Commit graph

88 commits

Author SHA1 Message Date
Daimona Eaytoy f382304aae Add a base class for parser transition
Change-Id: I31282b8632c332b6d46a6bb4a42f57ac0d005b5f
2019-12-15 13:29:56 +00:00
James D. Forrester cff9889549 Move test-only classes to new TestAutoloadClasses declaration
Bug: T196090
Depends-On: I88cf69663362fd599c20649b1df641907a02678d
Change-Id: I5e3ef040628c4ff629a8aabc56a3b8ba259b7e78
2019-12-10 12:18:17 -08:00
DannyS712 a137992900 Restrict viewing Special:Log/AbuseFilter, and remove from recent changes
Only allow users with `abusefilter-view` to see abuse filter log
entries. Note that this is different from the abuse log itself.

Bug: T34959
Change-Id: I587c2eb9bdc2e5ca2652aa338440cdc5b6eb9235
2019-11-10 10:41:17 +00:00
Daimona Eaytoy ce8539e2a5 Move parser tests back to /unit
Using `new LanguageEn()` involved a global, so use a MockObject instead.
Also fix LoggerFactory usage in Tokenizer to use DI instead.

Change-Id: I94d03f9459ab6444e239386eb96a0c2434bfe3dc
2019-09-03 13:23:11 +00:00
Kosta Harlan 984e06639d Move non-unit tests back into default (integration) directory
Follows-up Id8412e2b8a4e873fd4821ecc1a3c95710be9a870.

Change-Id: Ib92cfbb637e0143a5481212f11a6e511929d6801
2019-09-01 19:57:26 +00:00
Daimona Eaytoy d51ca862c6 Move parser tests to /unit
IMHO these can be considered unit tests; they were already fast, but now
they're executed in an instant.
This requires several changes: 1 - delay retrieving messages in
AFPUserVisibleException, to avoid having to deal with i18n whenever we
want to test exceptions; 2 - Use some DI for Parser and Tokenizer.
Equivset-dependend tests are also moved to a new class, thus helping to
fix the AF part of T189560.

Change-Id: If4585bf9bb696857005cf40a0d6985c36ac7e7a8
2019-08-28 16:36:37 +00:00
Daimona Eaytoy d515af0ae6 Add a new class for the CachingParser's AST
This allows a little bit more of abstraction: we can store other data in the
tree, without having to store it in a specific node (e.g. the variables map,
which is still unused). It also adds a few typehints, and specializes
the return value of eval'ing the AST: previously, it was the one of
evalNode, which wasn't guaranteed to be an AFPData. Now we have this
guarantee. Last but not least, we can now measure runtime metrics for
evalTree, which doesn't recurse.
Bonus: fix a check in the old parser, which used the wrong variable when
reporting outofbounds errors.

Change-Id: Iff806793b1d968e9bb6220f1459f3d0ac587c7da
2019-08-25 17:29:16 +00:00
Huji Lee 1ddb65021b Add links to AbuseFilter logs on Special:Undelete
Depends-On: I671a0479e877e6c37606b688064cb9c893717709
Bug: T231055
Change-Id: Iebf832c513c6a4e954db0ba2633dd8ba6f27b412
2019-08-23 14:56:43 +00:00
jenkins-bot 4c4677698b Merge "Rearrange config to provide better experience" 2019-08-15 12:39:59 +00:00
Daimona Eaytoy f71d731b61 Rearrange config to provide better experience
In order to bundle AbuseFilter, we have to provide an optimal
configuration for sysadmins. This patch aims to provide such
configuration, and of course it's open to changes.
Changed values:
*Grant abusefilter-view-private to admins. This is mostly for
redundancy-safety (they already have -modify)
*Grant modify-restricted to admins (see T200032)
*Disable the 'degroup' action. This is really dangerous, not ideal to be
enabled by default.
*Grant the abusefilter-revert right to sysops. This is similar to
assigning the modify-restricted right in its rationale.
*Add abusefilter-log-private to viewrestrictedlogs grant. This right
should go together with abusefilter-view-private. (T226987)
*Remove abusefilter-revert from the rollback grant, as that right is
for reverting AF actions and has nothing to do with rollbacks.

