Commit graph

127 commits

Author SHA1 Message Date
Matěj Suchánek 55c27a8f6b Require MediaWiki 1.29
After I544cdfa75c7472f2d98b2561bc6f6f9c2d2ad639 (dieWithError
and checkUserRightsAny), this is the oldest MediaWiki version
AbuseFilter can be run on.

AbortMove was removed from MediaWiki in 1.25, UploadVerifyFile
is only relevant for 1.27 and older.

(Replaces I1e962217c3b20d901a5742cf76339a3f488a6e97.)

Change-Id: Iec237b2887f72b115fdcef78d2d7a944ba82c784
2017-08-10 11:01:34 +02:00
Gergő Tisza 6a2627e944 Change some globals to work better with extension registration
Rename $wgAbuseFilterAvailableActions / $wgAbuseFilterRestrictedActions
to $wgAbuseFilterActions / $wgAbuseFilterRestrictions and make
them an associative array instead of a plain one, as that works more
sanely with extension registration. (The renaming helps to give more
useful errors to sites using the old config.)

Change-Id: I790d39c2849922d7daf7479f298cd90cf30af129
2016-06-06 19:53:53 +00:00
Gergő Tisza d527574d2b Add extension.json, empty php entry point
For ease of review this is the same as
Icff39f3f79f7ffe86214cfa216b53f3d882e1968 and the necessary changes
are done in the child patch. Should not be merged without that.

Bug: T87876
Change-Id: Iefd8d34619bbfb7602c4fea869f3f89fdeb9057b
Co-Authored-By: Paladox <thomasmulhall410@yahoo.com>
2016-06-03 19:16:26 +00:00
Gergő Tisza 8cc1aa78bf Revert extension registration and following changes
Reverts:
* e71808f4c4 ("Add extension.json, empty php entry point")
* 8c937957c0 ("Update for AuthManager")

Bug: T136929
Change-Id: Iefc88cb4e981113119f850ca70b9486675bf8a8d
2016-06-03 14:57:55 +00:00
Gergő Tisza e71808f4c4 Add extension.json, empty php entry point
Bug: T87876
Change-Id: Icff39f3f79f7ffe86214cfa216b53f3d882e1968
2016-05-28 18:42:26 +00:00
Bartosz Dziewoński 337cad30d9 Add $wgAbuseFilterProfile to enable filter profiling
Follow-up to b60829a60c.

I'll fix up message translations on Translatewiki when this is merged.

Bug: T132189
Change-Id: I1ecaedd7489b264ed621309b6fbfb63b9287a437
2016-04-08 16:53:45 +00:00
Aaron Schulz ff18e8a06c Compute last-recent-authors result during edit stashing
This query takes a large chunk of page save time (per xenon).
Try to perform the query before page save.

Bug: T116557
Change-Id: I50432658d387b24e47db7ed66880e53c3e4adee7
2016-01-28 21:11:39 +00:00
Siebrand Mazeland ce1396aea7 Add support for PHP CodeSniffer checks
Also fix any remaining errors and warnings.

Change-Id: Ie49c6172e6bbf8040e5524d33d2f719e96784745
2016-01-06 09:59:47 -08:00
Niklas Laxström df6cde026c Remove EditFilterMerged BC code
This extension already requires 1.23+

Change-Id: Ie56d701c1663a280372caaf71560dfdca7500619
2015-11-23 11:17:34 +01:00
Ori Livneh d80a737921 AbuseFilter: don't install custom error handler
Scrap the AFPRegexErrorHandler custom error handler clusterfuck and replace it
with a simple try-catch that accomplishes the same thing.

Change-Id: Ice1b6da433b892d9871780a9753c098aa639bf6c
2015-10-21 23:56:53 +00:00
Ori Livneh bab9832415 Move rule tokenization to new AbuseFilterTokenizer class
* Move AbuseFilterParser::nextToken() and the various AbuseFilterParser
  properties that accompanied it to a new class, AbuseFilterTokenizer.
* Tokenize rules eagerly and cache the result in APC.

