Commit graph

48 commits

Author SHA1 Message Date
Umherirrender 081a8e3c3c Add LinkBatch to Special:AbuseFilter/home and /history
Combine the check for red/blue user/talk links into one database query
This can improve the performance of the page view when many filters
from many different users are linked

Change-Id: I0b87ee15ecee4cecd5d5d6164e8c18e1b788ecd1
2022-07-29 13:56:03 +02:00
jenkins-bot f13f3dcd2c Merge "Call IContextSource::getAuthority instead of IContextSource::getUser" 2022-07-29 10:25:23 +00:00
dreamyjazz 13e6c1c06a Add the ListToggle to Special:AbuseLog for users who can hide entries
Add the ListToggle provided in core's ListToggle.php to
Special:AbuseLog when a list of abuse filter entries are being
shown and the user can hide abuse filter entries. This will allow
them to select multiple checkboxes to hide at once (without having
to shift and selecting the first and last).

Bug: T311954
Change-Id: I1aa4fa3fa7016a5d9ae4a904c151011743d2c8ed
2022-07-03 16:56:03 +01:00
Umherirrender dc4dd928b7 Call IContextSource::getAuthority instead of IContextSource::getUser
Change to use Authority object where possible
to use the interface instead of implementation

Change-Id: I90ef126b3d799c3fc27467a4ffe671785c446d3e
2022-07-03 16:37:18 +02:00
Matěj Suchánek be247401bb Clean up AbuseFilterViewExamine and AbuseFilterExaminePager
Move most stuff from the pager to the view class to untangle
circular dependency. Declare class properties as private.
Leave input validation to the form.

Change-Id: Ia8b1a9d08af9c0cac23b34f6bbbe2c44d01f6c8c
2022-07-03 11:29:43 +02:00
DannyS712 139ca18efe Migrate AbuseFilterPermissionManager to authority
Almost all callers already provide an Authority in the form
of a User object, so mostly just need to change the typehints

Depends-On: I58661943c7e1acb6ff09798ee1a30be0fde3f459
Change-Id: I2ad86859c8194c14d7331f58db62b7cff4698085
2022-07-01 06:58:17 +00:00
Matěj Suchánek 60e03c965e Fix form input normalization
Prevent invalid assignments to properties. On
Special:AbuseFilter/test/123, handle when id of
a non-existing filter was provided. Allow '0'
as user and title on Special:AbuseLog and
Special:AbuseFilter/test.

Change-Id: I196ae62b165d1a60babaf4fe6bd733aa52be1726
2022-06-29 12:19:24 +02:00
Reedy 60cb198e81 SpecialAbuseLog: Don't call explode() on null
Bug: T311579
Change-Id: I2481beb2344a57242795a722e255e119ea29ac18
2022-06-29 01:14:07 +01:00
Umherirrender 9abc464e3d Use UserIdentity/Authority in SpecialAbuseLog
Change-Id: I5b3b2b758e17c94298e7217d755dd8c7b08cb1ac
2022-06-28 19:30:37 +02:00
jenkins-bot 50311e750d Merge "Remove SpecialAbuseLog::isHidden" 2022-03-27 18:27:05 +00:00
Func 24f5ca6e2d Use setTitle() instead of setAction() where posible
The getLocalURL() method can return url with query string when
wgArticlePath is configured to do so, and query string of GET form
would be ignored by browsers.
The setAction() method is problematic (T285464 and above) and hard to
warn the wrong usage. I'm going to go through and fix every use case,
and finally deprecate it.

Change-Id: I66b634f0cc996be3d7048d410b46fe77c88f9879
2022-03-27 21:06:38 +08:00
Daimona Eaytoy 773d553c8e Remove SpecialAbuseLog::isHidden
This is a breaking change for the API: 'hidden' is now either true or
false, depending on afl_deleted. 'implicit' is no longer a possible
value, the caller should compute it instead if necessary.

Then simplify the remaining usage of isHidden, using a temporary private
method.

