11:00:56 +01:00
Translation updater bot 2712e1d2c9 Localisation updates from https://translatewiki.net.
Change-Id: I5fc7e49685aa572236843eac2ff7320c1cabf374
2021-03-26 08:48:52 +01:00
daniel e954ecfe19 Fix UserIdentityValue constructor call in test
Change-Id: If905e442444d319114e86ce78007bdc6dbc9c9f2
Needed-By: I9925906d11e47efaec3c1f48d5cb3f9896a982c1
2021-03-25 15:13:15 +01:00
jenkins-bot 92ffc1a7ed Merge "Don't directly instantiate PageEditStash" 2021-03-25 10:51:09 +00:00
Translation updater bot bad4b1baba Localisation updates from https://translatewiki.net.
Change-Id: I24e397e4e47e3182c810f056e4ceaa202717f844
2021-03-25 08:40:09 +01:00
Petr Pchelko e92d74ad51 Don't directly instantiate PageEditStash
Needed-By: I7164b914299441bd0f82e764252c8b5d30b45fbe
Change-Id: Iab96a35be8f50fdbc66194bd8956d98b5b6b0032
2021-03-24 21:03:46 -06:00
DannyS712 db8d373a87 LazyVariableComputer: update parseNonEditWikitext documentation
Article::prepareContentForEdit is deprecated and being removed,
refer to WikiPage::prepareContentForEdit instead

Plus remove an extra line

Change-Id: Ie4438c710639a16557816b53510ce230d15d641c
2021-03-24 17:32:31 +00:00
Translation updater bot 4f8f420e2e Localisation updates from https://translatewiki.net.
Change-Id: I53181de75750e17a88294a356c1ca25ab9c50ac2
2021-03-24 08:29:21 +01:00
Željko Filipin 682b76662e selenium: Remove ChromeDriver dependency
Since WebdriverIO v5, Puppeteer is available as a Chromedriver
alternative.

Puppeteer is bundled with WebdriverIO. Chromedriver needs to be installed
(and started/stopped) separately. Getting rid of Chromedriver simplifies
our documentation, among other things.

The commit updates tests/selenium/wdio.conf.js to use Puppeteer.

Bug: T269566
Change-Id: Ib2a547792a34e6d40137432f7800b5f71c254c36
2021-03-23 18:03:29 +00:00
Translation updater bot 5780e3549a Localisation updates from https://translatewiki.net.
Change-Id: I12ea7fd4eb667b30ce35890fa0062625e4da6897
2021-03-22 08:35:17 +01:00
Daimona Eaytoy 8b81df4d16 Fix fatal when computing user_editcount for anons
UserEditTracker checks that the user is not anonymous, whereas
User::getEditCount() would just return null. This was not spotted by
tests because UserEditTracker is mocked.

Bug: T277859
Follow-up: I8a55bd5cb17bbc259ec36c40261058e0b46ee4a6
Change-Id: I05fb6cc780c80b72b3278e6dc670ed2025628ffb
2021-03-19 13:09:03 +01:00
jenkins-bot fa8358ce0c Merge "Replace RecentChange::getPerformer with RecentChange::getPerformerIdentity" 2021-03-18 14:15:11 +00:00
jenkins-bot b23278d5a8 Merge "Apply proper visibility checks for recentchanges queries" 2021-03-18 10:03:54 +00:00
Vadim Kovalenko 85be3c57bc Replace RecentChange::getPerformer with RecentChange::getPerformerIdentity
Bug: T276412
Change-Id: I8a55bd5cb17bbc259ec36c40261058e0b46ee4a6
2021-03-15 16:57:40 +02:00
Translation updater bot d11aac3a5d Localisation updates from https://translatewiki.net.
Change-Id: I97e71f3e371aabef2a99424466911da0262c8d1e
2021-03-15 08:39:28 +01:00
jenkins-bot c0cb48abaf Merge "UserIdentityValue: do not provide actor ID" 2021-03-13 21:30:27 +00:00
jenkins-bot 1c5e5eb1e2 Merge "Create distinct builders for plain and ace editor" 2021-03-13 13:36:53 +00:00
daniel 05e416ef11 UserIdentityValue: do not provide actor ID
Depends-On: Ic2ca6d489db821fc2334e53bf2496c7b0d3ea5b1
Change-Id: I76e0a5b0dd68b763bdd0c5e4fe5d09f98e350ce1
Needed-By: I9925906d11e47efaec3c1f48d5cb3f9896a982c1
Bug: T274179
2021-03-12 16:38:51 +01:00
Translation updater bot beab67757e Localisation updates from https://translatewiki.net.
Change-Id: Ifb6bce639cb36070aed2a584e1433f4ae1cf1206
2021-03-12 08:44:36 +01:00
Daimona Eaytoy 3413d15b68 Apply proper visibility checks for recentchanges queries
Follow-up: I6063c02fa261c4cc0e6dbbb2db4e111eb85912c2

