Now the required need will be abusefilter-modify OR
abusefilter-view-private for /tools, /test and /examine.
Bug: T193903
Change-Id: I3f1a91a2cc1df2272e5d4099cefd7c649a0683d5
In If67035991a0835ec3edc13be4543e6b40c76c3ea I changed a couple of links
to OOUI buttons, but forgot to add one of these to the output (and to
enable OOUI as well).
Change-Id: I7dd4b554bae406bc0c8326867298302ee10b47f2
While the change itself is simple, the only problem here is the desing,
since we're adding even more vertical space with this.
Bug: T164108
Change-Id: Ic5373dd4f0b85dc1311d90ac165d4520ac956e68
With I91a9c5cca55e540a6c95b750579c1c369a760b15 we replaced some globals
with Config and, in doing this, we added "$config->has()" to check if a
variable was null. However, "has" will always return true even if the
value is null (it only checks if it exists), and thus we end up showing
a global abusefilter pager even if no central DB is set.
Bug: T195022
Change-Id: I751fdefd29b6af1361021d4343ba67f16c99a037
They were defaulted to false with
I93ad51ffe7bee597d2d127f4c5d6b2929ffc8f7e, which broke use cases where
the page field is NOT required, nor has a 'required' => false explicitly
declared.
Bug: T194425
Change-Id: I5ab768c02a30b6d053104e590729ef22bb4e0808
Pretty self-explanatory and straightforward, since recentchanges has a
dedicated column for bot edits.
Bug: T193994
Change-Id: I76d41e082aed262640e9fff856eeb97df49633d5
With If16975dd394cfdb3c57ff263366c2fc865de362a I broke flags checkboxes,
i.e. the one for enabling/deleting/etc. a filter. In fact, I
misunderstood the way cbReadOnlyAttribute was used (a dirty way,
actually) and this caused such checkboxes not to be disabled if the user
didn't have rights to edit the filter.
Change-Id: Ibf80b54e0f620734ad7767e4769a93bbf1feccff
The $deadActions array is populated but never used. At first I thought
it was about actions which aren't available, but this isn't right.
Instead, it's only used to keep track of available actions which aren't
used in the current filter. Which is some data that we don't need, nor
there's nothing we may do with that.
Bug: T188181
Change-Id: Ibdfeb92ccd790c0b1a4d79b382b053b9361459f8
We used to display the checkbox to block talk without checking if
it was defined. This caused a warning and an empty space with
wgBlockAllowsUTEdit set to false.
Change-Id: I97f82633e932de7e325615473c85245a406a55ef
After Id4dc1debf0240d5b336f4d9ab5b363c240f08807, the method has been
moved, and in doing that I forgot to change this line.
Change-Id: I20caf06f2c568605bd6a90c9cf2b425cd51512e7
Like we did for other links in /diff and /histories, there are some
links that we'd better display as OOUI buttons. Also, use the Html
class' specific method to show errorboxes.
Bug: T132284
Change-Id: If67035991a0835ec3edc13be4543e6b40c76c3ea
I'd like to have this reviewed by more than one user before merging, to avoid regressions of annoying typos.
Change-Id: I91a9c5cca55e540a6c95b750579c1c369a760b15
I found these vulnerabilities while trying to setup seccheck. Although
I'm not sure whether seccheck recognised them, I'm sure that they exist
since I did manual tests, and it's possible to inject custom scripts
with these.
Change-Id: I97804be8352a1b784d483195edb29e363a0c616e
The variable was declared in the "if" branch but also used in the "else"
one. This caused the rules textarea to not have the readonly attribute
if the user wasn't allowed and CodeEditor wasn't installed.
Change-Id: I2bf69dc0f2d24efac41d1ac6100ed7e286e3afa4
This is taken from I6a57a28f22600aafb2e529587ecce6083e9f7da4 and makes
all the needed changes to make phan pass. Seccheck will instead fail,
but since it's not clear how to fix it (and it is non-voting), for the
moment we may merge this and enable phan on IC.
Bug: T192325
Change-Id: I77648b6f8e146114fd43bb0f4dfccdb36b7ac1ac
Follow-up of Iaeae672dca66ffc745054daabd6f0eae7dfbc648. Some actions
were still marked with red, specifically the ones with block inside. The
reason is that we stored the 'blocktalk' parameter as an emtpy string if
false, which wasn't filtered when loading request. Changing the empty
string to something different is enough to fix the problem, hopefully
without regressions. Note that this isn't retroactive and needs an edit
to become effective.
Bug: T189681
Change-Id: I7d7f0606fc23bad5ba342076066ab0e935680b3f
I added searchEnabled in I0771fa048d21031ed1e0f8a6909213bdb869a5ed, but
forgot to pass it as parameter when there's an error with the regex.
This means that, if you try to make a search with a wrong regex, when
the page is reloaded the fields for searching aren't shown and you get a
PHP warning. Here I also added warning suppressions as usually done when
checking regex validity to avoid unnecessary PHP warnings.
Change-Id: Ibc3110c30959c99d0825e1e3d7edb1e96dd9d536
This should fix every error with excluded rules, leaving only the one
for $wgTitle. A double check would be nice in order to avoid regressions
due to stupid mistakes.
Bug: T178007
Change-Id: I22c179f3a01d652640304b59e43fcb5b5a9abac3
It solves a bug and other problems, especially related to permissions.
Tested as much as I could but with an imperfect global filters system,
so there may still be something wrong.
Bug: T191539
Change-Id: I0771fa048d21031ed1e0f8a6909213bdb869a5ed
This is the long-term solution for the problem. The ToDo may be
unnecessary, but leaving it there as a caveat.
Bug: T190602
Change-Id: I5e3764dbec8ac21f20c460181ae78ed73eca92f6
Yes, this is a sniff bug - however, ideally every variable should
be on its own line with documentation anyway.
Change-Id: Ic8a96d9ea4dd20d8f689aac0a7dece01a4208929
Currently users can save filters without title or pattern. This
shouldn't be allowed since it leads to lack of clarity. The check is
only performed server-side, since when implementing Ace editor we won't
be able to (easily) add a pure HTML requirement for the pattern field.
Bug: T173947
Change-Id: I1a0418b87cdb1ff423238fcdf1c743930500e605
Standardized Special:AbuseFilter/test and /examine/# to OOUI. They need
to be updated together, since they share the same load filter button
(now centralized) which needs to be handled in a different way.
Bug: T132284
Bug: T58367
Bug: T58368
Depends-On: If3d6a994142e34686bb7fc9f09093f751b599485
Change-Id: Ib935e8c9706e987468e52ec2ad1c7219b35fb9d5
This one was left out, probably because it's not well documented.
Together with the simple conversion, I also added a cap to time
selectors (otherwise users may create huge breaking queries) and wrapped
in a class=success P the success message, like we do when saving
filters.
Bug: T132284
Change-Id: I2ba0a54e27608949cd28b9ac0447d1f2157b0ea2