Commit graph

4921 commits

Author SHA1 Message Date
Daimona Eaytoy 2a0246ddb5 Remove ancient permission checks
In both SpecialAbuseLog and ApiQueryAbuseLog, we use
Title::getUserPermissionsErrors to check if the user is allowed to
perform 'abusefilter-log' on the API page... However, this is a
completely redundant check (which is also pretty expensive and queries
the master): for the SpecialPage, we can specify the required right in
the constructor and use checkPermissions, and for the API we can simply use checkUserRightsAny.
If I'm not mistaken, there's no benefit in using
getUserPermissionsErrors.

Change-Id: I4c4dbace67b24cc1f45e50ab1c0d251522935513
2019-01-31 21:16:18 +00:00
Translation updater bot 6f1c907f9b Localisation updates from https://translatewiki.net.
Change-Id: I8e38531d5237e549f14fd205e0dd3f38c208cb39
2019-01-30 22:13:26 +01:00
Daimona Eaytoy 196a3ba7d5 Ensure the specified filter is valid in ViewHistory
We do not validate the param, and instead only check if it was
specified. In the specific case of ViewHistory, specifying as "filter"
something invalid for a title (e.g. with a + inside) will throw an
exception, seen in production.

Change-Id: I636b4e56f39282593c737ace1d6ff2d90900d997
2019-01-29 19:58:59 +01:00
Translation updater bot f4f43d1ab6 Localisation updates from https://translatewiki.net.
Change-Id: Ic8076c70de9dc333631d00bf637a9ba596d8e95e
2019-01-28 22:26:27 +01:00
Translation updater bot 4cf5ee3664 Localisation updates from https://translatewiki.net.
Change-Id: Ic2bfd77a2919724a4ab6fa7c51164594face4ced
2019-01-26 22:17:07 +01:00
Translation updater bot 37284ebc5d Localisation updates from https://translatewiki.net.
Change-Id: Ia96a91212cfa68375c26276b8d935a11567d251d
2019-01-25 22:28:11 +01:00
Daimona Eaytoy 8f9b27d856 Fix MWException from AbuseFilterView
The case default was recently added, but didn't take into account that
"false" is valid too. Noticed by chance just before the train rolled
out.

Change-Id: I67ca475fa16ea449820f8c735531c2cc1b0ec975
2019-01-24 21:48:50 +01:00
Daimona Eaytoy fe03de6e4f Add help links for throttle groups
Several people have reported throttle groups being hard to use, mostly
because the field doesn't have options with the usable groups. This is
because users can combine valid groups in many ways, and thus we don't
provide options. However, let's add an help link pointing to mw.org.

Change-Id: I982d67aa62a899916a26452aceb9646df8c31232
2019-01-24 12:58:41 +01:00
Daimona Eaytoy ba1b27d7f6 Optionally pass the filter ID to checkConditions for error reporting
Now that Parser errors are on logstash, I noticed a huge spike of errors
on Wikimedia Commons, about 35000 per hour. They seem to be due to 2
broken filters, but id doesn't say which ones.

Change-Id: I8510319c075520f9a893cd7d56f2e30679e249ba
2019-01-24 10:03:52 +01:00
Daimona Eaytoy 15019ed34d Update the throttle script
Another batch of changes for the throttle script, fixing bugs discovered
on its last run and improving performance.
For a list of fixes, see T209565#4903044.
After merging, we need backports (REL1_32 and wmf branches) and another
dry-run.

Bug: T209565
Change-Id: I530a22d57971f8b22892e43faae5d1c6fa1e14ed
2019-01-24 00:13:09 +01:00
Daimona Eaytoy 0f041e8282 Split AbuseFilterConsequencesTest tests in several methods
This makes the code easier to maintain and more flexible, plus adds
several tests. Some flaky tests are also improved.

Depends-On: I57ce67c5202c8574fcf1957999a6999fec264cb7
Change-Id: Ibb5322bca93b464e9014b53644c04f2bc1141e72
2019-01-23 21:26:25 +00:00
Daimona Eaytoy 26b783f062 Use data provider's array keys to specify test description
We just passed the description as a parameter, but it's much quicker to
use it as the key in the data provider: PHPUnit will automatically
display it in case of failure, so that we don't have to do that
manually (and still get messages like "failed with data set #7").

Depends-On: I8edcca17ecdcf71397cc9b0d101e8b13ac112047
Change-Id: I57ce67c5202c8574fcf1957999a6999fec264cb7
2019-01-23 21:26:17 +00:00
Daimona Eaytoy a207cf22f7 Unbreak tagging for createaccount actions
Tagging doesn't work for account creations, and probably never did. This
is because we used a wrong identifier for such actions. This patch fixes
the problem, although in the long term we should find a smarter way to
apply tags.
Also, clean AbuseFilter::$tagsToSet if the action will be prevented.

