Commit graph

7712 commits

Author SHA1 Message Date
jenkins-bot 0c51fbd3e6 Merge "Use namespaced MessageSpecifier" 2024-07-28 21:30:01 +00:00
Bartosz Dziewoński 80f56e599b ConsequencesExecutor: Use Message objects in the Status
In my recent change c458651370, which used Status::getMessages()
in FilteredActionsHandler, I overlooked the fact that it returns
MessageSpecifier objects instead of Message objects, and the return
value of MessageSpecifier::getParams() is not exactly specified
(the docs only promise that it's an array).

Now I'm working on a MediaWiki core change (I625a48a6ec) that
causes a different MessageSpecifier to be used, which stores
parameters in a different format, and would break that code.

To avoid problems, ConsequencesExecutor now stores Message objects
in the Status, which guarantees that FilteredActionsHandler will
get the same objects back.

Change-Id: I2c1bc8dde9a078d03badecf6d89443b65eeb92c5
2024-07-28 20:08:56 +00:00
Bartosz Dziewoński 1c0ab3010a AbuseFilterExtensionJsonTest: Allow skipping other extension hooks
Change-Id: I1146cec2b27c964f5ed07e7da76fc7b9ec4a09c5
2024-07-28 20:08:30 +00:00
Bartosz Dziewoński 517beb3c0d Use namespaced MessageSpecifier
Depends-On: I9ff4ff7beb098b60c92f564591937c7d789c6684
Change-Id: I7097b4d80df790ef14a5bc053306dc2f1fd195da
2024-07-28 21:59:35 +02:00
James D. Forrester 841214ab43 Upgrade required version of wikimedia/equivset to 1.7.0
Bug: T370976
Depends-On: I30cbc5c0b710f9cbd64d64ee798e309b0129222b
Change-Id: I4a6a9baafe9fff87d159626b744ce80a7505585d
2024-07-26 16:48:17 -04:00
jenkins-bot 1d5dc260e1 Merge "Use expression builder to avoid IDatabase::makeList" 2024-07-26 18:44:31 +00:00
Translation updater bot e7faf0160a
Localisation updates from https://translatewiki.net.
Change-Id: Ib7a5615f3975209e0e0606d1c338cfd6b0ccf935
2024-07-26 09:42:10 +02:00
Translation updater bot 9b629596ad
Localisation updates from https://translatewiki.net.
Change-Id: I3186f4450439bda638aeb79ec92c28f4cc246d08
2024-07-25 09:18:02 +02:00
Translation updater bot b51459ba3f
Localisation updates from https://translatewiki.net.
Change-Id: I6a32d083d92c6662deb31315deb0d95f31ccdfff
2024-07-24 09:22:18 +02:00
Translation updater bot 975e343eb7
Localisation updates from https://translatewiki.net.
Change-Id: Idd0ae1de72d24475bf51178cb0ff4a7ec51c70f2
2024-07-23 09:44:13 +02:00
Umherirrender e88494212e Use expression builder to avoid IDatabase::makeList
Bug: T350968
Change-Id: Iacb407a9aef293f401e0dbf754bb1f51f6b390c5
2024-07-22 21:42:28 +00:00
jenkins-bot 2d418bb61c Merge "Use expression builder instead of raw sql" 2024-07-22 20:48:01 +00:00
Translation updater bot 062f0039f1
Localisation updates from https://translatewiki.net.
Change-Id: Ibba5126d0bce50662ec9f3159f6c34c91fbe9052
2024-07-22 09:23:20 +02:00
Umherirrender 91b369b7af Use expression builder instead of raw sql
Bug: T350968
Change-Id: Ibad11ea11e7955172d35d4499372d0fcd726bf74
2024-07-21 22:07:58 +02:00
Umherirrender 6db3b3287f tests: Use LanguageFactory to create en language
Bug: T343771
Change-Id: Id2423c87c17a2f357d5e1cfeef3aeb83b6ad9a0d
2024-07-20 21:41:52 +02:00
Translation updater bot 750410c687
Localisation updates from https://translatewiki.net.
Change-Id: I5c02cf68177fe5232bd15d76610ebc913e93dfd4
2024-07-19 09:39:06 +02:00
Translation updater bot 19ca2cad10
Localisation updates from https://translatewiki.net.
Change-Id: I9ace4121ba7dd3fde9d5bcfcb3de2bb5770d7398
2024-07-18 09:21:47 +02:00
jenkins-bot 7bde8bcdf0 Merge "Use IDatabase::buildComparison in MigrateActorsAF" 2024-07-17 19:49:37 +00:00
Translation updater bot 1e780b50b2
Localisation updates from https://translatewiki.net.
Change-Id: I04c98eb129c828b33855e460482966a217993243
2024-07-17 09:32:57 +02:00
Umherirrender 73a15cdcbf Use IDatabase::buildComparison in MigrateActorsAF
Avoid IDatabase::addQuotes

