Commit graph

110 commits

Author SHA1 Message Date
Ed Sanders d86b74d3de eslint: Add /mediawiki rules
Change-Id: I1853e273fad3308349c79d188bc30de98fe116c4
2020-02-22 15:59:28 +00:00
TheSandDoctor 4a933e034f ext.abuseFilter.tools.js: Replace deprecated editToken with csrfToken
The editToken key of mw.users.tokens is deprecated since MediaWiki 1.27.
This commit resolves it for AbuseFilter.

Bug: T233442
Change-Id: I445313088cef40caf0d0695a64515cd16e83504d
2019-09-22 01:54:34 +00:00
Daimona Eaytoy ed2bc7badf Don't show the form for restoring autopromotion to unprivileged users
Bug: T232881
Change-Id: I80c34c823f505c81e20f83ccf5c5a99e8e69b626
2019-09-13 20:31:17 +02:00
Bartosz Dziewoński 82b6f191d4 Actually return errors for action=edit API
Setting 'apiHookResult' results in a "successful" response; if we want
to report an error, we need to use ApiMessage. We already were doing
this for action=upload. Now our action=edit API responses will be
consistent with MediaWiki and other extensions, and will be able to
take advantage of errorformat=html.

Since this breaks compatibility anyway, also remove some redundant
backwards-compatibility values from the output.

To avoid user interface regressions in VisualEditor, the changes
I3b9c4fef (in VE) and I106dbd3c (in MediaWiki) should be merged first.

Before:
    {
        "edit": {
            "code": "abusefilter-disallowed",
            "message": {
                "key": "abusefilter-disallowed",
                "params": [ ... ]
            },
            "abusefilter": { ... },
            "info": "Hit AbuseFilter: Test filter disallow",
            "warning": "This action has been automatically identified ...",
            "result": "Failure"
        }
    }

After:
    {
        "errors": [
            {
                "code": "abusefilter-disallowed",
                "data": {
                    "abusefilter": { ... },
                },
                "module": "edit",
                "*": "This action has been automatically identified ..."
            }
        ],
        "*": "See http://localhost:3080/w/api.php for API usage. ..."
    }

For comparison, a 'readonly' error:
    {
        "errors": [
            {
                "code": "readonly",
                "data": {
                    "readonlyreason": "foo bar"
                },
                "module": "main",
                "*": "The wiki is currently in read-only mode."
            }
        ],
        "*": "See http://localhost:3080/w/api.php for API usage. ..."
    }

Bug: T229539
Depends-On: I106dbd3cbdbf7082b1d1f1c1106ece6b19c22a86
Depends-On: I3b9c4fefc0869ef7999c21cef754434febd852ec
Change-Id: I5424de387cbbcc9c85026b8cfeaf01635eee34a0
2019-09-09 20:15:19 +02:00
jenkins-bot 8527a10774 Merge "Restyle edit box dimensions" 2019-08-20 16:33:16 +00:00
Daimona Eaytoy b235e1040a Restyle edit box dimensions
Now it's always wider, and so is the "notes" field. Moreover, the
fallback textarea has the exact same size. Plus removed a parameter
which only made it hard to write a CSS rule for the textarea. Since the
textarea is generated by the same code, and we're always using it for
the same thing (filter syntax, regardless of the final goal), make it
always use the same name.

Bug: T230591
Change-Id: Ibb308e80d954c0e81aa09249c38c39572f157948
2019-08-17 18:53:13 +02:00
Bartosz Dziewoński 34cbad3d45 Distinguish AbuseFilter warnings and errors in VE
The VE save dialog will now only display a retry button for
AbuseFilter warnings, and not for errors.

Bug: T211241
Change-Id: I865e8078f79e6bbcb7134b11d5f834f84bb72589
2019-08-01 04:59:18 +02:00
MarcoAurelio f07bf610c0 build: Update npm dependencies
- eslint-config-wikimedia  0.12.0  →  0.13.1
 - grunt-banana-checker      0.7.0  →   0.7.1
 - grunt-eslint             21.0.0  →  22.0.0
 - grunt-stylelint          0.10.1  →  0.11.0
 - stylelint                 9.9.0  →  10.1.0

Also npm audit (fix) them afterwards.

Addresses CVE-2019-10744.