Depends-On: Ia8e38ba25d1989fe71714d2b76891c4587921466
Change-Id: I8edcca17ecdcf71397cc9b0d101e8b13ac112047
2019-01-23 21:25:47 +00:00
Daimona Eaytoy f3f8bd11b9 Re-execute checkAllFilters if the edit was stashed
This may solve several issues, see T176291#4105438 for further details.

Bug: T191430
Bug: T176291
Depends-On: Iebbdeac7898b35beea79aa3d0cdf9d0fb265d726
Change-Id: Ia8e38ba25d1989fe71714d2b76891c4587921466
2019-01-23 18:16:01 +00:00
Daimona Eaytoy bc875d8002 Fix SQL key
When updating the abuse_filter_history table, the sequence to use is the
one on afh_id... And we were using the af_id one since 2009.

Change-Id: I3e291c780119d74be5f47e745a8de13bda85486b
2019-01-23 16:24:02 +01:00
Daimona Eaytoy 4b33b2b5a7 Strike suppressed AbuseLog entries
Instead of adding a message, do like core does by striking and greying
out the row. Plus, don't show the AbuseLog page description when hiding
entries, as it doesn't fit.

Change-Id: I645a89dd8df79d45ca440e0ba62adcdee921b8e9
2019-01-23 11:34:43 +01:00
jenkins-bot cbea2657b5 Merge "Re-fix the throttle script" 2019-01-23 00:55:56 +00:00
Translation updater bot f983492c84 Localisation updates from https://translatewiki.net.
Change-Id: Ied5c39d30bb36a086e8fba74ae45b0c85a9d9fea
2019-01-22 22:16:56 +01:00
Daimona Eaytoy be08bd6d59 Avoid PHP 7.3 Undeclared variable notice
Starting from PHP 7.3, passing the name of an undefined variable to compact() raises a notice. Always define $querypattern and $searchmode, so that this won't happen, and makes showList behave more uniformly.

Bug: T214269
Change-Id: Ib179a7e0e4fdd7b9d81b6930000203478e7a1e38
2019-01-21 15:35:44 +01:00
Daimona Eaytoy fca80fa976 Remove usage of MakeGlobalVariablesScript hook
This is an old leftover, used to add global JS variables in a convoluted
way: using a hook and a total of 3 static properties. We can safely
remove all of this and just call OutputPage::addJsConfigVars, which BTW
is already called where we need it.

Change-Id: Ifad0618fa93b0c7a7e8b23f596234e622aa8846a
2019-01-21 14:27:57 +01:00
Daimona Eaytoy 0e6b783ed4 Reject empty warning and disallow messages when validating a filter
Right now, we allow empty messages, and when the "warn" action is
executed we use "abusefilter-warning" if no message is specified.
However, this also produces a PHP notice while editing a filter with
empty message (see Phab). With this patch, empty messages will be
rejected, and a follow-up will be discussed on Phab.

Update: added disallow message as follow-up of
Ic1de03a6944c43a346fa317ee0a217551f0d284a.

Bug: T203353
Depends-On: I8df247f61d9f3769e9580544f324dd174811e939
Change-Id: I71b1f81d10c02de4de141b1ab9b630d05cf4619c
2019-01-21 14:06:54 +01:00
Translation updater bot 3872a21044 Localisation updates from https://translatewiki.net.
Change-Id: I4d155c90c75ab072279080c0954348ceec7f9a2a
2019-01-20 22:35:36 +01:00
jenkins-bot b9c697ef7c Merge "Don't send long patterns with GET" 2019-01-20 14:20:31 +00:00
Translation updater bot 0c974931bc Localisation updates from https://translatewiki.net.
Change-Id: Ib3b8fdab4afe9c283b3f4f7fd44b76bd9afa2451
2019-01-19 22:15:50 +01:00
jenkins-bot 1ed8fd0a5a Merge "Simplify filter editor generation and restore ltr attribute" 2019-01-19 13:28:50 +00:00
jenkins-bot 9ce4afb010 Merge "Add names to anonymous JS function" 2019-01-19 13:27:43 +00:00
jenkins-bot 41f6a85a42 Merge "Rewrite the method for getting a global emergency value" 2019-01-19 13:25:41 +00:00
jenkins-bot 196272fbc1 Merge "Move changed field styles to TD for history pager" 2019-01-19 13:18:32 +00:00
jenkins-bot f8b5965ff9 Merge "Expand AbuseFilter::getFilter to select all fields and fix caching" 2019-01-19 13:17:16 +00:00
jenkins-bot b35ba5af45 Merge "Warn the user if they try to leave the page with unsaved changes" 2019-01-19 12:57:50 +00:00
jenkins-bot a7955a5142 Merge "Move a method out of AbuseFilter.php" 2019-01-19 12:22:39 +00:00
jenkins-bot df2da23d29 Merge "Add unit tests for custom disallow messages" 2019-01-19 12:21:02 +00:00
jenkins-bot b44984c50a Merge "Remove unused stuff" 2019-01-19 12:18:22 +00:00
jenkins-bot 91e1833bc0 Merge "Fix topnav links" 2019-01-19 12:11:07 +00:00
jenkins-bot 575646393b Merge "Improve code readability" 2019-01-19 12:11:06 +00:00
jenkins-bot a2bee3bcf3 Merge "Simplify parser methods" 2019-01-19 12:11:04 +00:00
jenkins-bot 7f62874658 Merge "Change method visibility for AbuseFilter class" 2019-01-19 12:02:51 +00:00
jenkins-bot 0d4e982069 Merge "Reduce code duplication" 2019-01-19 12:00:47 +00:00
Daimona Eaytoy 6217ffb928 Remove unused stuff
Variables declared but never used, redundant code, and old leftovers.

