Commit graph

103 commits

Author SHA1 Message Date
Marius Hoch 3c5a074881 Use the UploadVerifyFile hook
Use the UploadVerifyFile hook instead of the UploadVerification
one as it provides more data about the upload.
This is the first step towards better upload filtering.

Change-Id: Ie535c7d20ed79a1e26d8d399a7c25d632c9c7fa0
2013-05-16 23:13:10 +02:00
CSteipp 4c2e5af737 Merge "Overhaul of the AbuseFilter JS" 2013-03-07 18:24:07 +00:00
Marius Hoch e3d15fe915 Overhaul of the AbuseFilter JS
I've changed the JS of the AbuseFilter extension to match our
coding conventions and made it use mediaWiki.Api(). Furthermore
I fixed several error handlers and made some things nicer in
general while trying to not change the user appearance.

I've tested the changes as good as I could (I'm pretty sure everything
works).

Change-Id: Iaa0f99367bd7e0bfaf7249dcc9ac9ce9881b46e1
2013-03-07 14:14:25 +01:00
Marius Hoch fdae51ec07 Fix default for $wgAbuseFilterAnonBlockDuration
$wgAbuseFilterAnonBlockDuration didn't default to the actual
value of $wgAbuseFilterBlockDuration but to the default value
of that (which is indefinite). Fixed that (untested)

Change-Id: I26a929bfba997b80445a108e212030fe7faa6428
2013-02-23 00:20:29 +01:00
Hoo man e817f73f13 Merge "Check against $wgAbuseFilterRestrictedActions instead of hardcoded list for block actions" 2013-02-19 13:09:51 +00:00
Kunal Mehta b8f53e27c3 Create variable to set length of IP blocks
This creates a $wgAbuseFilterAnonBlockDuration, which
allows for IP blocks to have a different length.

For backwards compatability this is default set to
$wgAbuseFilterBlockDuration.

Change-Id: Ibfd5c9639317150442f745a5759f3c34b38de274
2013-02-08 04:59:54 -06:00
Kunal Mehta acb123b148 Check against $wgAbuseFilterRestrictedActions instead of hardcoded list for block actions
Currently $wgAbuseFilterDisallowGlobalLocalBlocks checks against a
hardcoded list for "block actions", which means that extensions
like GlobalBlocking cannot add actions to it.

Change-Id: I6ac5125782cf0029447948d6d0080103700e397c
2013-02-08 02:17:17 -06:00
daniel f3788c4f0c (bug 42064) AbuseFilter + EditFilterMergedContent
This makes AbuseFilter use EditFilterMergedContent if support for
the ContentHandler infrastructure is present. This means living
without some nice bits of context, because EditFilterMergedContent
doesn't provide an EditPage object.

This requires core change I99a19c93 to work correctly.

Change-Id: Ibb9d4c9a36b8a199213958b920902e8006c71fe8
2013-01-17 11:18:28 +01:00
Hoo man f10b8eaab5 Merge "Add Permission for Global-Rule Editing" 2012-12-28 01:29:39 +00:00
csteipp cc000576d7 Add Permission for Global-Rule Editing
Add a permission 'abusefilter-modify-global' which an administrator must
have to set global rules in the central database.

By default, this right is not associated with any group.

Change-Id: Ied92f7ffd90cb2d8eeb8f3f26b941edbb22b10d6
2012-12-28 02:27:08 +01:00
Kunal Mehta f97df950d7 Add option to have private filters notify UDP/RC (default: disabled)
Change-Id: I7e54f1da9f01634791316e613e79b2b7740f9760
2012-12-16 17:09:30 +01:00
Matthias Mullie 1706ca0832 Bug 40672 - Abuse filter: Increase 5% limit to allow filtering for very short posts
This patchset will make it possible for other extensions to tap into abusefilter with a custom group, and set different tresholds per group.
See https://gerrit.wikimedia.org/r/#/c/29569/

Change-Id: I21d31bdf28e26f3c830652efc08a247db9f7a86c
2012-10-25 20:21:19 +02:00
Siebrand Mazeland 176227e721 Maintenance for AbuseFilter extension.
* Replace deprecated methods.
* Remove no longer needed function fnmatch().
* Remove superfluous newlines.
* Remove unused and redundant local variables and globals.
* Deglobalization.
* Update documentation.
* Fix incorrect return values or add FIXMEs when in doubt.
* Escape output in a few places where needed.
* Remove unneeded MEDIAWIKI constant checks.
* Fix various JSHint/JSLint issues.

