Commit graph

7606 commits

Author SHA1 Message Date
James D. Forrester 841214ab43 Upgrade required version of wikimedia/equivset to 1.7.0
Bug: T370976
Depends-On: I30cbc5c0b710f9cbd64d64ee798e309b0129222b
Change-Id: I4a6a9baafe9fff87d159626b744ce80a7505585d
2024-07-26 16:48:17 -04:00
jenkins-bot 1d5dc260e1 Merge "Use expression builder to avoid IDatabase::makeList" 2024-07-26 18:44:31 +00:00
Translation updater bot e7faf0160a
Localisation updates from https://translatewiki.net.
Change-Id: Ib7a5615f3975209e0e0606d1c338cfd6b0ccf935
2024-07-26 09:42:10 +02:00
Translation updater bot 9b629596ad
Localisation updates from https://translatewiki.net.
Change-Id: I3186f4450439bda638aeb79ec92c28f4cc246d08
2024-07-25 09:18:02 +02:00
Translation updater bot b51459ba3f
Localisation updates from https://translatewiki.net.
Change-Id: I6a32d083d92c6662deb31315deb0d95f31ccdfff
2024-07-24 09:22:18 +02:00
Translation updater bot 975e343eb7
Localisation updates from https://translatewiki.net.
Change-Id: Idd0ae1de72d24475bf51178cb0ff4a7ec51c70f2
2024-07-23 09:44:13 +02:00
Umherirrender e88494212e Use expression builder to avoid IDatabase::makeList
Bug: T350968
Change-Id: Iacb407a9aef293f401e0dbf754bb1f51f6b390c5
2024-07-22 21:42:28 +00:00
jenkins-bot 2d418bb61c Merge "Use expression builder instead of raw sql" 2024-07-22 20:48:01 +00:00
Translation updater bot 062f0039f1
Localisation updates from https://translatewiki.net.
Change-Id: Ibba5126d0bce50662ec9f3159f6c34c91fbe9052
2024-07-22 09:23:20 +02:00
Umherirrender 91b369b7af Use expression builder instead of raw sql
Bug: T350968
Change-Id: Ibad11ea11e7955172d35d4499372d0fcd726bf74
2024-07-21 22:07:58 +02:00
Umherirrender 6db3b3287f tests: Use LanguageFactory to create en language
Bug: T343771
Change-Id: Id2423c87c17a2f357d5e1cfeef3aeb83b6ad9a0d
2024-07-20 21:41:52 +02:00
Translation updater bot 750410c687
Localisation updates from https://translatewiki.net.
Change-Id: I5c02cf68177fe5232bd15d76610ebc913e93dfd4
2024-07-19 09:39:06 +02:00
Translation updater bot 19ca2cad10
Localisation updates from https://translatewiki.net.
Change-Id: I9ace4121ba7dd3fde9d5bcfcb3de2bb5770d7398
2024-07-18 09:21:47 +02:00
jenkins-bot 7bde8bcdf0 Merge "Use IDatabase::buildComparison in MigrateActorsAF" 2024-07-17 19:49:37 +00:00
Translation updater bot 1e780b50b2
Localisation updates from https://translatewiki.net.
Change-Id: I04c98eb129c828b33855e460482966a217993243
2024-07-17 09:32:57 +02:00
Umherirrender 73a15cdcbf Use IDatabase::buildComparison in MigrateActorsAF
Avoid IDatabase::addQuotes

Change-Id: I68712c407cec15eb7fac0303ad7fa94651f4e0be
2024-07-16 23:35:21 +02:00
Translation updater bot 6b326ff2e0
Localisation updates from https://translatewiki.net.
Change-Id: I7c947cf27ac5872d0eaa9562c02d6c0699bf5c74
2024-07-16 09:38:35 +02:00
Translation updater bot 29747424be
Localisation updates from https://translatewiki.net.
Change-Id: Ibb7f11474f369163ca753af519cbb5aabf4d2e01
2024-07-15 09:23:04 +02:00
Translation updater bot df9e545f7a
Localisation updates from https://translatewiki.net.
Change-Id: Id341fc862b25c9debb23651ef7e7a62018210b62
2024-07-12 09:39:20 +02:00
Bartosz Dziewoński 3df92fcbe4 Use stable andExpr() / orExpr() methods
Change-Id: I0010a7c9d273e63acbed78190f0c23283a192ef2
2024-07-11 18:36:04 +02:00
jenkins-bot e256fca1ad Merge "selenium: Document when, how and why a test is skipped" 2024-07-11 15:25:08 +00:00
Translation updater bot e045f60dbc
Localisation updates from https://translatewiki.net.
Change-Id: I611ea9d3dfa96b0429e036c67a48e7093b9ec86e
2024-07-11 09:28:44 +02:00
jenkins-bot 5a18e60b76 Merge "Disallow protected variable access on AbuseFilterViewTestBatch" 2024-07-10 18:48:07 +00:00
STran 30227231f6 Disallow protected variable access on AbuseFilterViewTestBatch
A filter using a protected variable can be loaded via filter id
using testing tools even though the user might not have the right
to view protected variables. This can potentially leak PII and as
such, testing tools should check for the right before allowing
protected filters to be seen.

