Commit graph

4 commits

Author SHA1 Message Date
Daimona Eaytoy 496c2ee370 Add logging when the 'block' action fails
Also avoid using User, use Authority instead.

Bug: T303059
Change-Id: I419ab3726d95ef600e2aa14dca5fa14066d245e3
2022-03-05 19:12:53 +00:00
libraryupgrader 5377ebe819 build: Updating dependencies
composer:
* mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0

npm:
* postcss: 7.0.35 → 7.0.36
  * https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I2b382f3bb236fb44eb24c6a257b13b8fd886541c
2021-07-21 18:51:18 +00:00
DannyS712 71bf9faf49 SECURITY: Avoid database for MediaWiki:Abusefilter-blocker fallback
If the content language is English and the message is invalid as
a username, or the content language is not English and both the
content language version and the English version are invalid, the
user in FilterUser would not be created - now, avoid the onwiki
version of the English message in the fallback, so it could only
be invalid if the default in the i18n files was invalid.

Bug: T284364
Change-Id: I9e9f44b7663e810de70fb9ac7f6760f83dd4895b
2021-07-01 17:35:54 -05:00
Daimona Eaytoy cbea88f818 Add a service to retrieve the filter user
Unfortunately, this isn't using DI completely, because of the
User::newSystemUser call. I'm not even sure if we really need to call it
or we can just stick to new UserIdentityValue, but leaving like this for
now.
Also, the types were weakened to UserIdentity, so the transition is
going to be easy anyway.

Change-Id: I08f8fae0fcc622ff0ac3f86771476d06d1c18549
2020-10-26 14:06:53 +01:00