Patch Set 11: Merged https://gerrit.wikimedia.org/r/24701 into
this one per Siebrand's request

Change-Id: I02ba4ce31b6aca5b7324114093f8ece143abc295
2012-10-09 22:26:45 +02:00
Siebrand b7ca16003a Merge "(bug 20272) AbuseFilter does not handle autocreation of accounts." 2012-09-23 18:21:26 +00:00
csteipp 1973ea6714 Add Global Rules
* Update rules list view to show global rules toggle, global rules
* Update rule processing to get global rules from memcache, if no
rule exists, get them from the central database and store them in
memcache
* Delete global rule key whenever global rules are updated
* Add filtering for log by wiki on the central database, updated
table definitions to add index on afl_wiki
* Add global $wgAbuseFilterDisallowGlobalLocalBlocks so local wikis
can prevent global rules from locally blocking, removing or revoking
permissions.

* patchset 13: Include recommendations from Tim. Add db updates to
LoadExtensionSchemaUpdates hook.
* patchset 14: forgot to add new files

Change-Id: Id69a9d603f9679f838e8691c651a3e9d8461b422
2012-08-27 03:30:07 +00:00
Andrew Garrett 53aea9c0ce AbuseFilter: Resolve bug 18374, bug 28633.
* Store the revision ID associated with a log entry
 if the action is successful.
* Expose this as a diff link in the UI.
* Implicitly hide log entries if their
 corresponding revisions are also hidden.
* Includes scope for expanding to log entries if desired.

Change-Id: Ie2d43dd1bacf14289fdf0492bb22267590ee649d
2012-07-11 10:16:59 -04:00
Andrew Garrett 18bac6fed9 AbuseFilter: Make it possible to have differing default warning messages for differing filter groups.
Includes JS to sneakily change the default message if the user changes the filter group without having selected the "warn" action yet.

Change-Id: Ic753c3e018321dba3bf9f6d7bcee10a49c9faac8
2012-06-26 21:56:30 +02:00
Liangent 310ed92824 Add new user right: abusefilter-log-private
Now we can allow some users to view log entries of private abuse
filters, without assigning them the right to see how these filters
work. This feature is asked by the community.

Change-Id: Ic93856804da69d2e6cd8342e36584ae16b3a7974
2012-06-18 18:56:48 +08:00
Andrew Garrett dc207d0cbd Abuse Filter: Allow filters to be split into "groups" for the purposes of operating them on different types of input.
The purpose of this change is to allow AFTv5 developers to run a separate list of filters against article feedback actions without issues of cross-contamination and bumping up against the condition limit.

Change-Id: I758795f01eaf3ff56c5720d660cd989ef95764a7
2012-05-12 12:53:32 +10:00
Szymon Świerkosz 36257344f1 (bug 20272) AbuseFilter does not handle autocreation of accounts.
This change depends on I92f57fc2c3189c42157478de14a8d48045a253b5.

This change provides a handler for AbortAutoAccount hook and adds new
action to the filter: autocreateaccount. Every time the AbortAutoAccount
is invoked the filter is executed. This may create some issues with
users which are affected by a filter, because it may be triggered on
every page view. The AbuseFilter relies on CentralAuth session
blacklisting - for each session the filter will be triggered only
once and then the autocreationg of account will not be attempted.

I don't know why AbortNewAccount hook takes as $message argument
a text of message, however AbortAutoAccount takes a name of the
message. This makes impossible to produce a user friendly message
why account creation is not allowed.

Change-Id: Ie3a7ee9210fd884d214ad3132a502a00332c3138
2012-05-10 10:08:48 +02:00
Szymon Świerkosz 93b7990fa3 (bug 18080) Send filter hits and changes to irc.wikimedia.org.
I have introduced a new option $wgAbuseFilterNotifications which
allows to configure the extension to send hit notifications to
Special:RecentChanges or UDP. It uses ManualLogEntry class:
ManualLogEntry->publish( 0, $wgAbuseFilterNotifications )

Log entries are _not_ accessible using Special:Log, that's bug 19494.

Change-Id: Ie4bda2f97aa295c0504ba869ef1a99c7a3d20f70
2012-05-04 16:45:19 +02:00
Roan Kattouw 6c4bd57043 Revert r111217 (unreviewed rev in AbuseFilter) and its dependencies r113585, r113587, r113588, r113589.
All of these revisions are tagged with 'gerritmigration' and will be resubmitted into Gerrit after the Gerrit switchover. See also http://lists.wikimedia.org/pipermail/wikitech-l/2012-March/059124.html
2012-03-21 19:41:11 +00:00
Sam Reed 27fdc84e88 Swap
version_compare($wgVersion, '1.17alpha', '>=') ? 'antispam' : 'other'

for

'antispam'
2012-02-13 14:06:45 +00:00
Andrew Garrett 5e4289ce4e AbuseFilter: Resolve bugs 18374, 28633.
* Store the revision ID associated with a log entry if the action is successful.
* Expose this as a diff link in the UI.
* Implicitly hide log entries if their corresponding revisions are also hidden.
* Includes scope for expanding to log entries if desired.
2012-02-10 23:41:05 +00:00
Mark A. Hershberger 504d830106 Revert r107454 based on concerns raised by Prodego. 2011-12-28 00:48:15 +00:00
Mark A. Hershberger 8e81b37871 Fix Bug 33380 - Details of actions caught by a private filter should be private
Author: Nikola Kovacs

