wikimedia/mediawiki-extensions-AbuseFilter
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git synced 2024-11-27 23:40:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
6185 commits 11 branches 20 tags 106 MiB
Commit graph

6185 commits

This branch
This branch
All branches
Author SHA1 Message Date
Daimona Eaytoy 3413d15b68 Apply proper visibility checks for recentchanges queries 
Follow-up: I6063c02fa261c4cc0e6dbbb2db4e111eb85912c2

Bug: T274152
Bug: T274158
Change-Id: I71a6d521bd12931ce60eec4d2dc35af19146000f
 2021-03-11 11:52:48 +01:00
Translation updater bot e28d15c55e Localisation updates from https://translatewiki.net. 
Change-Id: I762b4898d206f735e307f551027119213b0ec8d1
 2021-03-11 08:35:48 +01:00
libraryupgrader aeccd5b8b9 build: Updating eslint-config-wikimedia to 0.19.0 
Additional changes:
* eslint: Renamed `wikimedia/client` profile to `client-es5` (T277085).

Change-Id: I2ef2da7d95f8f40fe9ccfa9c9a5aff34bef42ef3
 2021-03-10 23:05:48 +00:00
Translation updater bot 105471ccb5 Localisation updates from https://translatewiki.net. 
Change-Id: I0ca04a44d19720cd3520ee38deb0a8cc41393c6f
 2021-03-10 08:31:25 +01:00
jenkins-bot 12f230b94b Merge "SECURITY: Remove deleted rows from /examine and /test" 2021-03-09 23:03:42 +00:00
jenkins-bot 577aa83309 Merge "SECURITY: Avoid deleted usernames leak in page_recent_contributors" 2021-03-09 22:50:20 +00:00
jenkins-bot 01d9cb2a89 Merge "SECURITY: Skip deleted RCs in /test if we're only showing matches" 2021-03-09 22:50:17 +00:00
jenkins-bot ecd84180c7 Merge "SECURITY: Avoid info leaks in ApiAbuseFilterCheckMatch" 2021-03-09 22:41:37 +00:00
jenkins-bot b9bd4b9492 Merge "SECURITY: Don't filter suppressions" 2021-03-09 22:41:35 +00:00
Daimona Eaytoy 33445addff SECURITY: Remove deleted rows from /examine and /test 
This is kind of a nuclear option, if anything in a row is hidden, we
hide the whole row. This is just to keep this patch slim. A public
follow-up will adjust the visibility

Bug: T274152
Change-Id: I6063c02fa261c4cc0e6dbbb2db4e111eb85912c2
 2021-03-09 16:10:16 -06:00
Daimona Eaytoy f25c96f472 SECURITY: Avoid deleted usernames leak in page_recent_contributors 
Bug: T71367
Change-Id: I8d5ed9ca84282ee50832035af86123633fc88293
 2021-03-09 15:56:09 -06:00
Daimona Eaytoy 18f439053e SECURITY: Skip deleted RCs in /test if we're only showing matches 
Otherwise we'd be telling whether the filter matches or not the edit. If
we're showing all edits regardless of whether they match the filter, we
can keep showing the row: it will be redacted (and the filter result
hidden) by AbuseFilterChangesList.

Bug: T223654
Change-Id: I3f7dbd8b873d411e37c8c3aac2339bf5ec36907d
 2021-03-09 15:46:21 -06:00
sbassett 64f3f7e6c5 SECURITY: Avoid info leaks in ApiAbuseFilterCheckMatch 
There are various info leaks for both deleted rc rows, and suppressed
AbuseLog entries.

Bug: T223654
Change-Id: I4900b1be73323599d74e3164447f81eded094d75
 2021-03-09 15:41:31 -06:00
Daimona Eaytoy 59e45409a6 SECURITY: Don't filter suppressions 
Bug: T71617
Change-Id: I38a0a24fa32ca7a052b6940864a32b3856e84553
 2021-03-09 15:38:55 -06:00
Daimona Eaytoy c5d19577a4 Fix method names of hook interfaces 
The hook names contain a dash, which is mapped to an underscore by the
hook runner (see Ie8c8fb603b33ff95c8f8d52f392227f147c528d8), and the
previous method names weren't matching this.