Bug: T291718
Change-Id: I97b5195d306c35ddca3f071d9ff4d896f9fd5c8d
2022-03-25 21:22:59 +00:00
Alexander Vorwerk 4aedfe8d91 Use updated ObjectFactory namespace
Change-Id: I99c5e5664d2401c36a9890f148eba7c25e6e8324
2022-03-09 22:17:07 +00:00
C. Scott Ananian aecfc7e62e Replace use of deprecated OutputPage::enableClientCache( false )
Replaced with the more readable ::disableClientCache() method, added
in 1.38.  Minimum MW version bumped to match.

Depends-On: I7c89e20528a0d91173f0edcb997dcae631935ee5
Change-Id: I91d0b8e8f69a2d309b6fc61e13bfb5d86dc0218d
2022-02-04 14:29:43 -05:00
Umherirrender 1b2551701e Avoid SpecialPage::getContext in SpecialAbuseLog::__construct
The special page itself is a MessageLocalizer
SpecialPage::getContext on constructor results in global state

Change-Id: I6a3dd263dbe02111aea65a087ce69a5a191f63fc
2021-11-09 22:09:49 +00:00
Daimona Eaytoy 020f8a09b4 Remove leftovers of AbuseFilterAflFilterMigrationStage
On second thought, no need to keep the migration script now, since it's
unusable anyway.

Also remove an usage in SpecialAbuseLog, likely a rebase artefact.

Change-Id: I938924b3617ef30046d8317e68a101ed2c1883d3
2021-09-25 03:48:37 +02:00
jenkins-bot a332b3ff0f Merge "Remove afl_filter entirely" 2021-09-25 01:39:08 +00:00
Daimona Eaytoy e8471a717c Add method to properly check visibility of AbuseLog entries
This replaces the previous pattern of callers having to use
RevisionLookup if the result was 'implicit'. Also, in some cases where
we were just hiding things if the visibility was !== true, properly
handle the implicit case by using the new method. Make the new method
return string constants rather than bool|string.

The new method also fixes some potential info leaks which happened when
the row was hidden, the user could view suppressed AbuseLog entries, but
the associated revision was also deleted and the user couldn't see it
(this shouldn't be relevant for WMF wikis since AF deletion is
oversight-level).

Also add a bunch of tests for the various cases to ensure we don't
regress again.

Bug: T261532
Change-Id: I929f865acf5d207b739cb3af043f70cb59243ee0
2021-09-25 00:08:33 +00:00
Daimona Eaytoy dae374aec2 Remove afl_filter entirely
As per T220791, the old schema and the flag can be removed in 1.38.

Bug: T220791
Change-Id: Ic6b1c8a22d17a301faf32d2e23778d90c41c39de
2021-09-18 11:06:10 +00:00
Daimona Eaytoy a722dfe1a4 Rename ParserFactory -> RuleCheckerFactory
The old parser now has the correct name "Evaluator", so the
ParserFactory name was outdated. Additionally, the plan is to create a
new RuleChecker class, acting as a facade for the different
parsing-related stages (lexer, parser, evaluator, etc.), which is what
most if not all callers should use. The RuleCheckerFactory still returns
a FilterEvaluator for now.
Also, "Parser" is a specific term defining *how* things happen
internally, whereas "RuleChecker" describes *what* callers should expect
from the new class.

Change-Id: I25b47a162d933c1e385175aae715ca38872b1442
2021-09-08 21:59:34 +02:00
libraryupgrader 2a4860e322 build: Updating mediawiki/mediawiki-phan-config to 0.11.0
Change-Id: I097d051e3c30e61d74a8e329b6110b219c72ec1a
2021-09-07 19:30:42 -07:00
Alexander Vorwerk 8e7d389029 Disallow interwiki on Special:AbuseLog
Bug: T288155
Depends-On: Ic00f4a0f27747b5ff0893b4c01f42f68a99771ab
Change-Id: I62574460bfaea04af2f617ca0929246c784cb4e8
2021-08-05 11:15:39 +02:00
libraryupgrader 5377ebe819 build: Updating dependencies
composer:
* mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0

npm:
* postcss: 7.0.35 → 7.0.36
  * https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I2b382f3bb236fb44eb24c6a257b13b8fd886541c
2021-07-21 18:51:18 +00:00
jenkins-bot 997e665530 Merge "Don't use p class="success" for success messages" 2021-06-04 08:59:58 +00:00
Umherirrender 1fa7a83f60 Use static closures where safe to use
Created by I25a17fb22b6b669e817317a0f45051ae9c608208

Change-Id: I533690311ca559685de8a4bf123348c9bcfa5931
2021-04-30 20:55:35 +02:00
mainframe98 a32d483ef4 Don't use p class="success" for success messages
These are part of legacy styles and aren't provided by all skins.
Using Html::successbox abstracts the classes away.
Internally that uses div class="successbox" instead.