This mostly copies the config of WMF production: degrouping is already
disabled there, and modify-restricted should
be assigned to sysops on WMF wikis as well. The assignment of the
abusefilter-view-private and abusefiliter-revert rights is handled in
I09cb462312c5bbc71ee3a8f0fbd91357908130d4 (parent patch) to keep the
status quo.

NOTE: this patch should be *deployed* together with the config patch to
avoid discontinuities. Thus, please ONLY provide a virtual +2 using a
+1, and I'll coordinate the +2 with a deployer.

Bug: T191740
Bug: T200032
Bug: T226987
Depends-On: I09cb462312c5bbc71ee3a8f0fbd91357908130d4
Change-Id: I58f215b8aa3444602532098a3c9dfd25409f29eb
2019-08-13 09:42:42 +00:00
Daimona Eaytoy c34181e548 Add a new API module to retrieve private details from AbuseLog
Follow-up of Iaca492371f48fecf543268c179a651841ed12c3f. This patch adds
the new module, plus some technical changes to private details-related
methods and globals.

Bug: T210329
Depends-On: I613dbadb8f75c8c4116a362607563a436a73d321
Change-Id: I3c45b74c36c191083df184ed57416067a75f6591
2019-08-09 21:10:28 +00:00
Daimona Eaytoy c7ccb68058 Use "privatedetails" instead of "private" where needed
To keep a clear distinction between "private details" (i.e. user's ip)
and "private filters" (i.e. not publicly viewable). This patch renames
rights, i18n keys and methods names.
The patch for renaming globals and rights in WMF config is
I7e6b3d4453403edb6aa602587374b4ff5b6d625f.

Bug: T211004
Change-Id: I613dbadb8f75c8c4116a362607563a436a73d321
2019-08-09 21:10:22 +00:00
jenkins-bot 1fa5eef94c Merge "Overhaul Blockautopromote action" 2019-08-07 23:03:08 +00:00
Daimona Eaytoy 483dab1732 Add a parent class for special pages
This allows us to extract yet another static method from the AbuseFilter
class. This class should be expanded in the future, and an example use
case could be Ia5fd4f0b35fcabf045a7b49fa40fa85b72c92544.

Depends-On: I7c0170167b508132cd16e566c654a6c98dd683e9
Change-Id: I1bb45e47c3b42c01388b99778ce833e4e44419e1
2019-08-06 14:17:38 +00:00
Daimona Eaytoy 2bdb44d58b Overhaul Blockautopromote action
As for all mostly unused consequences, blockautopromote has a couple of
major problems: first, it blocked the status for a random time between 3
and 7 days, which to me makes no sense at all (is it some sort of
casino?), and this patch fixes it to 5 days. Second, nothing was logged,
not the blocking nor the unblocking. Here I'm adding a LogHandler for
two new sub-actions of 'rights' to keep track of both action.

Bug: T49412
Change-Id: If48a48f5b8baaf9e77c0826466f5d03bb7f691d0
2019-08-05 22:27:49 -04:00
Daimona Eaytoy 4720c97530 Add a new class for methods related to running filters
Currently we strongly abuse (pardon the pun) the AbuseFilter class: its
purpose should be to hold static functions intended as generic utility
functions (e.g. to format messages, determine whether a filter is global
etc.), but we actually use it for all methods related to running filters.
This patch creates a new class, AbuseFilterRunner, containing all such
methods, which have been made non-static. This leads to several
improvements (also for related methods and the parser), and opens the
way to further improve the code.
Aside from making the code prettier, less global and easier to test,
this patch could also produce a performance improvement, although I
don't have tools to measure that.
Also note that many public methods have been removed, and almost any of
them has been made protected; a couple of them (the ones used from outside)
are left for back-compat, and will be removed in the future.

Change-Id: I2eab2e50356eeb5224446ee2d0df9c787ae95b80
2019-07-23 19:06:27 +00:00
Daimona Eaytoy 07e5168eb9 Add a maintenance script to fix broken log entries
A very simple fix for some old entries imploded with '\n' instead of
"\n". As for other scripts, this extends LoggedUpdateMaintenance but it
includes a dry run option to be tested, and a subsequent patch (to be
merged after testing) will add it to update.php.