Follow-up: Ic5c82a367e34135bbc0f00ece5aeef4f2d92881b

Change-Id: Ie80b62c49b2f4aaea49d5a1883f513348689d16a
 2021-03-09 17:03:14 +00:00
jenkins-bot 5c355d3acb Merge "Use Language::userTimeAndDate" 2021-03-09 12:22:38 +00:00
Translation updater bot be4f6a387b Localisation updates from https://translatewiki.net. 
Change-Id: I0bad8181ddf6f22ad959285994ca0df254204713
 2021-03-09 08:31:31 +01:00
Umherirrender 5e12102b6d Use Language::userTimeAndDate 
Avoid use of global user

Change-Id: Ic30cfe705dfe39fca7dd45c6c2e1248dd37f08ff
 2021-03-09 00:54:03 +01:00
Daimona Eaytoy 25d1abde0b Fix hook name 
Dashes are mapped to underscores, but following the "modern" convention,
the hook name should be pure PascalCase.

Bug: T275798
Change-Id: I77909b3ee772b983c7933f3b82230476772bd3b5
 2021-03-08 16:15:23 +00:00
Vadim Kovalenko 62376f437e Replace UserIdentity::getUserId with ::getId 
Bug: T275482
Change-Id: Ie9fd52005ca1eb264dc791a2f87d7308a9e8810e
 2021-03-08 09:18:49 -05:00
Translation updater bot 7356f87082 Localisation updates from https://translatewiki.net. 
Change-Id: Ia323cd056d4ce166fe00253d34ddc2ab1b741dac
 2021-03-08 08:44:51 +01:00
jenkins-bot 12f4e81964 Merge "Simplify AbuseFilterBlockTest" 2021-03-06 09:23:26 +00:00
Daimona Eaytoy 92ecccbdc7 Simplify AbuseFilterBlockTest 
Requires injecting a temporary block factory, and excluding
ManualLogEntry::insert from the test, but it's now much cleaner and
quicker.

It still cannot be a unit test due to the usage of User.

Change-Id: Iba9732d6d79733b31b45eb4d0187b1c8a82499dc
 2021-03-05 14:18:01 +00:00
Translation updater bot 51f37697dc Localisation updates from https://translatewiki.net. 
Change-Id: I89853907ba659a8b715622e386db41c97eeef3bd
 2021-03-05 08:54:53 +01:00
libraryupgrader ebea8cd3de build: Updating eslint-config-wikimedia to 0.18.2 
Change-Id: I83981fb720ee219230f9f6094c18fdf29d7f4ba0
 2021-03-05 04:35:46 +00:00
Translation updater bot 17cf903cd4 Localisation updates from https://translatewiki.net. 
Change-Id: Iffa9ae7a3620ef16f6de04cf38ce13d9d711429f
 2021-03-04 08:37:05 +01:00
Translation updater bot 507e3fb0c5 Localisation updates from https://translatewiki.net. 
Change-Id: Id111612a538f205ac19d9bad761cc94e6f1110d2
 2021-03-02 08:48:17 +01:00
Daimona Eaytoy 124031fe09 Stop using deprecated User::addGroup in tests 
Bug: T276094
Change-Id: I299f89fbb4a4f6ba36ef4b77987bda9f2159d311
 2021-03-01 15:28:08 +01:00
Translation updater bot d518c0f60c Localisation updates from https://translatewiki.net. 
Change-Id: Id543fd03b70ef4d3ef6639dd1510c10bffc0e9fa
 2021-03-01 08:49:36 +01:00
jenkins-bot 50334c27ce Merge "Use a different message for unprivileged users" 2021-02-28 14:05:08 +00:00
jenkins-bot ef4a5c4115 Merge "Make FilterProfiler independent of DeferredUpdate" 2021-02-28 13:18:51 +00:00
Matěj Suchánek 709803eb46 Make FilterProfiler independent of DeferredUpdate 
Schedule the deferred update from FilterRunner, just like
we do with EmergencyCache.