Bug: T280766
Change-Id: I0cca59e2f391510095c2c6fb187ace5e91fdde8b
2021-04-30 18:19:31 +00:00
Matěj Suchánek 644b7aa288 Clean up AbuseFilterViewHistory and AbuseFilterHistoryPager
- Untangle circular dependency.
- Inject dependencies.
- Declare class properties as private.

Change-Id: I7b9892c85d168024d6b44d182af9443fdfee45cc
2021-04-18 18:31:17 +02:00
Matěj Suchánek 7ed7b97369 Clean up (Global)AbuseFilterPager
- Inject dependencies.
- Make class variables private or protected and rename them.

Untangling the circular dependency is left for a future patch.

Change-Id: I5d625e30171bfbf60d9f5a94fa50475fdfe853dd
2021-04-17 21:02:07 +02:00
Umherirrender 5e12102b6d Use Language::userTimeAndDate
Avoid use of global user

Change-Id: Ic30cfe705dfe39fca7dd45c6c2e1248dd37f08ff
2021-03-09 00:54:03 +01:00
jenkins-bot 1b6e209ce6 Merge "Create a new method for authorizing access to test tools" 2021-02-22 18:00:06 +00:00
vladshapik dcd038e613 Avoid using User ::getCanonicalName
Remove using of User::getCanonicalName since this method will be hard-deprecated. Now it is soft-deprecated

Bug: T275030
Change-Id: I3ce1199f18276096279ce3c80f63e53d023a0f5a
2021-02-21 23:16:40 +02:00
Matěj Suchánek 5d4025d8c9 Create a new method for authorizing access to test tools
This commit doesn't change any permissions for anybody.
It's the first step to achieve what the task asks for.

Bug: T242821
Change-Id: I8060ca926e6769b11d470fe4037854cda496000d
2021-02-20 17:54:35 +01:00
Matěj Suchánek ca806b46b7 Avoid using Title in addNavigationLinks
Simple TitleValue object will do the same job.
I verified LinkRenderer localizes the targets.

Change-Id: Ia25659947da1d2d7e5557884b2ab9153c9c1bc43
2021-02-19 19:00:01 +01:00
jenkins-bot 38772b193d Merge "Partial integration of EditBoxBuilder with HTMLForm" 2021-02-04 17:41:29 +00:00
Daimona Eaytoy bf9142a644 Partial integration of EditBoxBuilder with HTMLForm
This patch adds a transparent HTMLForm field that can be used to insert
the edit box inside an HTMLForm, and updates /test and /tools to use
that. The field class, together with the other editbox-related classes,
is now in a dedicated namespace. A future TODO is making it a real
HTMLForm field.

Also improve a bit the form in /test: add section labels and
avoid reusing the same label message used on Special:AbuseFilter.

Bug: T261584
Change-Id: Ib74bb5fdba4f8476169b754030fce6d4f72ce65a
2021-02-01 16:23:42 +00:00
Daimona Eaytoy a4a0503174 Mixed improvements for AbuseFilter pages and forms
- Clarify the label of the search form on Special:AbuseFilter
- Move introductory paragraphs to the very beginning of the page:
-- Before the profiling data on Special:AbuseFilter
-- Before the search form on Special:AbuseLog
- Make the search form on Special:AbuseFilter collapsible, and collapsed
  by default
- Make a few buttons primary+progressive, specifically those that take
  the user to a different page or act as submit-like buttons