Change-Id: I3153e269decab7f2637e2a41934e0ee07a5df760
2019-07-31 17:29:00 +00:00
Fomafix d73105191d Simplify by using mw.util.getUrl
Change-Id: I97a0716e3ff69894c86fae04234d43fcab335b4a
2019-07-03 08:43:40 +02:00
Daimona Eaytoy c73d5b5bde Restore highlighting of all keywords, functions, etc.
Short explanation on phab. Ace stops at the first regex match, so we
must use a function to specify the token type.

Bug: T219593
Change-Id: If7e6e98de81ce7e1be334732518425c8115e4aea
2019-03-29 10:44:02 +01:00
jenkins-bot 44d602b9a9 Merge "Use lowercase for built-in variables" 2019-03-22 10:44:24 +00:00
Daimona Eaytoy 553facee1e Move the throttle help tooltip to a message
Follow-up of I982d67aa62a899916a26452aceb9646df8c31232. The help text
was meant to be localized, and I probably forgot to do so in the
mentioned patch.

Change-Id: If394b02819911f9c97519b5c972977c38e6d83fa
2019-03-18 17:38:45 +01:00
Daimona Eaytoy bae9c5bb8f Use lowercase for built-in variables
The uppercase is just a leftover from a long time ago. Currently,
variables are case-insensitive, and we already perform a strtolower when
saving them. Since most parts of the code already use lowercase, the
uppercase leftovers only make it harder to grep the code to find
variables. As a bonus, make Ace recognize variables in a
case-insensitive fashion.

Change-Id: I72933fcc9952fc1aabf6464b2fc0b04ec39c024b
2019-03-17 14:23:11 +01:00
jenkins-bot 001a83272d Merge "Add help links for throttle groups" 2019-03-17 09:59:25 +00:00
Daimona Eaytoy c49707e463 Make text fields use readonly instead of disabled
So that they're easier to read, and because readonly is semantically
more appropriate.

Bug: T217143
Change-Id: I76be8e7fb1cf46efd0c03cde74344be6cb2a0902
2019-02-27 11:52:59 +01:00
Daimona Eaytoy 6e2b66f96d build: Update eslint-config-wikimedia to 0.10.1
And exclude no-global-selectors for now...

Change-Id: I0cea497ff8d8c749ea4f365c968428af01e85d18
2019-02-18 19:26:42 +01:00
Daimona Eaytoy fe03de6e4f Add help links for throttle groups
Several people have reported throttle groups being hard to use, mostly
because the field doesn't have options with the usable groups. This is
because users can combine valid groups in many ways, and thus we don't
provide options. However, let's add an help link pointing to mw.org.

Change-Id: I982d67aa62a899916a26452aceb9646df8c31232
2019-01-24 12:58:41 +01:00
Daimona Eaytoy 4b33b2b5a7 Strike suppressed AbuseLog entries
Instead of adding a message, do like core does by striking and greying
out the row. Plus, don't show the AbuseLog page description when hiding
entries, as it doesn't fit.

Change-Id: I645a89dd8df79d45ca440e0ba62adcdee921b8e9
2019-01-23 11:34:43 +01:00
jenkins-bot 9ce4afb010 Merge "Add names to anonymous JS function" 2019-01-19 13:27:43 +00:00
jenkins-bot 196272fbc1 Merge "Move changed field styles to TD for history pager" 2019-01-19 13:18:32 +00:00
jenkins-bot b35ba5af45 Merge "Warn the user if they try to leave the page with unsaved changes" 2019-01-19 12:57:50 +00:00
jenkins-bot 575646393b Merge "Improve code readability" 2019-01-19 12:11:06 +00:00
Bartosz Dziewoński 800ff6d899 ve.init.mw.AbuseFilterSaveErrorHandler: Update to receive entire response
Change-Id: I8d5f60f8d54cbaaf1801a85cb6e12a8f3d4370a4
Depends-On: I818d916275b8451af6910ddaa7cd4d7c653085ee
2018-12-07 14:18:12 -05:00
Daimona Eaytoy 38749b46bb Warn the user if they try to leave the page with unsaved changes
While editing filters, sometimes it happen that you make some change,
forget about it and then reload/close the page, and no warnings will be
issued. This patch makes use of the core module used for normal page
editing to display a warning if trying to leave a filter editing page
with any unsaved change (both to the filter pattern or other form
elements).