Change-Id: I121211bb02a77c191001d11d4af3796e8572967e
 2021-02-28 12:03:05 +01:00
jenkins-bot 66f8e44295 Merge "Reject filters with invalid groups" 2021-02-27 20:07:29 +00:00
Daimona Eaytoy 3365a648f2 Reject filters with invalid groups 
It is currently possible to save a filter with an invalid group, if you
manually change the form data. So prevent this by validating the group
before saving.

Change-Id: I03f80b8c6ab583a357273f7b2679a424ac784db7
 2021-02-27 16:01:09 +00:00
jenkins-bot 34a2660ad2 Merge "Use independent stats for emergency disable" 2021-02-26 18:06:16 +00:00
Matěj Suchánek b8ac52c51c Use independent stats for emergency disable 
Bug: T264629
Change-Id: I64b611243b6a4c136b82b09f2ccf588d1c3e3426
 2021-02-26 18:10:49 +01:00
Translation updater bot 9f1ef6bf3d Localisation updates from https://translatewiki.net. 
Change-Id: I894ae8afb29415e07f34955fe39c07add4de643e
 2021-02-25 08:37:48 +01:00
Translation updater bot 550a0936fc Localisation updates from https://translatewiki.net. 
Change-Id: Ia4e98950c04acb33189bf5fa695261402fa2ab8d
 2021-02-24 08:50:35 +01:00
Translation updater bot d224021c89 Localisation updates from https://translatewiki.net. 
Change-Id: Ic69954193f63b65e14ec1d00e7a6af8194b685a4
 2021-02-23 08:47:00 +01:00
jenkins-bot 1f3597f925 Merge "Update hit counts in a DeferredUpdate" 2021-02-23 06:34:17 +00:00
jenkins-bot 1b6e209ce6 Merge "Create a new method for authorizing access to test tools" 2021-02-22 18:00:06 +00:00
jenkins-bot 63a9c86607 Merge "Improve test coverage metrics" 2021-02-22 17:00:23 +00:00
jenkins-bot 54c56139a9 Merge "Avoid using User ::getCanonicalName" 2021-02-22 16:56:12 +00:00
jenkins-bot ea6a6ab4fc Merge "Fix StatsdDataFactory injection" 2021-02-22 16:56:09 +00:00
daniel 63a497fb56 Don't set actor on UserIdentityValue in tests. 
The actor ID is being removed from UserIdentityValue. Non-zero values
are triggering a deprecation warning now.

Needed-By: I9925906d11e47efaec3c1f48d5cb3f9896a982c1
Change-Id: Id60e56e70f6e4b44f49887d9e5ae5a23b1fd19a2
 2021-02-22 11:30:54 +00:00
Matěj Suchánek 569c02f3ae Fix StatsdDataFactory injection 
This was an obvious mistake and contradiction to
what the above comment stated.

Bug: T275369
Change-Id: Idf0c012151738fd842101586ab5c3e2656a86db2
 2021-02-22 12:08:50 +01:00
Translation updater bot cc3dbe149d Localisation updates from https://translatewiki.net. 
Change-Id: I1f5f9b45ad3d7f2e80fc5d0b4e90e2b15e6e58b0
 2021-02-22 08:49:55 +01:00
vladshapik dcd038e613 Avoid using User ::getCanonicalName 
Remove using of User::getCanonicalName since this method will be hard-deprecated. Now it is soft-deprecated

Bug: T275030
Change-Id: I3ce1199f18276096279ce3c80f63e53d023a0f5a
 2021-02-21 23:16:40 +02:00
Matěj Suchánek c2376efddc Improve test coverage metrics 
Change-Id: I1618883e3ade7dde538242fb51a36c22999df76d
 2021-02-21 09:59:52 +01:00
jenkins-bot b050e36843 Merge "Align arg counting between the parsers" 2021-02-21 03:37:52 +00:00