Commit graph

257 commits

Author SHA1 Message Date
jenkins-bot 14871447ee Merge "Adding some comments to explain what various classes are for." 2013-11-05 13:26:15 +00:00
kaldari 307b078ada Only allow throttling if object caching is enabled...
...otherwise it doesn't work.

This change add 2 checks for object caching, one for the filter
configuration interface, and one for the actual throttle checking.

Bug: 50894
Change-Id: I89ebcc6ff7d91d3a9ad8e744c0c4ff3e33e3b673
2013-10-31 14:59:26 -07:00
kaldari b165827b67 Adding some comments to explain what various classes are for.
Change-Id: Ic44342035bc277dfd75c1da06a3a1205e8c659a4
2013-10-24 15:11:08 -07:00
Siebrand Mazeland 632365e834 Create consistent return point
Change-Id: Iaca35d1d9e94c027b580ead8bec102d1f6306105
2013-10-15 14:27:10 +02:00
Siebrand Mazeland 84d5cd33a2 Remove unused local variables
Change-Id: If708a112ae6df070da19f52682f0e2b19fe67959
2013-10-14 21:39:35 +02:00
Siebrand Mazeland 563bf12331 Pass correct variable to closure
Corrects Change-Id I3d8ace509ec0a9471cc68be3398bb1c108d6e570.

Change-Id: I5937aef91710e48c5417cff55f824ae67825097d
2013-10-14 21:39:05 +02:00
Brad Jorsch 0ef6f6dcce Reset $wgTitle in AbuseFilter::filterAction()
If AbuseFilter::filterAction changed $wgTitle, we need to reset it back
to the old value before returning.

And for good measure, we also need to check the main RequestContext to
make sure it didn't cache the bogus $wgTitle on us.

Bug: 53498
Change-Id: I4d706a1ee07f0b171f98e7d558d7be27e6759614
2013-09-30 14:37:52 -04:00
Aaron Schulz 5c322d6f31 Fixed "A BAD KEY WAS PROVIDED/CHARACTERS OUT OF RANGE" memcached errors
Change-Id: I27b51a4baec34475513407b604cf4c5fcd561cc9
2013-09-17 16:52:19 -07:00
jenkins-bot 74f8ecc379 Merge "Push counter updates to transaction end to avoid contention" 2013-08-30 22:35:35 +00:00
Aaron Schulz a951290cb7 Push counter updates to transaction end to avoid contention
Change-Id: I3d8ace509ec0a9471cc68be3398bb1c108d6e570
2013-08-28 14:31:08 -07:00
Yuki Shira a84e56bd39 Give grep a chance to find the usages
Change-Id: I65fbf2b7cd8d03c669646607e3841eb7d69b4e75
2013-08-18 15:35:16 +09:00
jenkins-bot 963655c81e Merge "New variable: new_pst which provides a PSTed version of new_wikitext" 2013-08-08 08:01:47 +00:00
Marius Hoch fb40850d9e Make sure a session has been started prior to using it
Thanks Anomie for pointing this out.

Change-Id: Ieaa9847e74c35e3080dabeaef8895209bfcc675b
2013-07-31 18:46:43 +02:00
Marius Hoch 4cb9a96ac9 Don't trigger filter hits for nonexisting filter 0
AbuseFilter::getConsequencesForFilters uses filter ids as
array keys, that causes problems if both local and global
filters were hit, because array_merge reindexes arrays.

Example:
https://www.mediawiki.org/wiki/Special:AbuseLog/18687

Change-Id: I81cb110322461e30113199cfa313cd8e8e8b2262
2013-07-09 13:57:22 +02:00
Marius Hoch 8957c003ba Revert "Change AbuseFilter to use UserCache instead of user_text fields"
This reverts commit aaa256aa94.

Bug: 49918
Change-Id: I597cbc03e2ecc45cfcca632232d5bbb1ef7be9d8
2013-06-27 01:01:15 +02:00
Marius Hoch 89726ae861 Allow filtering links and html for page creations
Right now it's impossible to filter added_links etc.
for page creations.

(Only slightly tested)

Change-Id: Iee07fc8bfe41e78abb73d8ae969aa1e4d97339bc
2013-06-05 03:52:29 +02:00
Marius Hoch a7aa0fa185 Fix AbuseFilter::disableConditionLimit()
Used for Special:AbuseFilter/test

Change-Id: I964efbbb0be7cae418746667778874790fdbb499
2013-05-28 00:43:33 +02:00
Liangent 8be81448bd New variable: new_pst which provides a PSTed version of new_wikitext
It's observed that some vandals use {{subst:void}} to trick the system
and other users and this new variable may help.

It would be nice to be possible to diff this variable against
old_wikitext, but it needs some performance consideration.