Bug: T261584
Change-Id: I54517b01a9ea81d276283140e5cfafef575c3e2b
2021-02-01 15:51:43 +01:00
Daimona Eaytoy 005cc83642 Increase coverage for more classes
Change-Id: Iae6a24291f821fda77a45d8c1584de010af6a834
2021-01-17 17:38:58 +00:00
Daimona Eaytoy 10c7a11077 Improve coverage for hooks
- Exclude a couple of classes from coverage reports
- Add tests for all handlers
- Add tests for the runner, copied from core
- Make AbuseFilterRunner a real service

Change-Id: I7a0fe3cd8300faef5ef72d7f986b1734c324d8d1
2021-01-14 22:49:24 +01:00
Daimona Eaytoy b8efb924f3 Fix a bunch of fatal errors seen in production
Mostly uncaught exceptions, that appeared in places where the previous
code was silently using DWIM-style booleans.
Also a TypeError due to ViewDiff not using filter objects.

Copy the fix from Ic8032592799756521a59ee23c0e76cb03a510b94 to another
place as well.

Bug: T271430
Bug: T271431
Bug: T271432
Bug: T271433
Change-Id: Ica4b82024c57482656cf6bca95bf37641c09cb9a
2021-01-07 17:17:43 +01:00
Daimona Eaytoy 4c0690b4b1 Move getFirstFilterChange to FilterLookup
Additionally:
- Add typehints for stronger typing, and use strict comparison in the
  callers
- Use MIN instead of sorting, as the former is optimized by the DBMS;
  sorting was also happening on the wrong key, i.e. afh_timestamp, as
  opposed to afh_id

Change-Id: I631772fdfeb510b0bc8b582b84bcf2533d7bc097
2021-01-04 14:52:42 -08:00
Daimona Eaytoy 45f0a66616 Move remaining classes to own namespace
So everything can be loaded using PSR-4. These classes weren't renamed,
nor the alias for the AbuseFilter class was deprecated, because they
should be refactored first.

Change-Id: Ia328db58eb326968edf5591daac9bacf8c2f75da
2021-01-04 12:11:58 +01:00
jenkins-bot 21890a7bea Merge "Introduce a VariableGeneratorFactory service" 2021-01-03 22:59:47 +00:00
Daimona Eaytoy 6081bf90c4 Introduce a VariableGeneratorFactory service
So we can use DI in all generators. Some improvements were deliberately
omitted, e.g. injecting more services and relaxing User/Title to
UserIdentity/LinkTarget, and they'll be included in a subsequent commit.

Depends-On: I1f351071ef2b0b7c80e91407a9c3bb17be293044
Depends-On: Ie71740fac35a86f8fe03023080ae8ca08671243d
Depends-On: I589a0e1c2c5891070ab82cd5adfd9cedec19e67d
Change-Id: I92ef0abd5e45b672e6f297a71b3c2c345d56f136
2021-01-03 14:17:39 +01:00
jenkins-bot b0e8a76b2e Merge "DI for AbuseFilterSpecialPage" 2021-01-03 12:40:04 +00:00
Daimona Eaytoy 762d71c51d Create a dedicated namespace for variables-related classes
Some cleanup is left for later to keep the diff easier to read.

Change-Id: Ife445b5e47e707ab77ec867ac3b005866aa74ef2
2021-01-02 18:16:48 +01:00
Daimona Eaytoy d3b330b6d4 Create a VariablesManager service
This makes VariableHolder a true value object, and introduces a
stateless service, VariableManager, to operate on it.

Note, in theory, this new service is still cyclically coupled with
LazyVariableComputed. However, it's now two stateless service being
coupled, not two smart/god value objects, so we've still earned
something. For now, the dependency is hidden by using a callback. Some
alternatives for that are mentioned in a code comment.

Bug: T261069
Change-Id: I2f2c84c8e91472ba36084a8bbb4a923f6e04354b
2021-01-02 17:15:31 +00:00
Matěj Suchánek de5b7ee8ea DI for AbuseFilterSpecialPage
Change-Id: I5c702990398e0adb5fa73be54638cb8b6b268beb
2021-01-02 11:13:41 +01:00
Matěj Suchánek f5b18a36bf Move special page classes to own namespace
Change-Id: Ic2d13518924e77b1be96d1a7489abcd07e6d1dab
2021-01-02 10:54:13 +01:00