Change-Id: Ic51044a45a1b49ad6c7af06c646b11893411a7cd
2019-01-18 17:04:19 +01:00
jenkins-bot ec152770d2 Merge "Tune logging channel" 2019-01-17 21:40:03 +00:00
Daimona Eaytoy 34d3f9acb2 Fix topnav links
*Don't reuse a message (which is bad), instead add a note for
translators. We can also move it on translatewiki.
*Don't show the AbuseLog link if the user cannot see the AbuseLog.

Change-Id: I4ce73b2160275fdc4b0b7bec722471696d8c6a4d
2019-01-17 15:09:29 +01:00
Translation updater bot 67aa6954ff Localisation updates from https://translatewiki.net.
Change-Id: Id8a357d740449919e6c8fd470bb455b9b114466a
2019-01-17 09:12:09 +01:00
Daimona Eaytoy 93e8cb5ac5 Tune logging channel
As follow-up of I10b1fd2d9bdfe518089c053d77fef568170ecb65, use
'AbuseFilter' instead of 'AbuseFilterDeprecatedVars' as channel name.
Raise level for null-title filtering. Since with a null title
several things are likely to break, a warning is more appropriate here.
Tweaked the message as well, to include the bug number and to avoid
pointlessly including the title (which is null).
Lower the level for stashedit hit/miss (as it's really spammy and not
that useful right now).
Use 'abusefilter' instead of 'AbuseFilter' for statsd so that everything
has the same prefix.
Also raise the level for parser exceptions and unrecognized
consequences.

Change-Id: I1f9988155e924232b201281795cd322636da8082
2019-01-16 08:56:22 +00:00
Bartosz Dziewoński 4610d93c7a Add mobile target to VE plugin modules
Bug: T213774
Change-Id: Idb4dd58b441d24fae7012b79fc049fbd02029c4c
2019-01-15 01:05:20 +01:00
Translation updater bot 97f0f86bd1 Localisation updates from https://translatewiki.net.
Change-Id: Ibfb8503dba39a9c78b019b9950cb057f7297bbec
2019-01-13 22:12:42 +01:00
Translation updater bot f0eb69bb7b Localisation updates from https://translatewiki.net.
Change-Id: I36a6d0841b09445c0c5f98535eae8f79b95f6cc9
2019-01-12 22:39:24 +01:00
jenkins-bot b1e8f38c64 Merge "Replace RecentChange::$mAttribs with getter functions" 2019-01-11 20:01:12 +00:00
addshore a6a93be530 Pass MCR AF text into newVariableHolderForEdit
Follow up to Idbb3a70d08a195dfa21422e07f593d1eeba4521d

This also fixes the fetching of text for the stash edit code path
which was missed by the previous patch.

This now also uses the full old text in the variable holder.

Bug: T213453
Change-Id: Ib80bc6385ebb5dd82bb1a384dd0e162608bfcbfa
2019-01-10 23:42:58 +00:00
jenkins-bot b1626c51c7 Merge "Localisation updates from https://translatewiki.net." 2019-01-10 21:52:20 +00:00
Translation updater bot 6c21151ef8 Localisation updates from https://translatewiki.net.
Change-Id: I0f36cc17fc9408920a1c9a87181396e1c1b6ce5b
2019-01-10 22:48:42 +01:00