Commit graph

122 commits

Author SHA1 Message Date
Daimona Eaytoy b9efb9ec7d Don't pass protocol-relative URLs to the Ace worker
Bug: T271487
Change-Id: Ib344e7c021f9224f08c0c844d4e96e5bede356c8
2021-01-11 13:33:11 +01:00
Daimona Eaytoy 7c1d1c6d7d Return warnings from the parser, add warning for catch-all regexps
This commit introduces some boilerplate for emitting warnings from the
AbuseFilter parser, and also code for showing these warnings in the ace
editor. Adding new warnings should be as simple as appending to
AbuseFilterParser::warnings (and adding the relevant i18n).

Bug: T264768
Bug: T269770
Change-Id: Ic11021b379f997a89f59c8c0572338d957e089a6
2020-12-18 18:22:41 +01:00
Daimona Eaytoy 2a3b636a45 Run real-time validation of rules with an Ace worker
The worker itself is essentially a wrapper around the
abusefilterchecksyntax API.

NOTE: As written in code comments, basically the whole
worker-abusefilter.js script consists of boilerplate code. You can
verify this by diffing this file and 6cb8a9cae1/modules/ace/worker-json.js
This means that there are only ~60 lines of code to review in that file.

Bug: T187686
Change-Id: I8950fcd5917ba226dda80b47b2bb713e685fad36
2020-12-18 15:05:28 +00:00
jenkins-bot 170bd831e7 Merge "ViewEdit: avoid linebreaks in form labels" 2020-10-14 15:29:02 +00:00
jenkins-bot c5a1ab7899 Merge "ext.abuseFilter.edit.js - minor cleanup" 2020-09-30 09:30:14 +00:00
Daimona Eaytoy 62adeb3ce5 Add a lot of selenium tests for the editing view
The editing view is currently full of tech debt, brittle and surprising
code and whatnot. It's basically a miracle if it works without problem,
and it'd be an even bigger miracle if you could change something there
without breaking anything.

For these reasons, and because that class must be refactored as part of
the upcoming overhaul, this patch adds a bunch of selenium tests to test
the main functionality of that page.

In particular, these tests cover all possible cases (each corresponding
to a data source) for which buildFilterEditor can be called, which FTR are:
1 - View the result of importing a filter
2 - Create a new filter
3 - Load the current version of an existing filter
4 - Load an old version of an existing filter
5 - Show the user input again if saving fails after one of the steps
  above

Having automated tests to cover these cases means that we don't have to
manually test all the scenarios manually each time the class is touched.

Bug: T201193
Change-Id: I408e0a132905416effe0d6d6dc0921991edd66bd
2020-09-29 14:22:53 +00:00
Daimona Eaytoy 03becdd2e9 ViewEdit: avoid linebreaks in form labels
This will prevent the labels from being squeezed under certain
conditions (e.g. if the interface is in Chinese). The labels are now
taking up more space for all languages, but that's not a problem because
we have plenty of space on the right.

Bug: T231962
Change-Id: I8569cc63c4116c3a8978258d5656c72fcf2552b0
2020-09-20 13:55:06 +02:00
Daimona Eaytoy c1b4f1084c ViewTools: hide the result box when empty
The <pre> element is now hidden with CSS, and is only shown after the
user clicks the "Eval" button.
Moreover, make the button primary and progressive, as to indicate that
it activates the primary function of that page.

Bug: T253492
Change-Id: I300ce6ec0a84ea73025a5af9173024df7c291e03
2020-09-19 12:37:06 +00:00
DannyS712 5f9c1ab053 ext.abuseFilter.edit.js - minor cleanup
Avoid saving variables only used once, and other cleanup

Change-Id: Id47ebb889fa41373694f226c1a8f39cb2a6d8250
2020-09-17 17:53:33 +00:00
Ed Sanders 4b5e2362fe VE: Add explicit dependency on targetLoader
Change-Id: Ied1af70713b3595b87e2ea2f45797777f32ff7a0
2020-06-30 22:47:18 +01:00
jaredblumer 12f9be5e69 eslint: Update to eslint-config-wikimedia 0.16.0
* Update ESLint config with Selenium WebdriverIO test suite
* Update modules and Selenium pageobjects and specs per ESLint
requirements
* Update grunt-eslint package to 23.0.0 as required by
eslint-config-wikimedia 0.16.0

Bug: T254495
Change-Id: Ibfcf9115adedf9f2c3e7dac1ac626b41fc97b7c4
2020-06-08 21:17:50 -04:00
Daimona Eaytoy 4c98aecf4d Improve var dumping in /details, /examine and /tools
Using var_export for better visual effect, especially for arrays.
The result from /tools is much clearer and the 'wrong syntax' message is
a bit more explicative than before.