Bug: T208931
Change-Id: I16d629c05c3b9c9055c68dafd261b0a5c0db9c25
2019-07-15 11:59:45 +00:00
MarcoAurelio 253a913746 Add Daimona Eaytoy to authors
Daimona has been an extraordinary maintainer of this tool and has also
implemented new features on Abuse Filter, so I guess it is just and fair
to include his name to this list.

Hyperlink is because `Daimona Eaytoy` is not a real name, according to
his mediawiki.org userpage (can be removed if required; the law accepts
authorship attributed to pseudonyms).

In addition, the list of authors has been sorted alphabetically by name.
If you prefer to order it by family name instead, please let me know.

Change-Id: I6a3b0a757f9fd2af09358298e55a8b0487ce5b32
2019-07-04 10:30:14 +00:00
Thalia 22ceae7e23 Use MediaWiki\Block\DatabaseBlock instead of Block
This follows the rename of the Block class in I6d96b63ca0.

Change-Id: I44cf9eb68c23a8299316effa4dee7f732486dd84
2019-05-31 16:08:19 +01:00
Daimona Eaytoy 39fc7c12af Restore unit tests for CachingParser and fix it
Added cachingParser back to *all* the parser tests, fixed a couple of
differences with the normal parser, and added a couple of tests so that
any cachingParser-related file has 100% coverage. Also move the remaining
get_matches tests inside parserTests, and specify the parser used in case of failure.
This also adds a new base class for parser-related tests with a couple
of util methods.

Bug: T201193
Change-Id: I980aec3481a52ecc35f1811a366014a5581a7cdb
2019-05-25 10:55:24 +02:00
Daimona Eaytoy f56562f583 Add tests for global filters
Another crucial part to have covered. Also clarify that
AbuseFilterCentralDB can be of the form "dbname-prefix".

Remove a filter used for profiling and replace it with a global one:
we're still fine, and the list is kept shorter.

Bug: T201193
Depends-On: I5ee7ba44a6cd82a5ddb24fb4127af04d96e647f4
Change-Id: If6b91711534c0d60e1aa27bd5748c3023e29f376
2019-05-24 16:58:23 +02:00
Daimona Eaytoy 72c2be7a18 Remove $wgAbuseFilterRuntimeProfiling
The reasoning is similar to the one of the parent patch (Ia5c477edc8733bb1994cb6d01e1371ed496c8bcb). Plus, it records runtime metrics on action different than edits, as there's no reason not to do it.
No performance issues in production.

Bug: T191039
Depends-On: Ia5c477edc8733bb1994cb6d01e1371ed496c8bcb
Change-Id: Ib1112e2fefd0631550d386ba87e5f87db84c3036
2019-03-23 11:31:18 +00:00
Daimona Eaytoy 89520e2353 Remove $wgAbuseFilterProfiling
This variable was introduced to selectively enable profiling because
stats recording was bad for performance. Nowadays, stats are recorded in
a deferredupdate and don't harm performance anymore. Thus, this variable
can be removed and profiling be enabled by default.

Bug: T191039
Depends-On: Ib5fdeb75c1324f672b4ded39681f006fde34b4d1
Change-Id: Ia5c477edc8733bb1994cb6d01e1371ed496c8bcb
2019-03-23 11:31:11 +00:00
jenkins-bot de4e971c72 Merge "Remove usage of MakeGlobalVariablesScript hook" 2019-03-17 10:32:30 +00:00
Daimona Eaytoy 0df04cd829 Fix a typo in EmergencyDisable globals description
And specify what we mean with "dangerous actions".

Change-Id: Ida5827978b257cfdf61786c7e19c11a1dc74c664
2019-02-16 14:43:29 +01:00
Daimona Eaytoy fca80fa976 Remove usage of MakeGlobalVariablesScript hook
This is an old leftover, used to add global JS variables in a convoluted
way: using a hook and a total of 3 static properties. We can safely
remove all of this and just call OutputPage::addJsConfigVars, which BTW
is already called where we need it.

Change-Id: Ifad0618fa93b0c7a7e8b23f596234e622aa8846a
2019-01-21 14:27:57 +01:00
jenkins-bot b35ba5af45 Merge "Warn the user if they try to leave the page with unsaved changes" 2019-01-19 12:57:50 +00:00
Daimona Eaytoy 6217ffb928 Remove unused stuff
Variables declared but never used, redundant code, and old leftovers.