- Unload a filter asap if it uses protected variables and the
  requestor doesn't have viewing rights. This:
    + disallows loading of existing protected filters on page load
    + disallows testing against rules that use protected variables
    + disallows subsequent requests for protected filters (via API)

There is a known bug (see T369620) where no user feedback is
provided if an API request for a filter returns no result (typically
when no filter matches the requested id). This commit adds another
pathway to that bug (the filter exists but is protected and not
returned by the API) but does not update this UI/UX.

Bug: T364834
Change-Id: I6a572790edd743596d70c9c4a2ee52b4561e25f3
2024-07-10 05:31:03 -07:00
Kosta Harlan b58d91bcac ConfirmEditHandlerTest: Loosen message check test
Why:

- Ie13181b78b8e2903c6cc0f0f778689bcc8b8ce2e modifies the status message
  returned

What:

- Loosen the check for the status error message such that 'captcha-edit'
  and 'captcha-edit-fail' are both valid; we can revert this after
  Ie13181b78b8e2903c6cc0f0f778689bcc8b8ce2e is merged

Change-Id: I5a0698d84932a474800a68dba9b76b3433b19290
2024-07-10 08:20:18 +00:00
jenkins-bot c316be857b Merge "ConfirmEditHandlerTest: Remove method_exists checks" 2024-07-09 11:32:25 +00:00
jenkins-bot 218627233b Merge "Only return filters visible to user in search" 2024-07-09 09:45:55 +00:00
Kosta Harlan 62629ec3e9
ConfirmEditHandlerTest: Remove method_exists checks
Why:

- These checks are no longer needed, now that Idc47bda has been merged

What:

- Remove the `method_exists()` checks

Change-Id: I6e428df6b6e036146ae4cc57374cde8810d3f5f7
2024-07-09 10:27:03 +02:00
Translation updater bot 18ed47a687
Localisation updates from https://translatewiki.net.
Change-Id: I737a1012f865c2d664b7eac9920b1d295c930092
2024-07-09 09:41:37 +02:00
Željko Filipin 8f3ca526b9 selenium: Document when, how and why a test is skipped
Bug: T280652
Change-Id: I6bb1e0c0fdebe103311ea45e4d788e14deb844e0
2024-07-08 15:02:10 +02:00
jenkins-bot 98eab47d9b Merge "Simplify FilterEvaluator::getUsedVars using ::checkSyntax" 2024-07-08 12:42:18 +00:00
STran ceaedb8b95 Only return filters visible to user in search
Search is restricted to users with the right to view private variables
but not necessarily the right to view protected variables. Users who
don't have the right to view protected variables shouldn't be able to
search against protected variables, as this might leak the PII.

- Filter out filters using protected variables in search results
  if the user doesn't have the right to view protected variables

Bug: T367390
Change-Id: I7412112c9cc676f29d706b116b779bc17183a952
2024-07-08 02:47:57 -07:00
Translation updater bot 993fa76c25
Localisation updates from https://translatewiki.net.
Change-Id: I3f4a8deafc80c7f23627b88f76303a37e01fbdf1
2024-07-08 09:31:57 +02:00
jenkins-bot 69508bf153 Merge "Add missing permission check to canSeeLogDetailsForFilter" 2024-07-05 10:09:47 +00:00
Matěj Suchánek bf180e0490 Simplify FilterEvaluator::getUsedVars using ::checkSyntax
Alternative approach to fixing the regression proposed by
Daimona in I78d3a2cd7bada962d7ef9b0f2c39d898bf8987ce.