Change-Id: I68712c407cec15eb7fac0303ad7fa94651f4e0be
2024-07-16 23:35:21 +02:00
Translation updater bot 6b326ff2e0
Localisation updates from https://translatewiki.net.
Change-Id: I7c947cf27ac5872d0eaa9562c02d6c0699bf5c74
2024-07-16 09:38:35 +02:00
Translation updater bot 29747424be
Localisation updates from https://translatewiki.net.
Change-Id: Ibb7f11474f369163ca753af519cbb5aabf4d2e01
2024-07-15 09:23:04 +02:00
Translation updater bot df9e545f7a
Localisation updates from https://translatewiki.net.
Change-Id: Id341fc862b25c9debb23651ef7e7a62018210b62
2024-07-12 09:39:20 +02:00
Bartosz Dziewoński 3df92fcbe4 Use stable andExpr() / orExpr() methods
Change-Id: I0010a7c9d273e63acbed78190f0c23283a192ef2
2024-07-11 18:36:04 +02:00
jenkins-bot e256fca1ad Merge "selenium: Document when, how and why a test is skipped" 2024-07-11 15:25:08 +00:00
Translation updater bot e045f60dbc
Localisation updates from https://translatewiki.net.
Change-Id: I611ea9d3dfa96b0429e036c67a48e7093b9ec86e
2024-07-11 09:28:44 +02:00
jenkins-bot 5a18e60b76 Merge "Disallow protected variable access on AbuseFilterViewTestBatch" 2024-07-10 18:48:07 +00:00
STran 30227231f6 Disallow protected variable access on AbuseFilterViewTestBatch
A filter using a protected variable can be loaded via filter id
using testing tools even though the user might not have the right
to view protected variables. This can potentially leak PII and as
such, testing tools should check for the right before allowing
protected filters to be seen.

- Unload a filter asap if it uses protected variables and the
  requestor doesn't have viewing rights. This:
    + disallows loading of existing protected filters on page load
    + disallows testing against rules that use protected variables
    + disallows subsequent requests for protected filters (via API)

There is a known bug (see T369620) where no user feedback is
provided if an API request for a filter returns no result (typically
when no filter matches the requested id). This commit adds another
pathway to that bug (the filter exists but is protected and not
returned by the API) but does not update this UI/UX.

Bug: T364834
Change-Id: I6a572790edd743596d70c9c4a2ee52b4561e25f3
2024-07-10 05:31:03 -07:00
Kosta Harlan b58d91bcac ConfirmEditHandlerTest: Loosen message check test
Why:

- Ie13181b78b8e2903c6cc0f0f778689bcc8b8ce2e modifies the status message
  returned

What:

- Loosen the check for the status error message such that 'captcha-edit'
  and 'captcha-edit-fail' are both valid; we can revert this after
  Ie13181b78b8e2903c6cc0f0f778689bcc8b8ce2e is merged

Change-Id: I5a0698d84932a474800a68dba9b76b3433b19290
2024-07-10 08:20:18 +00:00
jenkins-bot c316be857b Merge "ConfirmEditHandlerTest: Remove method_exists checks" 2024-07-09 11:32:25 +00:00
jenkins-bot 218627233b Merge "Only return filters visible to user in search" 2024-07-09 09:45:55 +00:00
Kosta Harlan 62629ec3e9
ConfirmEditHandlerTest: Remove method_exists checks
Why:

- These checks are no longer needed, now that Idc47bda has been merged

What:

- Remove the `method_exists()` checks

Change-Id: I6e428df6b6e036146ae4cc57374cde8810d3f5f7
2024-07-09 10:27:03 +02:00
Translation updater bot 18ed47a687
Localisation updates from https://translatewiki.net.
Change-Id: I737a1012f865c2d664b7eac9920b1d295c930092
2024-07-09 09:41:37 +02:00
Željko Filipin 8f3ca526b9 selenium: Document when, how and why a test is skipped
Bug: T280652
Change-Id: I6bb1e0c0fdebe103311ea45e4d788e14deb844e0
2024-07-08 15:02:10 +02:00
jenkins-bot 98eab47d9b Merge "Simplify FilterEvaluator::getUsedVars using ::checkSyntax" 2024-07-08 12:42:18 +00:00
STran ceaedb8b95 Only return filters visible to user in search
Search is restricted to users with the right to view private variables
but not necessarily the right to view protected variables. Users who
don't have the right to view protected variables shouldn't be able to
search against protected variables, as this might leak the PII.