Change-Id: I4c4c4e806663363b40936363d659c42016e18cf6
2013-04-24 23:01:57 +08:00
jenkins-bot 84487b86d8 Merge "Deprecate addHolder for addHolders." 2013-04-23 21:22:37 +00:00
nischayn22 454a7cc897 Deprecate addHolder for addHolders.
lot of code was using ::merge() to create a new AbuseFilterVariableHolder
this is now simplified using a single addHolders method.

merge() still exists as its usful as a static function.
addHolder() is deprecated.

Change-Id: Ia4f6a56f642242a04cf2973b74ce44d91fce00eb
2013-04-23 23:19:32 +02:00
Kunal Mehta 4bec58cd54 Add a "ucase" function to convert the provided string to uppercase.
I basically took the lcase code and tweaked it to work for uppercase.

Bug: 47321
Change-Id: I230dbd99c27bf3a4a042befd6d334b4c0439bde0
2013-04-17 11:48:15 -05:00
Aaron Schulz 05b38eb613 Merge "Change AbuseFilter to use UserCache instead of user_text fields" 2013-04-09 22:00:51 +00:00
Siebrand Mazeland 3ff9084c2d Fix PHPDoc comments
Change-Id: I7d6da503d909d06b9a10cb55144852e1c4d07569
2013-04-01 11:04:03 +02:00
Alex Monk aaa256aa94 Change AbuseFilter to use UserCache instead of user_text fields
Change-Id: I51210ff91366a3a1610d34ca20e8966aaded89a0
2013-03-27 15:59:34 +00:00
Marius Hoch 42bd0d84f4 AbuseFilter: Change format of database logging/ performance
AF is setting several lazy load variables for the currently editing user.
To do this it's passing along the user name extracted from a user object
and generating a new user object later from that name which is of course
pointless. With this patch I'll pass user objects directly to prevent that.
On top of that I've deprecated a method in AFComputedVariable::compute which
was redundant as there is a more generic one which can solve that task
just fine.

Furthermore I've changed the logging behaviour from serializing the whole
AbuseFilterVariableHolder object to only store the variables. That has two
major advantages:
 * The amount of data that needs to be saved on a filter hit is reduced
   to about 1/10 of what the old version needed.
 * This is much more forward compatible as the old way of saving this
   relied on the class structure to stay the same while this is a simple
   array containing the vars.

On top of that we now only log variables already set by the time
a filter is hit. On top of the obvious performance increasement
that makes it easier for the user to spot the relevant data.

Another thing this change alters is the way the AbuseFilter internally
works with AbuseFilterVariableHolder objects. Right now we use one for
testing the filter(s) and later we use another one to compute the same
data again in case a filter was hit (for logging)!

This is not thoroughly tested yet, but way more sane than what we're
currently doing!

Change-Id: Ib15e7501bff32a54afe2d103ef5aedb950e58ef6
2013-02-28 22:35:22 +01:00
Marius Hoch fdae51ec07 Fix default for $wgAbuseFilterAnonBlockDuration
$wgAbuseFilterAnonBlockDuration didn't default to the actual
value of $wgAbuseFilterBlockDuration but to the default value
of that (which is indefinite). Fixed that (untested)

Change-Id: I26a929bfba997b80445a108e212030fe7faa6428
2013-02-23 00:20:29 +01:00
Hoo man e817f73f13 Merge "Check against $wgAbuseFilterRestrictedActions instead of hardcoded list for block actions" 2013-02-19 13:09:51 +00:00
Hoo man d858cfca35 Merge "Check that $title is defined and is a Title object" 2013-02-19 12:41:39 +00:00
jeblad 53e230c5c7 Check that $title is defined and is a Title object
During testing the context does not always contain a valid
Title object. In those cases AbuseFilter will fail hard.
This changeset makes the filter survive some of those
failures.

Change-Id: I0b2247432619ddf15cc17ed41b4b7a6a11e910e0
2013-02-19 13:39:47 +01:00
Hoo man 750f594b0f Merge "Create variable to set length of IP blocks" 2013-02-19 12:30:53 +00:00
Reedy d729a0ee02 Bug 43011 - AbuseFilter: Invalid argument supplied for foreach
Change-Id: I83f17b1747dd46998ffab2b6f7f867ab24c665a1
2013-02-11 22:30:59 +00:00
Kunal Mehta b8f53e27c3 Create variable to set length of IP blocks
This creates a $wgAbuseFilterAnonBlockDuration, which
allows for IP blocks to have a different length.

For backwards compatability this is default set to
$wgAbuseFilterBlockDuration.

Change-Id: Ibfd5c9639317150442f745a5759f3c34b38de274
2013-02-08 04:59:54 -06:00
Kunal Mehta acb123b148 Check against $wgAbuseFilterRestrictedActions instead of hardcoded list for block actions
Currently $wgAbuseFilterDisallowGlobalLocalBlocks checks against a
hardcoded list for "block actions", which means that extensions
like GlobalBlocking cannot add actions to it.

Change-Id: I6ac5125782cf0029447948d6d0080103700e397c
2013-02-08 02:17:17 -06:00
daniel c1f8d749a7 Allow special pages as context for abuse filter.
The title in the context provided for an edit may be a special page
in some cases, e.g. when an extension uses a special page for creating
new content, and the final name of the content is not yet known
when the EditFilterMergedContent hook is called.