Bug: T368203
Change-Id: I637367c3b3850f7988d890379fef7f4753159953
2024-07-05 11:32:09 +02:00
jenkins-bot 6b26f27927 Merge "Miscellaneous minor fixes" 2024-07-03 16:46:19 +00:00
Translation updater bot bdf0937a27
Localisation updates from https://translatewiki.net.
Change-Id: I3695bef66d72e4039db55ea1d0a74e86709893b9
2024-07-03 09:25:22 +02:00
Daimona Eaytoy 99bb44beb4 Miscellaneous minor fixes
- Rename `$hidden` to `$privacyLevel` in Flags::__construct for
  consistency with other places.
- Rename `shouldProtectFilter` and simplify its return value to always
  be an array, since that's how it's currently used. Rename a variable
  that is assigned the return value of this method.
- Add a missing message key to a list of dynamic message keys.
- Rename a property from 'hidden' to 'privacy' in FilterStoreTest for
  consistency. Add a test for removing the protected flag.
- Update old comment referencing `filterHidden`; the method was removed
  in I40b8c8452d9df.
- Use ISQLPlatform::bitAnd() instead of manual SQL in
  AbuseFilterHistoryPager.
- Update mysterious reference to "formatRow" in SpecialAbuseLog.
- Update other references to the very same method in two other places,
  this time credited as "SpecialAbuseLog".
- Add type hints to a few methods; this not only helps with type safety,
  but it also allows PHPUnit to automatically use the proper type in
  mocks.

Change-Id: Ib0167d993b761271c1e5311808435a616b6576fe
2024-07-03 02:31:38 +02:00
Daimona Eaytoy 6ac574dada Add missing permission check to canSeeLogDetailsForFilter
`canSeeLogDetails` should also be checked when a filter is protected, as
it is the base right for being able to see abuselog entries. With this
in mind, check that immediately at the beginning of the method, instead
of repeating calls. Also merge the conditionals, and return early when a
permission check fails.

Move a test up so that it comes immediately after its data provider, and
add test cases for a few combinations of rights.

Change-Id: Ic3cf58f43803bef8bf2d65566434baff145b3fd5
2024-07-02 22:43:09 +02:00
Translation updater bot 71b1c0d0e6
Localisation updates from https://translatewiki.net.
Change-Id: I635f2c56c409540927635aceba53aa615fe45267
2024-07-01 09:24:18 +02:00
jenkins-bot 3b005bfedc Merge "Tests: Repalce "db" with getDb() method" 2024-07-01 06:08:29 +00:00
anterdc99 2f502fb564
Add new special page aliases for Chinese variants
What:
* Translated "Special:BlockedExternalDomains", using existing
  translations from message "abusefilter-blocked-domains-title"

Change-Id: I3ce46f08e827fb4dcd0a80600bb21c064dfb03b7
2024-06-30 15:55:02 +08:00
jenkins-bot bc0ab54e2d Merge "Support more log actions in testing interface" 2024-06-29 21:43:59 +00:00
jenkins-bot 7cca085e24 Merge "Remove modification of wgCheckUserLogAdditionalRights" 2024-06-28 17:05:35 +00:00
Wandji69 6a091dcb39 Tests: Repalce "db" with getDb() method
Bug: T316841
Change-Id: I40eb000f008e51aba581ee8e33a8421ff111fbf1
2024-06-28 16:32:16 +00:00
Jakob Warkotsch 9fc29beb09 Reset setForceShowCaptcha to false after test
This test globally set `setForceShowCaptcha` to true, which caused
problems for following tests.

Bug: T368705
Change-Id: I5077e4b874c1bf1c6b68895349af0c9ecd4094ed
2024-06-28 12:15:49 +02:00
Jakob Warkotsch 0bd53dfeb1 Remove unused phan suppressions
Change-Id: Ib42f9b00948506ae2c053f51cb7dfddb0f7eb480
2024-06-28 12:15:49 +02:00
Translation updater bot bc5ff46176
Localisation updates from https://translatewiki.net.
Change-Id: I8cd502dac3414f6ca4f8ca93b7a3330a1c447402
2024-06-28 09:40:09 +02:00
jenkins-bot b9a4848fae Merge "ConfirmEditHandler: Use SimpleCaptcha API to invoke CAPTCHA display" 2024-06-27 16:55:01 +00:00
Dreamy Jazz 7254e65665 Remove modification of wgCheckUserLogAdditionalRights
Why:
* The wgCheckUserLogAdditionalRights global is shortly being
  removed as no-longer necessary after T324907 removed the need to
  generate the action text on insert time. As such, the action
  text can be generated on view and therefore respect the rights
  that the viewing user has.
* This means that the config can be removed, as users with the
  'abusefilter-view' right will be able to see the action text
  associated with the entry because the log formatter will check
  for the right on view.

What:
* Remove the modification of wgCheckUserLogAdditionalRights in
  AbuseLogger::insertLocalLogEntries.

Bug: T346022
Change-Id: I7504e4729fde5e51f6a795fc3e60d735152b2eea
2024-06-27 16:43:25 +00:00