- Filter out filters using protected variables in search results
  if the user doesn't have the right to view protected variables

Bug: T367390
Change-Id: I7412112c9cc676f29d706b116b779bc17183a952
2024-07-08 02:47:57 -07:00
Translation updater bot 993fa76c25
Localisation updates from https://translatewiki.net.
Change-Id: I3f4a8deafc80c7f23627b88f76303a37e01fbdf1
2024-07-08 09:31:57 +02:00
jenkins-bot 69508bf153 Merge "Add missing permission check to canSeeLogDetailsForFilter" 2024-07-05 10:09:47 +00:00
Matěj Suchánek bf180e0490 Simplify FilterEvaluator::getUsedVars using ::checkSyntax
Alternative approach to fixing the regression proposed by
Daimona in I78d3a2cd7bada962d7ef9b0f2c39d898bf8987ce.

Bug: T368203
Change-Id: I637367c3b3850f7988d890379fef7f4753159953
2024-07-05 11:32:09 +02:00
jenkins-bot 6b26f27927 Merge "Miscellaneous minor fixes" 2024-07-03 16:46:19 +00:00
Translation updater bot bdf0937a27
Localisation updates from https://translatewiki.net.
Change-Id: I3695bef66d72e4039db55ea1d0a74e86709893b9
2024-07-03 09:25:22 +02:00
Daimona Eaytoy 99bb44beb4 Miscellaneous minor fixes
- Rename `$hidden` to `$privacyLevel` in Flags::__construct for
  consistency with other places.
- Rename `shouldProtectFilter` and simplify its return value to always
  be an array, since that's how it's currently used. Rename a variable
  that is assigned the return value of this method.
- Add a missing message key to a list of dynamic message keys.
- Rename a property from 'hidden' to 'privacy' in FilterStoreTest for
  consistency. Add a test for removing the protected flag.
- Update old comment referencing `filterHidden`; the method was removed
  in I40b8c8452d9df.
- Use ISQLPlatform::bitAnd() instead of manual SQL in
  AbuseFilterHistoryPager.
- Update mysterious reference to "formatRow" in SpecialAbuseLog.
- Update other references to the very same method in two other places,
  this time credited as "SpecialAbuseLog".
- Add type hints to a few methods; this not only helps with type safety,
  but it also allows PHPUnit to automatically use the proper type in
  mocks.

Change-Id: Ib0167d993b761271c1e5311808435a616b6576fe
2024-07-03 02:31:38 +02:00
Daimona Eaytoy 6ac574dada Add missing permission check to canSeeLogDetailsForFilter
`canSeeLogDetails` should also be checked when a filter is protected, as
it is the base right for being able to see abuselog entries. With this
in mind, check that immediately at the beginning of the method, instead
of repeating calls. Also merge the conditionals, and return early when a
permission check fails.

Move a test up so that it comes immediately after its data provider, and
add test cases for a few combinations of rights.

Change-Id: Ic3cf58f43803bef8bf2d65566434baff145b3fd5
2024-07-02 22:43:09 +02:00
Translation updater bot 71b1c0d0e6
Localisation updates from https://translatewiki.net.
Change-Id: I635f2c56c409540927635aceba53aa615fe45267
2024-07-01 09:24:18 +02:00
jenkins-bot 3b005bfedc Merge "Tests: Repalce "db" with getDb() method" 2024-07-01 06:08:29 +00:00
anterdc99 2f502fb564
Add new special page aliases for Chinese variants
What:
* Translated "Special:BlockedExternalDomains", using existing
  translations from message "abusefilter-blocked-domains-title"

Change-Id: I3ce46f08e827fb4dcd0a80600bb21c064dfb03b7
2024-06-30 15:55:02 +08:00
anterdc99 d1b7bf8e06
Update messages to be more language-friendly
Change-Id: Id18278496381b1abd69120712ca23ede6336ee11
2024-06-30 14:42:23 +08:00
jenkins-bot bc0ab54e2d Merge "Support more log actions in testing interface" 2024-06-29 21:43:59 +00:00
jenkins-bot 7cca085e24 Merge "Remove modification of wgCheckUserLogAdditionalRights" 2024-06-28 17:05:35 +00:00
Wandji69 6a091dcb39 Tests: Repalce "db" with getDb() method
Bug: T316841
Change-Id: I40eb000f008e51aba581ee8e33a8421ff111fbf1
2024-06-28 16:32:16 +00:00