This change will allow special pages to be used in this context.

Change-Id: I5551bff69e3b617a437bd043fdc893dbdcd9f09f
2013-01-22 14:08:50 +01:00
Marius Hoch c4e78e9713 (bug 18174) Added Older and Newer change link to Abusefilter diff
On top of that I changed /history to no longer show the
changes link if it's the first revision of the filter.

As I was on it I fixed the diff selection for diffs like
history/1/diff/2/next where change number 2 was compared
to the last change of the filter instead of the next one.
This probably went unnoticed because the /next action isn't
linked anywhere within the software itself.

Change-Id: Ic28bb696a4dbbb75e0bfcae1843ccefab1a9508a
2013-01-18 10:42:22 +01:00
Hoo man 24427e6d76 Merge changes I72e1a6dd,Ibb9d4c9a
* changes:
  Use Status object to report filter results.
  (bug 42064) AbuseFilter + EditFilterMergedContent
2013-01-17 17:43:32 +00:00
daniel 6522f70fb8 Use Status object to report filter results.
This changes the AbuseFilter to use Status objects for internal
error handling. This allows for more flexibility in passing error
messages back from hooks and avoids double escaping.

Change-Id: I72e1a6dd7dee19f889fc13b60456e9bfebd5e22b
2013-01-17 18:34:19 +01:00
daniel f3788c4f0c (bug 42064) AbuseFilter + EditFilterMergedContent
This makes AbuseFilter use EditFilterMergedContent if support for
the ContentHandler infrastructure is present. This means living
without some nice bits of context, because EditFilterMergedContent
doesn't provide an EditPage object.

This requires core change I99a19c93 to work correctly.

Change-Id: Ibb9d4c9a36b8a199213958b920902e8006c71fe8
2013-01-17 11:18:28 +01:00
Kunal Mehta 772a9fa619 (bug 28362) add conditional article_views variable
If $wgDisableCounters is set, using the variable will result
in a syntax error for an undefined variable.

Change-Id: I136484356506c87ac0e2ede088787e854a0a2fa9
2013-01-16 17:03:47 +01:00
Hoo man a885db279d Merge "Let AbuseFilter work with 1.19" 2013-01-09 01:42:29 +00:00
CSteipp b8b799630b Merge "Properly integrate $wgAbuseFilterValidGroups" 2013-01-07 23:01:48 +00:00
csteipp 586598b5b2 Let AbuseFilter work with 1.19
This patch allows the current AbuseFilter to work with 1.19, by only
using MWTimestamp if MediaWiki is version 1.20 or later.

Api still needs fixing, but this will get filters running.

Change-Id: I7c9eaf777d529ce15dfd85761784f9ad1443f2bf
2013-01-07 14:53:57 -08:00
Matthias Mullie 0c174aec42 Properly integrate $wgAbuseFilterValidGroups
The concept of different AbuseFilter groups had not properly been integrated, but should be now:
- The total number of matches is now group-specific
- .. Which will also fix the emergency shutdown calculations
- And a portion of incorrect code (involving $logged_local_filters) has been fixed (action != group)

Change-Id: I091199a9d74aee47dcb3d8942394a28e0ffd3234
2013-01-07 14:42:51 +01:00
CSteipp 452b918203 Merge "Add hooks to AF that allow altering User and Title specific vars" 2013-01-03 20:38:59 +00:00
techman224 192f2e250e Hidden the test subpage in the navlinks for those without modify rights
The link should not be shown to users that don't have the right to use it,
like with the tools and import pages

Change-Id: Ie48e61a7de61ab095d621845466aea56b7445f5a
2012-12-30 15:23:36 -06:00
Marius Hoch 9fa6ef5a95 Add hooks to AF that allow altering User and Title specific vars
Added two hooks to the AbuseFilter, one that allows altering of the
variables created for a specific user and one for title specific
variables. This a much cleaner way to add title or user specific
variables than using the current general-purpose hooks.

Change-Id: I7374846346dd220b5d0633c11c134030f98bcf00
2012-12-28 00:40:48 +01:00
Krenair c7a617f24d (bug 43105) Don't send HTML to the IRC feeds
Change-Id: Idcbcf1f194f2fc1bdd10fefab570849a72ed30e7
2012-12-22 19:05:51 +00:00
Hoo man 253812a2f4 Merge "(bug 22548) add boolean user_blocked variable" 2012-12-18 19:09:32 +00:00
Kunal Mehta f97df950d7 Add option to have private filters notify UDP/RC (default: disabled)
Change-Id: I7e54f1da9f01634791316e613e79b2b7740f9760
2012-12-16 17:09:30 +01:00
Kunal Mehta 2b01494cfc (bug 22548) add boolean user_blocked variable
Change-Id: I8b61ce42338596a38e411d6023c8f7ff963641a1
2012-12-14 04:32:37 -06:00