Bug: T190653
Bug: T239972
Change-Id: I79a17305c7f19f7900f896f895e9365bb5f2fd58
2020-03-28 17:35:43 +01:00
Ed Sanders d86b74d3de eslint: Add /mediawiki rules
Change-Id: I1853e273fad3308349c79d188bc30de98fe116c4
2020-02-22 15:59:28 +00:00
TheSandDoctor 4a933e034f ext.abuseFilter.tools.js: Replace deprecated editToken with csrfToken
The editToken key of mw.users.tokens is deprecated since MediaWiki 1.27.
This commit resolves it for AbuseFilter.

Bug: T233442
Change-Id: I445313088cef40caf0d0695a64515cd16e83504d
2019-09-22 01:54:34 +00:00
Daimona Eaytoy ed2bc7badf Don't show the form for restoring autopromotion to unprivileged users
Bug: T232881
Change-Id: I80c34c823f505c81e20f83ccf5c5a99e8e69b626
2019-09-13 20:31:17 +02:00
Bartosz Dziewoński 82b6f191d4 Actually return errors for action=edit API
Setting 'apiHookResult' results in a "successful" response; if we want
to report an error, we need to use ApiMessage. We already were doing
this for action=upload. Now our action=edit API responses will be
consistent with MediaWiki and other extensions, and will be able to
take advantage of errorformat=html.

Since this breaks compatibility anyway, also remove some redundant
backwards-compatibility values from the output.

To avoid user interface regressions in VisualEditor, the changes
I3b9c4fef (in VE) and I106dbd3c (in MediaWiki) should be merged first.

Before:
    {
        "edit": {
            "code": "abusefilter-disallowed",
            "message": {
                "key": "abusefilter-disallowed",
                "params": [ ... ]
            },
            "abusefilter": { ... },
            "info": "Hit AbuseFilter: Test filter disallow",
            "warning": "This action has been automatically identified ...",
            "result": "Failure"
        }
    }

After:
    {
        "errors": [
            {
                "code": "abusefilter-disallowed",
                "data": {
                    "abusefilter": { ... },
                },
                "module": "edit",
                "*": "This action has been automatically identified ..."
            }
        ],
        "*": "See http://localhost:3080/w/api.php for API usage. ..."
    }

For comparison, a 'readonly' error:
    {
        "errors": [
            {
                "code": "readonly",
                "data": {
                    "readonlyreason": "foo bar"
                },
                "module": "main",
                "*": "The wiki is currently in read-only mode."
            }
        ],
        "*": "See http://localhost:3080/w/api.php for API usage. ..."
    }

Bug: T229539
Depends-On: I106dbd3cbdbf7082b1d1f1c1106ece6b19c22a86
Depends-On: I3b9c4fefc0869ef7999c21cef754434febd852ec
Change-Id: I5424de387cbbcc9c85026b8cfeaf01635eee34a0
2019-09-09 20:15:19 +02:00
jenkins-bot 8527a10774 Merge "Restyle edit box dimensions" 2019-08-20 16:33:16 +00:00
Daimona Eaytoy b235e1040a Restyle edit box dimensions
Now it's always wider, and so is the "notes" field. Moreover, the
fallback textarea has the exact same size. Plus removed a parameter
which only made it hard to write a CSS rule for the textarea. Since the
textarea is generated by the same code, and we're always using it for
the same thing (filter syntax, regardless of the final goal), make it
always use the same name.

Bug: T230591
Change-Id: Ibb308e80d954c0e81aa09249c38c39572f157948
2019-08-17 18:53:13 +02:00
Bartosz Dziewoński 34cbad3d45 Distinguish AbuseFilter warnings and errors in VE
The VE save dialog will now only display a retry button for
AbuseFilter warnings, and not for errors.

Bug: T211241
Change-Id: I865e8078f79e6bbcb7134b11d5f834f84bb72589
2019-08-01 04:59:18 +02:00
MarcoAurelio f07bf610c0 build: Update npm dependencies
- eslint-config-wikimedia  0.12.0  →  0.13.1
 - grunt-banana-checker      0.7.0  →   0.7.1
 - grunt-eslint             21.0.0  →  22.0.0
 - grunt-stylelint          0.10.1  →  0.11.0
 - stylelint                 9.9.0  →  10.1.0

Also npm audit (fix) them afterwards.

Addresses CVE-2019-10744.

Change-Id: I3153e269decab7f2637e2a41934e0ee07a5df760
2019-07-31 17:29:00 +00:00
Fomafix d73105191d Simplify by using mw.util.getUrl
Change-Id: I97a0716e3ff69894c86fae04234d43fcab335b4a
2019-07-03 08:43:40 +02:00
Daimona Eaytoy c73d5b5bde Restore highlighting of all keywords, functions, etc.
Short explanation on phab. Ace stops at the first regex match, so we
must use a function to specify the token type.