Change-Id: I15f5b5b65e8c4ec4fba3000d7c9fd78b98967d1d
2015-08-25 14:00:10 -07:00
paladox 9a90457935 Remove i18n shim
Change-Id: Ic98f643d02c0e2a51fd07bf8a2d8a6cedba02135
2015-07-03 11:00:32 +00:00
umherirrender d829d0c0b3 Replace deprecated $wgSpecialPageGroups
$wgSpecialPageGroups is deprecated since 1.21
override SpecialPage::getGroupName instead

Change-Id: I2d1a3182a554825b24145bacef0f4c7520b92dd5
2015-05-15 21:42:44 +02:00
Gilles Dubuc 2dfa95be83 Explicitly define module position
Style modules currently added through addModuleStyles default
to being in the head ("top" position). This is an unhealthy default,
since only critical styles that are needed at pageload should be
in the head. In order to be able to switch the default to "bottom",
existing module positions have to be defined explicitly.

Bug: T97410
Change-Id: If3348022bca5eed73dee956d676ace26c4bacafb
2015-04-28 15:28:42 +02:00
se4598 616b9fb34c Add license name to credits and add minor config code comment
Change-Id: I4add882647275b6031f14e3c5ce3713533e7d04e
2015-02-17 01:26:10 +01:00
This, that and the other e00c245beb Implement ChangeTagsListActive hook
This allows users to visit Special:Tags or use the API to see
which change tags are still in active use.

The ChangeTagsListActive hook was introduced to core in
I77f476c8d0f32c80f720aa2c5e66869c81faa282

Change-Id: I456da1d151b576a4b4b62569a7804e3a3dd5e611
2015-02-04 19:22:00 +00:00
Antoine Musso 99d265e830 Fix autoloader entries
Change-Id: I4b9996239fc5a3e6efd087db49566c95edd95a09
2014-12-18 11:29:39 +01:00
Kunal Mehta 8ed29d19b6 Use MovePageCheckPermissions hook if possible
Change-Id: Ic5026384b92a0d68d628397ffe1de6e5b6183f02
2014-10-27 16:13:58 -07:00
Kunal Mehta 0a79fa054f Add hook subscriber for UserMergeAccountFields
Bug: 67757
Change-Id: Ibd77e7169c29f0757bc57fb1d0d13f765706d57e
2014-09-16 21:25:13 +00:00
helderwiki 20dabefe22 Improve error handling for HTTP requests
The API provides more details about HTTP errors, so show these to
the user instead of a generic "An unknown error occurred."

Bug: 68767
Change-Id: I3188b9729c815a07c65a7dbef4d40deebe29b87d
2014-08-02 11:56:32 +00:00
Siebrand Mazeland acb351e8af Migrate to JSON i18n with B/C
Change-Id: Ic20925f91570b742f30dc354a7e0e39d4d27edfd
2014-03-25 19:15:03 +01:00
Reedy cac808a35c Write maintenance script for AbuseFilter to purge old IP data from logs
Bug: 51573
Change-Id: I93392d77fb6172d55353d2ba7fb1be3a19f13b11
2013-11-19 21:44:14 +00:00
Marius Hoch 35747761fb Allow running the AbuseFilter parser tests via phpunit
I've also added myself to the credits file as I'm the only
maintainer of this extension for a while now.

Change-Id: Id998172ea2abd70b8243de9db1a96cc2cfa47a64
2013-07-08 19:22:43 +02:00
Marius Hoch 83357aafd0 Make use of the APIEditBeforeSave hook for nicer errors
Bug: 32216
Change-Id: I654eb21faffa1371f637d98d0fcd38c005048507
2013-07-08 19:10:25 +02:00
Marius Hoch 3c5a074881 Use the UploadVerifyFile hook
Use the UploadVerifyFile hook instead of the UploadVerification
one as it provides more data about the upload.
This is the first step towards better upload filtering.

Change-Id: Ie535c7d20ed79a1e26d8d399a7c25d632c9c7fa0
2013-05-16 23:13:10 +02:00
CSteipp 4c2e5af737 Merge "Overhaul of the AbuseFilter JS" 2013-03-07 18:24:07 +00:00
Marius Hoch e3d15fe915 Overhaul of the AbuseFilter JS
I've changed the JS of the AbuseFilter extension to match our
coding conventions and made it use mediaWiki.Api(). Furthermore
I fixed several error handlers and made some things nicer in
general while trying to not change the user appearance.

I've tested the changes as good as I could (I'm pretty sure everything
works).