Change-Id: I78d79215565d5c82028b1a2a4276497ccbffdea2
2018-12-04 13:06:46 +01:00
Ed Sanders 687106d8af Bring in VE support from VE extension
Change-Id: Ib1354f0404209a15194895026ff9d179d16b1900
2018-11-30 10:59:16 +00:00
Ed Sanders 052c68f639 build: Update eslint-config-wikimedia to 0.9.0
Change-Id: Ia31860b5fcf43ec512fb82c2c332ac08cbf12cf1
2018-11-23 15:50:29 +00:00
Ed Sanders 663a66dc0a Remove obsolete aliases from closures
Bug: T208951
Change-Id: I1330672b62c9d8f49cf31264995e7a07b467178f
2018-11-23 15:44:58 +00:00
Daimona Eaytoy 7427333ed5 Improve code readability
Simplify some logic constructs, reduce the amount of return statements
inside methods, explicitly declare variables before using them, reduce
code duplication, add names to JS anonymous function to produce clearer
stack traces.

Change-Id: Ife4546a91c30d4c519d09a712ba56a2f33abe579
2018-11-19 16:01:37 +01:00
Daimona Eaytoy 9d02b3947a Add names to anonymous JS function
To have clearer stack traces.

Change-Id: Ia086cef5dc916c21a94af7856715754b6bfb496b
2018-11-19 15:46:09 +01:00
Daimona Eaytoy d3a8491c3f Change throttle selector to restore old functionality, overall improvement
Long (sigh) explanation in T203587#4569698. Also, simplified the way
TagMultiselect are generated, this one and the one for change tags.
This new selector is back-compat both with the old textarea and the OOUI
checkboxMultiselect; actually, this one is //fully// compatible with the
old textarea.
Add validation for throttle parameters and unit tests for validation
(split from I976c95658cddb2585910b6f8a5f047aadc4e4d47).
Added a trim when retrieving throttle identifier to allow syntax like
'ip, user'.
Improved the message shown on history.
Re-added the maintenance script to clean DB.

As I wrote in the task, a review by two other people would be great, at
least for the maintenance script (it could potentially break the DB).

Bug: T203587
Bug: T203336
Bug: T203584
Bug: T203585
Depends-On: I3b2e763bd8835207dc5df1db43d3e1881e6961c3
Change-Id: I7831dbb0bab55807392ac1f7915d6cb0cb713593
2018-11-14 12:51:36 +01:00
Daimona Eaytoy f780704d14 Open the page for editing warning message in a new tab
Or in a new window, depending on user settings. In any case, not in the
current window without warning before leaving.

Change-Id: Ia64db1f9491d9cc55bee99321f0f14bd78785140
2018-10-12 10:40:05 +02:00
se4598 9d12e1b353 Allow selecting custom disallow message
You can now select a custom message to be displayed for disallowing a edit
the same way as for warn mode. This can be the same or a totally different
message.

This also solves the usecase, when a edit filter is set to warn AND disallow,
to be able to show the user a custom message, but the generic is shown
on the second try (disallow). Now it can be only set to disallow.

Bug: T27086
Change-Id: Ic1de03a6944c43a346fa317ee0a217551f0d284a
2018-10-11 10:35:01 +02:00
Daimona Eaytoy e60dacbbea Fix code comments
Fixed some comments adding explanations, fixing syntax, and parameter types
for docblocks. Also fixed some whitespace mess, and added a missing use
statement.

Change-Id: I3547c90bdaa2cab5443e8bf0c63b217fe6ba663f
2018-10-03 16:45:03 +02:00
Daimona Eaytoy 1634bd1b35 Move changed field styles to TD for history pager
This produces the following results:
*Fields are coloured with red even when empty, to make clear that the
field has been changed and emptied.
*The background color is applied to the whole cell, with no padding.
This is clearer to see, although I don't know if the visual effect is
acceptable (to me, it is).
The weight of CSS rule has to be increased too, since core classes are
loaded first.

Plus, improve a little bit the way changed fields are detected.

Bug: T204650
Change-Id: I1b107e47b3b8b2e23c6f135e0d6f26768c5f39b2
2018-09-21 16:17:36 +02:00
jenkins-bot 9cd7886f73 Merge "Change events used with the Ace editor" 2018-09-05 17:28:15 +00:00
Daimona Eaytoy 063bdf0a4b Change events used with the Ace editor
Use an Ace-builtin "change" event on the editor so that it also triggers
for search&replace. Also, use "change" instead of "keyup" on the
textarea, just to be sure not to miss anything.