Change-Id: Ic51044a45a1b49ad6c7af06c646b11893411a7cd
2019-01-18 17:04:19 +01:00
Bartosz Dziewoński 4610d93c7a Add mobile target to VE plugin modules
Bug: T213774
Change-Id: Idb4dd58b441d24fae7012b79fc049fbd02029c4c
2019-01-15 01:05:20 +01:00
Daimona Eaytoy 206bdc1f6a Use the updated TitleMove hook to filter move actions
For several reasons:
*We're not really checking permissions (and the hook previously used is
meant to be used in such case)
*We'll show a cleaner error message (i.e. without the "You do not have
permission..." part)
*Filtering will happen closer to the actual move

Bug: T208907
Depends-On: I4733724075b7514e9db59e7be772d9409aa9da87
Change-Id: If88f736a446247f8b4b13c055c641d56f544d1ea
2018-12-04 18:58:04 +01:00
Daimona Eaytoy 38749b46bb Warn the user if they try to leave the page with unsaved changes
While editing filters, sometimes it happen that you make some change,
forget about it and then reload/close the page, and no warnings will be
issued. This patch makes use of the core module used for normal page
editing to display a warning if trying to leave a filter editing page
with any unsaved change (both to the filter pattern or other form
elements).

Change-Id: I78d79215565d5c82028b1a2a4276497ccbffdea2
2018-12-04 13:06:46 +01:00
jenkins-bot dff5cd89f9 Merge "Further clarify docs for emergency disable" 2018-12-01 01:32:31 +00:00
Ed Sanders 687106d8af Bring in VE support from VE extension
Change-Id: Ib1354f0404209a15194895026ff9d179d16b1900
2018-11-30 10:59:16 +00:00
Daimona Eaytoy 6aff37fb52 Further clarify docs for emergency disable
This is a follow-up to Ic3bc6e36506973b19a9b1bcecbc1a5080faed2ec. I
believe it's important to specify how many recent actions we're looking
at, and I also think it's not nice to rely on a variable amount of
actions to determine whether a filter should be throttled. Also, require
a $group parameter in filterUsedKey (we always pass one, and there's no
reason not to).

Change-Id: I0384d3f1913ead593f605248950606c81c8f8542
2018-11-28 19:29:15 +01:00
Daimona Eaytoy 1f2b7474ed Clarify code and docs for automatic throttling
For the docs part: make it clear how things work there. For the code
part, these are mostly style changes: shorter variable names, no
unnecessary parameters, make the method private, use clearer variable
names.

Change-Id: Ic3bc6e36506973b19a9b1bcecbc1a5080faed2ec
2018-11-26 16:51:10 +01:00
jenkins-bot 6541d7c5cc Merge "Check that the user block is sitewide when determining permissions" 2018-11-15 17:26:21 +00:00
Daimona Eaytoy 346063eec0 Check that the user block is sitewide when determining permissions
And bump MediaWiki version.

Bug: T208621
Change-Id: Icfcf09c5d7c7498711cb000c3bb16480270efb9c
2018-11-15 17:59:22 +01:00
Daimona Eaytoy d3a8491c3f Change throttle selector to restore old functionality, overall improvement
Long (sigh) explanation in T203587#4569698. Also, simplified the way
TagMultiselect are generated, this one and the one for change tags.
This new selector is back-compat both with the old textarea and the OOUI
checkboxMultiselect; actually, this one is //fully// compatible with the
old textarea.
Add validation for throttle parameters and unit tests for validation
(split from I976c95658cddb2585910b6f8a5f047aadc4e4d47).
Added a trim when retrieving throttle identifier to allow syntax like
'ip, user'.
Improved the message shown on history.
Re-added the maintenance script to clean DB.

As I wrote in the task, a review by two other people would be great, at
least for the maintenance script (it could potentially break the DB).

Bug: T203587
Bug: T203336
Bug: T203584
Bug: T203585
Depends-On: I3b2e763bd8835207dc5df1db43d3e1881e6961c3
Change-Id: I7831dbb0bab55807392ac1f7915d6cb0cb713593
2018-11-14 12:51:36 +01:00
se4598 9d12e1b353 Allow selecting custom disallow message
You can now select a custom message to be displayed for disallowing a edit
the same way as for warn mode. This can be the same or a totally different
message.