Bug: T219593
Change-Id: If7e6e98de81ce7e1be334732518425c8115e4aea
2019-03-29 10:44:02 +01:00
jenkins-bot 44d602b9a9 Merge "Use lowercase for built-in variables" 2019-03-22 10:44:24 +00:00
Daimona Eaytoy 553facee1e Move the throttle help tooltip to a message
Follow-up of I982d67aa62a899916a26452aceb9646df8c31232. The help text
was meant to be localized, and I probably forgot to do so in the
mentioned patch.

Change-Id: If394b02819911f9c97519b5c972977c38e6d83fa
2019-03-18 17:38:45 +01:00
Daimona Eaytoy bae9c5bb8f Use lowercase for built-in variables
The uppercase is just a leftover from a long time ago. Currently,
variables are case-insensitive, and we already perform a strtolower when
saving them. Since most parts of the code already use lowercase, the
uppercase leftovers only make it harder to grep the code to find
variables. As a bonus, make Ace recognize variables in a
case-insensitive fashion.

Change-Id: I72933fcc9952fc1aabf6464b2fc0b04ec39c024b
2019-03-17 14:23:11 +01:00
jenkins-bot 001a83272d Merge "Add help links for throttle groups" 2019-03-17 09:59:25 +00:00
Daimona Eaytoy c49707e463 Make text fields use readonly instead of disabled
So that they're easier to read, and because readonly is semantically
more appropriate.

Bug: T217143
Change-Id: I76be8e7fb1cf46efd0c03cde74344be6cb2a0902
2019-02-27 11:52:59 +01:00
Daimona Eaytoy 6e2b66f96d build: Update eslint-config-wikimedia to 0.10.1
And exclude no-global-selectors for now...

Change-Id: I0cea497ff8d8c749ea4f365c968428af01e85d18
2019-02-18 19:26:42 +01:00
Daimona Eaytoy fe03de6e4f Add help links for throttle groups
Several people have reported throttle groups being hard to use, mostly
because the field doesn't have options with the usable groups. This is
because users can combine valid groups in many ways, and thus we don't
provide options. However, let's add an help link pointing to mw.org.

Change-Id: I982d67aa62a899916a26452aceb9646df8c31232
2019-01-24 12:58:41 +01:00
Daimona Eaytoy 4b33b2b5a7 Strike suppressed AbuseLog entries
Instead of adding a message, do like core does by striking and greying
out the row. Plus, don't show the AbuseLog page description when hiding
entries, as it doesn't fit.

Change-Id: I645a89dd8df79d45ca440e0ba62adcdee921b8e9
2019-01-23 11:34:43 +01:00
jenkins-bot 9ce4afb010 Merge "Add names to anonymous JS function" 2019-01-19 13:27:43 +00:00
jenkins-bot 196272fbc1 Merge "Move changed field styles to TD for history pager" 2019-01-19 13:18:32 +00:00
jenkins-bot b35ba5af45 Merge "Warn the user if they try to leave the page with unsaved changes" 2019-01-19 12:57:50 +00:00
jenkins-bot 575646393b Merge "Improve code readability" 2019-01-19 12:11:06 +00:00
Bartosz Dziewoński 800ff6d899 ve.init.mw.AbuseFilterSaveErrorHandler: Update to receive entire response
Change-Id: I8d5f60f8d54cbaaf1801a85cb6e12a8f3d4370a4
Depends-On: I818d916275b8451af6910ddaa7cd4d7c653085ee
2018-12-07 14:18:12 -05:00
Daimona Eaytoy 38749b46bb Warn the user if they try to leave the page with unsaved changes
While editing filters, sometimes it happen that you make some change,
forget about it and then reload/close the page, and no warnings will be
issued. This patch makes use of the core module used for normal page
editing to display a warning if trying to leave a filter editing page
with any unsaved change (both to the filter pattern or other form
elements).

Change-Id: I78d79215565d5c82028b1a2a4276497ccbffdea2
2018-12-04 13:06:46 +01:00
Ed Sanders 687106d8af Bring in VE support from VE extension
Change-Id: Ib1354f0404209a15194895026ff9d179d16b1900
2018-11-30 10:59:16 +00:00
Ed Sanders 052c68f639 build: Update eslint-config-wikimedia to 0.9.0
Change-Id: Ia31860b5fcf43ec512fb82c2c332ac08cbf12cf1
2018-11-23 15:50:29 +00:00
Ed Sanders 663a66dc0a Remove obsolete aliases from closures
Bug: T208951
Change-Id: I1330672b62c9d8f49cf31264995e7a07b467178f
2018-11-23 15:44:58 +00:00
Daimona Eaytoy 7427333ed5 Improve code readability
Simplify some logic constructs, reduce the amount of return statements
inside methods, explicitly declare variables before using them, reduce
code duplication, add names to JS anonymous function to produce clearer
stack traces.