Bug: T203391
Change-Id: Ib246c30a575d140642c74e8ac08b24bdeaaf0347
2018-09-03 16:05:14 +02:00
Daimona Eaytoy db4a0a1eec Break long lines in JS code
Bug: T203365
Change-Id: If9d5f8d4c341f2f273eda3f1fd54d59a04a9d263
2018-09-03 10:49:24 +02:00
Daimona Eaytoy b46a4336de Remove hex numbers from Ace highlight
Since our parser doesn't recognize them. Follow up of
If95e34fc7260413c4fb39c18a1ef44f5a93e1a68.

Change-Id: I4511a69f3be60b4c90b499c5179cf0f5bf1d6b07
2018-08-23 12:23:16 +02:00
jenkins-bot 81a4fdc964 Merge "Improve Ace syntax highlight" 2018-08-23 10:14:57 +00:00
Daimona Eaytoy e8a4517d6b Improve Ace syntax highlight
Several improvements, this is the list:
*Added highlighting for disabled and deprecated variables
*Simplified a bit Ace's keyword mapper
*Added highlighting for ternary operator
*Added logic to retrieve operators from AF tokenizer
*Removed $ symbol since it's not usable in declaring stuff
*Customized highlighting via CSS

Depends-On: I5c370b54e6516889624088e27928ad3a1f48a821
Change-Id: If95e34fc7260413c4fb39c18a1ef44f5a93e1a68
2018-08-22 15:23:35 +00:00
Daimona Eaytoy 4399be933d Use OOUI infusion for the change tags field in ViewEdit
Since this is what it's meant to be for. Better, cleaner, safer.

Change-Id: Ib5f632ac708aeff62b50c91ef60c547036481834
2018-08-22 15:27:06 +02:00
jenkins-bot 55b49e4470 Merge "Make Ace config pass eslint" 2018-08-22 12:45:41 +00:00
Daimona Eaytoy 83ccb376f0 Make Ace config pass eslint
Just a tiny change to be safer.

Change-Id: Id0e188ab6e5d0e14ef5f0fdcce74be5ec7f24470
2018-08-22 11:21:13 +02:00
Daimona Eaytoy 2fc44e9d18 Focus the Ace editor after having added text from dropdown
The classic editor (textarea) already takes focus, while for Ace we need
to explicitly call its focus() method.

Bug: T202480
Change-Id: I8dcf54e46e730b2879b09b4e21198b2ef1131706
2018-08-22 10:57:15 +02:00
Matěj Suchánek 37908c7935 Fix jQuery selector when editing filters
Bug: T200604
Change-Id: Ife88ae0f4b9dca0492c1d9dbfc22a975dd7b6b31
2018-07-28 15:23:14 +02:00
Daimona Eaytoy b825e396b5 Switch editing interface to OOUI & improve NoJS usability
This settles almost everything, leaving the tags part ready to be
further improved in the follow-ups.
Also, replaced some fields with totally different ones, improved the
warn preview area and improved a bit nojs experience by hiding unusable
buttons.

Bug: T132284
Bug: T154749
Change-Id: I7a5caa862a32f9792140c6a4d9708a2d20472672
2018-07-17 14:49:50 +02:00
jenkins-bot 40e7f440e6 Merge "Ace: use built-in function indexToPosition" 2018-06-25 10:41:42 +00:00
Daimona Eaytoy 3c1dae9e14 Allow users with abusefilter-view-private to use testing interface
Now the required need will be abusefilter-modify OR
abusefilter-view-private for /tools, /test and /examine.

Bug: T193903
Change-Id: I3f1a91a2cc1df2272e5d4099cefd7c649a0683d5
2018-06-24 14:10:38 +00:00
Bartosz Dziewoński abe72f2937 Make the "Load filter ID:" field on Special:AbuseFilter/test wider
The translation can be a lot longer in languages which have no common
abbreviation like "ID" for the word "identifier". For example, the
label currently wraps over 3 lines in Polish (pl).

Change-Id: I822aafb52bbe840c00d2f0edbaeec37e3748f96f
2018-06-13 02:32:48 +00:00
Daimona Eaytoy cf4ac34420 Show throttled filters in Special:AbuseFilter
With this patch, filters which are both enabled and throttled have an
"actions automatically disabled" label together with "enabled" and the
row is displayed in red. Plus, some minor changes like removing unused
fields from sortable ones and added a comment to getQueryInfo about used
columns (the idea is that it'll be easy to understand if a given column
is already there, plus if we'll need the missing one we may just replace
it with '*').

Bug: T154206
Change-Id: Iab157d094cbf2d50e9db537535fd48243e74af0b
2018-06-08 21:54:58 +02:00