This also solves the usecase, when a edit filter is set to warn AND disallow,
to be able to show the user a custom message, but the generic is shown
on the second try (disallow). Now it can be only set to disallow.

Bug: T27086
Change-Id: Ic1de03a6944c43a346fa317ee0a217551f0d284a
2018-10-11 10:35:01 +02:00
Jayprakash12345 8ad2203ce0 Move all apihelp translatable messages to separate files
Should be merged along with
Ib66f4614285411e5fd971dc0cb4291ea8113418c

Bug: T189982
Change-Id: Id9beb08ee34e6861543cf59d80abfac616bf9238
2018-09-21 08:21:38 +00:00
Matěj Suchánek 10ad58a6f3 Migrate AbuseFilter suppress log
Also make entries in Special:Log/suppress filterable.

Change-Id: Ic23e724997e4748c8d0da8138aa73d31b17b7064
2018-08-21 16:05:54 +00:00
tinajohnson.1234 c9003fe1fa Use HistoryPageToolLinks hook to add a log link to history pages
Add an AbuseFilter log link to the subtitle of history pages.

Bug: T28934
Co-authored-by: Matěj Suchánek
Depends-On: I2e0e9e92d3fc303135b0eb9acf06b5fd120178a5
Depends-On: I58a3039b3755648bb0c8aaf87db48ace96ce9344
Change-Id: Ib89c48f2b8f3121ead184844844acee436e2fdd6
2018-07-27 11:25:12 +00:00
Daimona Eaytoy b825e396b5 Switch editing interface to OOUI & improve NoJS usability
This settles almost everything, leaving the tags part ready to be
further improved in the follow-ups.
Also, replaced some fields with totally different ones, improved the
warn preview area and improved a bit nojs experience by hiding unusable
buttons.

Bug: T132284
Bug: T154749
Change-Id: I7a5caa862a32f9792140c6a4d9708a2d20472672
2018-07-17 14:49:50 +02:00
Daimona Eaytoy dd0569c00b Fix extension doc for AbuseFilterPrivateLog
This variable is actually here to determine whether accessing private
info should be logged, not if it's possible to access such info. In
fact, you can still do it if this variable is set to false.

Change-Id: Ieba191bff4ea56eb166bbbd03cb7b1a05ca42c52
2018-07-16 15:32:38 +02:00
jenkins-bot b86208d381 Merge "Add phan seccheck to composer and remove deprecated module" 2018-07-05 17:34:38 +00:00
Daimona Eaytoy 3c1dae9e14 Allow users with abusefilter-view-private to use testing interface
Now the required need will be abusefilter-modify OR
abusefilter-view-private for /tools, /test and /examine.

Bug: T193903
Change-Id: I3f1a91a2cc1df2272e5d4099cefd7c649a0683d5
2018-06-24 14:10:38 +00:00
Daimona Eaytoy 29492513cf Add phan seccheck to composer and remove deprecated module
Seccheck is currently being executed as non-voting, but it always
succeeds because AbuseFilter is not requiring it in composer. Instead,
let's add it: tests will start to fail, but we'll be able to see how
things are going with it. As a bonus, remove the mediawiki.api.parse
module, which is deprecated in 1.32 and replaced by mediawiki.api
(already loaded).

Change-Id: I094a8af4f97c03f8b538ede00420b123de25138a
2018-06-12 15:37:03 +02:00
MarcoAurelio 5724ca14d0 add grant to view private abusefilter log entries
Bug: T191703
Change-Id: I56233786ddaa6c44e6778b56070cf9b13df20dcc
2018-04-11 08:59:36 +00:00
Gergő Tisza ebcc751e7c
Remove abusefilter-revert right from sysops
No point in that right without abusefilter-modify-restricted and
it makes the user interface more confusing.
Undoes part of I4e3125a.

Change-Id: I4afaaa98a5c1b3d0d9518117a28e7e46466f87a1
2018-04-09 19:25:45 +02:00
Gergő Tisza 8f53c11a85
Add default rights config
Add a conservative default configuration so that admins can use
abuse filters without any need for manual setup, and users can
see what's happening. Also expand grants a bit.

Bug: T191740
Change-Id: I4e3125a708277474f416903928397db7f8fb850d
2018-04-09 10:47:35 +02:00