Change-Id: Iaa0f99367bd7e0bfaf7249dcc9ac9ce9881b46e1
2013-03-07 14:14:25 +01:00
Marius Hoch fdae51ec07 Fix default for $wgAbuseFilterAnonBlockDuration
$wgAbuseFilterAnonBlockDuration didn't default to the actual
value of $wgAbuseFilterBlockDuration but to the default value
of that (which is indefinite). Fixed that (untested)

Change-Id: I26a929bfba997b80445a108e212030fe7faa6428
2013-02-23 00:20:29 +01:00
Hoo man e817f73f13 Merge "Check against $wgAbuseFilterRestrictedActions instead of hardcoded list for block actions" 2013-02-19 13:09:51 +00:00
Kunal Mehta b8f53e27c3 Create variable to set length of IP blocks
This creates a $wgAbuseFilterAnonBlockDuration, which
allows for IP blocks to have a different length.

For backwards compatability this is default set to
$wgAbuseFilterBlockDuration.

Change-Id: Ibfd5c9639317150442f745a5759f3c34b38de274
2013-02-08 04:59:54 -06:00
Kunal Mehta acb123b148 Check against $wgAbuseFilterRestrictedActions instead of hardcoded list for block actions
Currently $wgAbuseFilterDisallowGlobalLocalBlocks checks against a
hardcoded list for "block actions", which means that extensions
like GlobalBlocking cannot add actions to it.

Change-Id: I6ac5125782cf0029447948d6d0080103700e397c
2013-02-08 02:17:17 -06:00
daniel f3788c4f0c (bug 42064) AbuseFilter + EditFilterMergedContent
This makes AbuseFilter use EditFilterMergedContent if support for
the ContentHandler infrastructure is present. This means living
without some nice bits of context, because EditFilterMergedContent
doesn't provide an EditPage object.

This requires core change I99a19c93 to work correctly.

Change-Id: Ibb9d4c9a36b8a199213958b920902e8006c71fe8
2013-01-17 11:18:28 +01:00
Hoo man f10b8eaab5 Merge "Add Permission for Global-Rule Editing" 2012-12-28 01:29:39 +00:00
csteipp cc000576d7 Add Permission for Global-Rule Editing
Add a permission 'abusefilter-modify-global' which an administrator must
have to set global rules in the central database.

By default, this right is not associated with any group.

Change-Id: Ied92f7ffd90cb2d8eeb8f3f26b941edbb22b10d6
2012-12-28 02:27:08 +01:00
Kunal Mehta f97df950d7 Add option to have private filters notify UDP/RC (default: disabled)
Change-Id: I7e54f1da9f01634791316e613e79b2b7740f9760
2012-12-16 17:09:30 +01:00
Matthias Mullie 1706ca0832 Bug 40672 - Abuse filter: Increase 5% limit to allow filtering for very short posts
This patchset will make it possible for other extensions to tap into abusefilter with a custom group, and set different tresholds per group.
See https://gerrit.wikimedia.org/r/#/c/29569/

Change-Id: I21d31bdf28e26f3c830652efc08a247db9f7a86c
2012-10-25 20:21:19 +02:00
Siebrand Mazeland 176227e721 Maintenance for AbuseFilter extension.
* Replace deprecated methods.
* Remove no longer needed function fnmatch().
* Remove superfluous newlines.
* Remove unused and redundant local variables and globals.
* Deglobalization.
* Update documentation.
* Fix incorrect return values or add FIXMEs when in doubt.
* Escape output in a few places where needed.
* Remove unneeded MEDIAWIKI constant checks.
* Fix various JSHint/JSLint issues.

Patch Set 11: Merged https://gerrit.wikimedia.org/r/24701 into
this one per Siebrand's request

Change-Id: I02ba4ce31b6aca5b7324114093f8ece143abc295
2012-10-09 22:26:45 +02:00
Siebrand b7ca16003a Merge "(bug 20272) AbuseFilter does not handle autocreation of accounts." 2012-09-23 18:21:26 +00:00
csteipp 1973ea6714 Add Global Rules
* Update rules list view to show global rules toggle, global rules
* Update rule processing to get global rules from memcache, if no
rule exists, get them from the central database and store them in
memcache
* Delete global rule key whenever global rules are updated
* Add filtering for log by wiki on the central database, updated
table definitions to add index on afl_wiki
* Add global $wgAbuseFilterDisallowGlobalLocalBlocks so local wikis
can prevent global rules from locally blocking, removing or revoking
permissions.