Related patch on r107451
2011-12-28 00:26:13 +00:00
Sam Reed 7f6a9eb119 Removed $updater === null code
Add create user code from install.php

Delete install.php
2011-12-27 16:35:30 +00:00
Tim Weyer 24070aebf0 Replacing by in a few of most used extensions and renaming Special....php to ..._body.php 2011-12-18 10:27:44 +00:00
Brion Vibber edb3525992 Update a butt-ton of extension about URLs to point to https://www.mediawiki.org/ 2011-12-13 23:49:33 +00:00
Alexander K. 4e133035b8 Followup r102138 -- fixes according to Werdna's comment 2011-11-06 21:05:03 +00:00
Alexander K. f128bd5931 Allow to define custom actions and their callback functions 2011-11-06 01:15:55 +00:00
John Du Hart 9c75f9907f Followup r95572, minor tweaks per CR 2011-09-30 00:48:00 +00:00
John Du Hart 3f06314486 Followup r95572, rename API modules to reduce chance of collisions per CR 2011-09-29 23:30:42 +00:00
John Du Hart 49b54bb0bb Follow-up to r95572, remove $wgAjaxExportList 2011-08-26 23:06:42 +00:00
John Du Hart b30697e94c Adds ResourceLoader support to AbuseFilter
Rewrote javascript to use jQuery
Added API modules to replace sajax_* calls
Solves bug 29714
2011-08-26 20:12:34 +00:00
Sam Reed 56f266da57 Create api folder, move api files into it
Same for special
2011-05-10 23:05:25 +00:00
Daniel Friesen 0d6bea90e2 Followup r78590, apparently the code that puts unknown categories of extensions into 'other' was not implemented until MediaWiki 1.17... *sigh* So we need to include a version check on these extensions until they stop supporting pre-1.17 versions of MediaWiki. 2010-12-20 04:05:54 +00:00
Daniel Friesen 4f44b0da96 Change extension group 'other' for some of our antispam extensions into the new 'antispam' extension groups. Pre trunk wiki will just keep displaying them in 'other' anyways till release. 2010-12-19 01:59:11 +00:00
Andrew Garrett a2fedffabb Abuse filter log suppression:
* Create a unique title for each log entry, Special:AbuseLog/X
* Log suppression and unsuppression in the suppression log like everything else.
2010-08-20 06:25:19 +00:00
Jack Phoenix 5e0330c6cc AbuseFilter: coding style tweaks, changed some while loops to foreach (as per http://www.mediawiki.org/wiki/Manual:Coding_conventions#Assignment_expressions) and added __METHOD__ to one DB query 2010-08-19 21:12:09 +00:00
Andrew Garrett fe39e38282 AbuseFilter: Introduce hiding of abuse log entries, controlled by abusefilter-hidden-log and abusefilter-hide-log rights. 2010-06-25 20:04:55 +00:00
Siebrand Mazeland 2c3a3fd78a * Remove $wgExtensionCredits['description'] where $wgExtensionCredits['descriptionmsg'] present. This feature was introduced in MediaWiki 1.12, and 'description' is not used if 'descriptionmsg' is present.
* Random indentation updates and trailing whitespace removed
2010-02-22 23:41:51 +00:00
Jack Phoenix 569476c27f AbuseFilter: native parser is no more, so removing the empty parser_native folder and unused globals from setup file. See r45971 and r46090 2009-10-08 10:36:16 +00:00
Jack Phoenix e2a16fe755 AbuseFilter: big commit - coding style & spacing cleanup; also marked SpecialPages' construct() and execute() functions as public and capitalized some SQL keywords 2009-10-07 13:57:06 +00:00
Andrew Garrett 4e3f9ab256 Add abusefilter-view-private right for viewing private abuse filters. Patch by Haza-w with stylistic and other minor adjustments 2009-07-03 14:17:05 +00:00
Andrew Garrett f176a96fa7 (bug 18659) Allow setting AbuseFilter block duration with $wgAbuseFilterBlockDuration 2009-06-03 15:52:53 +00:00
Andrew Garrett 3b7d6574e6 (bug 18095) Trigger AbuseFilter on file upload. Presently, the only metadata is SHA1, but we'll see what we can do for other stuff on request. 2009-06-03 15:10:44 +00:00
Shinjiman 4bae4232dd * (bug 18242) Show the Subversion revision number per extensions in Special:Version (currently applied on some extensions to get the entries file) 2009-04-26 05:22:33 +00:00
Andrew Garrett 91f46a5697 (bug 18423) Add link to filtered abuse log on Contributions. Patch by Simon Walker, with minor fixes for double-escaping and wikitext in messages. 2009-04-24 01:53:12 +00:00
Andrew Garrett 1a0fc0fea9 Add import/export interface for filters so that filters can be copied across wikis 2009-04-23 04:23:56 +00:00