Bug: T274152
Bug: T274158
Change-Id: I71a6d521bd12931ce60eec4d2dc35af19146000f
2021-03-11 11:52:48 +01:00
Translation updater bot e28d15c55e Localisation updates from https://translatewiki.net.
Change-Id: I762b4898d206f735e307f551027119213b0ec8d1
2021-03-11 08:35:48 +01:00
libraryupgrader aeccd5b8b9 build: Updating eslint-config-wikimedia to 0.19.0
Additional changes:
* eslint: Renamed `wikimedia/client` profile to `client-es5` (T277085).

Change-Id: I2ef2da7d95f8f40fe9ccfa9c9a5aff34bef42ef3
2021-03-10 23:05:48 +00:00
Translation updater bot 105471ccb5 Localisation updates from https://translatewiki.net.
Change-Id: I0ca04a44d19720cd3520ee38deb0a8cc41393c6f
2021-03-10 08:31:25 +01:00
jenkins-bot 12f230b94b Merge "SECURITY: Remove deleted rows from /examine and /test" 2021-03-09 23:03:42 +00:00
jenkins-bot 577aa83309 Merge "SECURITY: Avoid deleted usernames leak in page_recent_contributors" 2021-03-09 22:50:20 +00:00
jenkins-bot 01d9cb2a89 Merge "SECURITY: Skip deleted RCs in /test if we're only showing matches" 2021-03-09 22:50:17 +00:00
jenkins-bot ecd84180c7 Merge "SECURITY: Avoid info leaks in ApiAbuseFilterCheckMatch" 2021-03-09 22:41:37 +00:00
jenkins-bot b9bd4b9492 Merge "SECURITY: Don't filter suppressions" 2021-03-09 22:41:35 +00:00
Daimona Eaytoy 33445addff SECURITY: Remove deleted rows from /examine and /test
This is kind of a nuclear option, if anything in a row is hidden, we
hide the whole row. This is just to keep this patch slim. A public
follow-up will adjust the visibility

Bug: T274152
Change-Id: I6063c02fa261c4cc0e6dbbb2db4e111eb85912c2
2021-03-09 16:10:16 -06:00
Daimona Eaytoy f25c96f472 SECURITY: Avoid deleted usernames leak in page_recent_contributors
Bug: T71367
Change-Id: I8d5ed9ca84282ee50832035af86123633fc88293
2021-03-09 15:56:09 -06:00
Daimona Eaytoy 18f439053e SECURITY: Skip deleted RCs in /test if we're only showing matches
Otherwise we'd be telling whether the filter matches or not the edit. If
we're showing all edits regardless of whether they match the filter, we
can keep showing the row: it will be redacted (and the filter result
hidden) by AbuseFilterChangesList.

Bug: T223654
Change-Id: I3f7dbd8b873d411e37c8c3aac2339bf5ec36907d
2021-03-09 15:46:21 -06:00
sbassett 64f3f7e6c5 SECURITY: Avoid info leaks in ApiAbuseFilterCheckMatch
There are various info leaks for both deleted rc rows, and suppressed
AbuseLog entries.

Bug: T223654
Change-Id: I4900b1be73323599d74e3164447f81eded094d75
2021-03-09 15:41:31 -06:00
Daimona Eaytoy 59e45409a6 SECURITY: Don't filter suppressions
Bug: T71617
Change-Id: I38a0a24fa32ca7a052b6940864a32b3856e84553
2021-03-09 15:38:55 -06:00
Daimona Eaytoy c5d19577a4 Fix method names of hook interfaces
The hook names contain a dash, which is mapped to an underscore by the
hook runner (see Ie8c8fb603b33ff95c8f8d52f392227f147c528d8), and the
previous method names weren't matching this.

Follow-up: Ic5c82a367e34135bbc0f00ece5aeef4f2d92881b

Change-Id: Ie80b62c49b2f4aaea49d5a1883f513348689d16a
2021-03-09 17:03:14 +00:00
jenkins-bot 5c355d3acb Merge "Use Language::userTimeAndDate" 2021-03-09 12:22:38 +00:00
Translation updater bot be4f6a387b Localisation updates from https://translatewiki.net.
Change-Id: I0bad8181ddf6f22ad959285994ca0df254204713
2021-03-09 08:31:31 +01:00
Umherirrender 5e12102b6d Use Language::userTimeAndDate
Avoid use of global user

Change-Id: Ic30cfe705dfe39fca7dd45c6c2e1248dd37f08ff
2021-03-09 00:54:03 +01:00