Change-Id: Ife4546a91c30d4c519d09a712ba56a2f33abe579
2018-11-19 16:01:37 +01:00
Daimona Eaytoy 9d02b3947a Add names to anonymous JS function
To have clearer stack traces.

Change-Id: Ia086cef5dc916c21a94af7856715754b6bfb496b
2018-11-19 15:46:09 +01:00
Daimona Eaytoy d3a8491c3f Change throttle selector to restore old functionality, overall improvement
Long (sigh) explanation in T203587#4569698. Also, simplified the way
TagMultiselect are generated, this one and the one for change tags.
This new selector is back-compat both with the old textarea and the OOUI
checkboxMultiselect; actually, this one is //fully// compatible with the
old textarea.
Add validation for throttle parameters and unit tests for validation
(split from I976c95658cddb2585910b6f8a5f047aadc4e4d47).
Added a trim when retrieving throttle identifier to allow syntax like
'ip, user'.
Improved the message shown on history.
Re-added the maintenance script to clean DB.

As I wrote in the task, a review by two other people would be great, at
least for the maintenance script (it could potentially break the DB).

Bug: T203587
Bug: T203336
Bug: T203584
Bug: T203585
Depends-On: I3b2e763bd8835207dc5df1db43d3e1881e6961c3
Change-Id: I7831dbb0bab55807392ac1f7915d6cb0cb713593
2018-11-14 12:51:36 +01:00
Daimona Eaytoy f780704d14 Open the page for editing warning message in a new tab
Or in a new window, depending on user settings. In any case, not in the
current window without warning before leaving.

Change-Id: Ia64db1f9491d9cc55bee99321f0f14bd78785140
2018-10-12 10:40:05 +02:00
se4598 9d12e1b353 Allow selecting custom disallow message
You can now select a custom message to be displayed for disallowing a edit
the same way as for warn mode. This can be the same or a totally different
message.

This also solves the usecase, when a edit filter is set to warn AND disallow,
to be able to show the user a custom message, but the generic is shown
on the second try (disallow). Now it can be only set to disallow.

Bug: T27086
Change-Id: Ic1de03a6944c43a346fa317ee0a217551f0d284a
2018-10-11 10:35:01 +02:00
Daimona Eaytoy e60dacbbea Fix code comments
Fixed some comments adding explanations, fixing syntax, and parameter types
for docblocks. Also fixed some whitespace mess, and added a missing use
statement.

Change-Id: I3547c90bdaa2cab5443e8bf0c63b217fe6ba663f
2018-10-03 16:45:03 +02:00
Daimona Eaytoy 1634bd1b35 Move changed field styles to TD for history pager
This produces the following results:
*Fields are coloured with red even when empty, to make clear that the
field has been changed and emptied.
*The background color is applied to the whole cell, with no padding.
This is clearer to see, although I don't know if the visual effect is
acceptable (to me, it is).
The weight of CSS rule has to be increased too, since core classes are
loaded first.

Plus, improve a little bit the way changed fields are detected.

Bug: T204650
Change-Id: I1b107e47b3b8b2e23c6f135e0d6f26768c5f39b2
2018-09-21 16:17:36 +02:00
jenkins-bot 9cd7886f73 Merge "Change events used with the Ace editor" 2018-09-05 17:28:15 +00:00
Daimona Eaytoy 063bdf0a4b Change events used with the Ace editor
Use an Ace-builtin "change" event on the editor so that it also triggers
for search&replace. Also, use "change" instead of "keyup" on the
textarea, just to be sure not to miss anything.

Bug: T203391
Change-Id: Ib246c30a575d140642c74e8ac08b24bdeaaf0347
2018-09-03 16:05:14 +02:00
Daimona Eaytoy db4a0a1eec Break long lines in JS code
Bug: T203365
Change-Id: If9d5f8d4c341f2f273eda3f1fd54d59a04a9d263
2018-09-03 10:49:24 +02:00
Daimona Eaytoy b46a4336de Remove hex numbers from Ace highlight
Since our parser doesn't recognize them. Follow up of
If95e34fc7260413c4fb39c18a1ef44f5a93e1a68.

Change-Id: I4511a69f3be60b4c90b499c5179cf0f5bf1d6b07
2018-08-23 12:23:16 +02:00