* patchset 13: Include recommendations from Tim. Add db updates to
LoadExtensionSchemaUpdates hook.
* patchset 14: forgot to add new files

Change-Id: Id69a9d603f9679f838e8691c651a3e9d8461b422
2012-08-27 03:30:07 +00:00
Andrew Garrett 53aea9c0ce AbuseFilter: Resolve bug 18374, bug 28633.
* Store the revision ID associated with a log entry
 if the action is successful.
* Expose this as a diff link in the UI.
* Implicitly hide log entries if their
 corresponding revisions are also hidden.
* Includes scope for expanding to log entries if desired.

Change-Id: Ie2d43dd1bacf14289fdf0492bb22267590ee649d
2012-07-11 10:16:59 -04:00
Andrew Garrett 18bac6fed9 AbuseFilter: Make it possible to have differing default warning messages for differing filter groups.
Includes JS to sneakily change the default message if the user changes the filter group without having selected the "warn" action yet.

Change-Id: Ic753c3e018321dba3bf9f6d7bcee10a49c9faac8
2012-06-26 21:56:30 +02:00
Liangent 310ed92824 Add new user right: abusefilter-log-private
Now we can allow some users to view log entries of private abuse
filters, without assigning them the right to see how these filters
work. This feature is asked by the community.

Change-Id: Ic93856804da69d2e6cd8342e36584ae16b3a7974
2012-06-18 18:56:48 +08:00
Andrew Garrett dc207d0cbd Abuse Filter: Allow filters to be split into "groups" for the purposes of operating them on different types of input.
The purpose of this change is to allow AFTv5 developers to run a separate list of filters against article feedback actions without issues of cross-contamination and bumping up against the condition limit.

Change-Id: I758795f01eaf3ff56c5720d660cd989ef95764a7
2012-05-12 12:53:32 +10:00
Szymon Świerkosz 36257344f1 (bug 20272) AbuseFilter does not handle autocreation of accounts.
This change depends on I92f57fc2c3189c42157478de14a8d48045a253b5.

This change provides a handler for AbortAutoAccount hook and adds new
action to the filter: autocreateaccount. Every time the AbortAutoAccount
is invoked the filter is executed. This may create some issues with
users which are affected by a filter, because it may be triggered on
every page view. The AbuseFilter relies on CentralAuth session
blacklisting - for each session the filter will be triggered only
once and then the autocreationg of account will not be attempted.

I don't know why AbortNewAccount hook takes as $message argument
a text of message, however AbortAutoAccount takes a name of the
message. This makes impossible to produce a user friendly message
why account creation is not allowed.

Change-Id: Ie3a7ee9210fd884d214ad3132a502a00332c3138
2012-05-10 10:08:48 +02:00
Szymon Świerkosz 93b7990fa3 (bug 18080) Send filter hits and changes to irc.wikimedia.org.
I have introduced a new option $wgAbuseFilterNotifications which
allows to configure the extension to send hit notifications to
Special:RecentChanges or UDP. It uses ManualLogEntry class:
ManualLogEntry->publish( 0, $wgAbuseFilterNotifications )

Log entries are _not_ accessible using Special:Log, that's bug 19494.

Change-Id: Ie4bda2f97aa295c0504ba869ef1a99c7a3d20f70
2012-05-04 16:45:19 +02:00
Roan Kattouw 6c4bd57043 Revert r111217 (unreviewed rev in AbuseFilter) and its dependencies r113585, r113587, r113588, r113589.
All of these revisions are tagged with 'gerritmigration' and will be resubmitted into Gerrit after the Gerrit switchover. See also http://lists.wikimedia.org/pipermail/wikitech-l/2012-March/059124.html
2012-03-21 19:41:11 +00:00
Sam Reed 27fdc84e88 Swap
version_compare($wgVersion, '1.17alpha', '>=') ? 'antispam' : 'other'

for

'antispam'
2012-02-13 14:06:45 +00:00
Andrew Garrett 5e4289ce4e AbuseFilter: Resolve bugs 18374, 28633.
* Store the revision ID associated with a log entry if the action is successful.
* Expose this as a diff link in the UI.
* Implicitly hide log entries if their corresponding revisions are also hidden.
* Includes scope for expanding to log entries if desired.
2012-02-10 23:41:05 +00:00
Mark A. Hershberger 504d830106 Revert r107454 based on concerns raised by Prodego. 2011-12-28 00:48:15 +00:00
Mark A. Hershberger 8e81b37871 Fix Bug 33380 - Details of actions caught by a private filter should be private
Author: Nikola Kovacs

Related patch on r107451
2011-12-28 00:26:13 +00:00