$wgAbuseFilterAnonBlockDuration didn't default to the actual
value of $wgAbuseFilterBlockDuration but to the default value
of that (which is indefinite). Fixed that (untested)
Change-Id: I26a929bfba997b80445a108e212030fe7faa6428
This creates a $wgAbuseFilterAnonBlockDuration, which
allows for IP blocks to have a different length.
For backwards compatability this is default set to
$wgAbuseFilterBlockDuration.
Change-Id: Ibfd5c9639317150442f745a5759f3c34b38de274
Currently $wgAbuseFilterDisallowGlobalLocalBlocks checks against a
hardcoded list for "block actions", which means that extensions
like GlobalBlocking cannot add actions to it.
Change-Id: I6ac5125782cf0029447948d6d0080103700e397c
This makes AbuseFilter use EditFilterMergedContent if support for
the ContentHandler infrastructure is present. This means living
without some nice bits of context, because EditFilterMergedContent
doesn't provide an EditPage object.
This requires core change I99a19c93 to work correctly.
Change-Id: Ibb9d4c9a36b8a199213958b920902e8006c71fe8
Add a permission 'abusefilter-modify-global' which an administrator must
have to set global rules in the central database.
By default, this right is not associated with any group.
Change-Id: Ied92f7ffd90cb2d8eeb8f3f26b941edbb22b10d6
This patchset will make it possible for other extensions to tap into abusefilter with a custom group, and set different tresholds per group.
See https://gerrit.wikimedia.org/r/#/c/29569/
Change-Id: I21d31bdf28e26f3c830652efc08a247db9f7a86c
* Replace deprecated methods.
* Remove no longer needed function fnmatch().
* Remove superfluous newlines.
* Remove unused and redundant local variables and globals.
* Deglobalization.
* Update documentation.
* Fix incorrect return values or add FIXMEs when in doubt.
* Escape output in a few places where needed.
* Remove unneeded MEDIAWIKI constant checks.
* Fix various JSHint/JSLint issues.
Patch Set 11: Merged https://gerrit.wikimedia.org/r/24701 into
this one per Siebrand's request
Change-Id: I02ba4ce31b6aca5b7324114093f8ece143abc295
* Update rules list view to show global rules toggle, global rules
* Update rule processing to get global rules from memcache, if no
rule exists, get them from the central database and store them in
memcache
* Delete global rule key whenever global rules are updated
* Add filtering for log by wiki on the central database, updated
table definitions to add index on afl_wiki
* Add global $wgAbuseFilterDisallowGlobalLocalBlocks so local wikis
can prevent global rules from locally blocking, removing or revoking
permissions.
* patchset 13: Include recommendations from Tim. Add db updates to
LoadExtensionSchemaUpdates hook.
* patchset 14: forgot to add new files
Change-Id: Id69a9d603f9679f838e8691c651a3e9d8461b422
* Store the revision ID associated with a log entry
if the action is successful.
* Expose this as a diff link in the UI.
* Implicitly hide log entries if their
corresponding revisions are also hidden.
* Includes scope for expanding to log entries if desired.
Change-Id: Ie2d43dd1bacf14289fdf0492bb22267590ee649d
Includes JS to sneakily change the default message if the user changes the filter group without having selected the "warn" action yet.
Change-Id: Ic753c3e018321dba3bf9f6d7bcee10a49c9faac8
Now we can allow some users to view log entries of private abuse
filters, without assigning them the right to see how these filters
work. This feature is asked by the community.
Change-Id: Ic93856804da69d2e6cd8342e36584ae16b3a7974
The purpose of this change is to allow AFTv5 developers to run a separate list of filters against article feedback actions without issues of cross-contamination and bumping up against the condition limit.
Change-Id: I758795f01eaf3ff56c5720d660cd989ef95764a7
This change depends on I92f57fc2c3189c42157478de14a8d48045a253b5.
This change provides a handler for AbortAutoAccount hook and adds new
action to the filter: autocreateaccount. Every time the AbortAutoAccount
is invoked the filter is executed. This may create some issues with
users which are affected by a filter, because it may be triggered on
every page view. The AbuseFilter relies on CentralAuth session
blacklisting - for each session the filter will be triggered only
once and then the autocreationg of account will not be attempted.
I don't know why AbortNewAccount hook takes as $message argument
a text of message, however AbortAutoAccount takes a name of the
message. This makes impossible to produce a user friendly message
why account creation is not allowed.
Change-Id: Ie3a7ee9210fd884d214ad3132a502a00332c3138
I have introduced a new option $wgAbuseFilterNotifications which
allows to configure the extension to send hit notifications to
Special:RecentChanges or UDP. It uses ManualLogEntry class:
ManualLogEntry->publish( 0, $wgAbuseFilterNotifications )
Log entries are _not_ accessible using Special:Log, that's bug 19494.
Change-Id: Ie4bda2f97aa295c0504ba869ef1a99c7a3d20f70
* Store the revision ID associated with a log entry if the action is successful.
* Expose this as a diff link in the UI.
* Implicitly hide log entries if their corresponding revisions are also hidden.
* Includes scope for expanding to log entries if desired.
