Commit graph

72 commits

Author SHA1 Message Date
Bartosz Dziewoński a5e0851dc0 BlockedDomainFilter: Always return Status from filter()
From Status class documentation:
> The recommended pattern for Status objects is to return a Status object
> unconditionally, i.e. both on success and on failure -- so that the
> developer of the calling code is reminded that the function can fail, and
> so that a lack of error-handling will be explicit.

Change-Id: Ie6a55e297a35374fbdef880dd40e65f5cd00b6bf
2024-04-13 01:05:01 +02:00
Derick Alangi 82d876ada8 Handlers: Drop AutoPromoteGroupsHandler::factory()
This patch solves a pending TODO which is to remove the ::factory()
method from the AutoPromoteGroupsHandler class. If the cache instance
is injected, we'll use it otherwise we'll default to a HashBagOStuff.

Bug: T358346
Change-Id: I2bc414da8733431d1d11025e954282fc7c73aa80
2024-03-06 21:38:12 +00:00
MusikAnimal 2c9801766d Remove $wgAbuseFilterBlockedExternalDomainsNotification and related code
This feature never worked very well, and the original wish
https://w.wiki/7ZsE didn't ask for a 2010 editor solution, anyway.
Rather than have AbuseFilterBlockedExternalDomainsNotification linger in
an unstable state, we remove the code entirely.

Bug: T347435
Follow-Up: I7eae55f12da9ee58be5786bfc153e549b09598e7
Change-Id: I88e87c4e0a2968b892394461b1227f4d15938e8e
2024-02-20 23:01:02 +00:00
Dreamy Jazz a5b68cf46d Don't attempt to steal or create the FilterUser in CheckUserHandler
Why:
* When CheckUser asks the AbuseFilter extension for modifications
  to rows inserted into the CheckUser tables, the AbuseFilter
  extension attempts to get the Filter user via User::newSystemUser
* User::newSystemUser can deadlock if multiple requests to create
  the system user are being made at once.
* The CheckUserHander does not need to create the abuse filter system
  and instead only needs to know if a given $user is the equal to
  the FilterUser.
* As such the FilterUser service needs to provide a way to check if
  a given $user is equal without creating the FilterUser.

What:
* Add FilterUser::isUserSameAs which returns a boolean value
  indicating whether the Abuse Filter system user is the equal
  to a given UserIdentity in the same way that UserIdentity::equals
  is implemented.
* Refactor ::getUser to get the username for the filter user in
  a separate method, so that the ::isUserSameAs method can also
  use this method. Name this new method ::getFilterUserName.
* Add a test for the FilterUser service to ensure consistent test
  coverage
* Convert the @covers and @coversDefaultClass annotations to be
  a @covers for the class. This is because PHPUnit recommends this in
  https://docs.phpunit.de/en/9.6/annotations.html#appendixes-annotations-covers-tables-annotations

Bug: T356275
Bug: T346967
Change-Id: I8a101781bb47612deabb0f2a06a398ac13e860e6
2024-01-31 19:32:52 +00:00
Reedy 4ea577a777 Remove old maintenance scripts
Bug: T353923
Change-Id: I3e599dee3775ca3048205b915d6c341ed2e37b74
2024-01-18 05:50:19 +00:00
Amir Sarabadani d628a99442 Blocked domains: Add support for "added by" field
This field gets added automatically when using the special page form but
is only shown to admins and other people who have access. It's not private
information (users can find it in history) but this is to avoid making
these admins an easy target for harassment (Talking to PM of moderation
team he agreed this is a good compromise).

Bug: T341626
Change-Id: I8410f39db54b96981b05de8e064fed65df30ef2f
2023-12-27 04:37:42 +01:00
Reedy c0a374eab8 Drop some ancient schema changes
MW <= 1.34

Bug: T353923
Change-Id: Id5fd76857019c4882e31b185c8ba48ef5c1025a8
2023-12-22 02:07:48 +00:00
Reedy f7339cdc82 SchemaChangesHandler: Document when some changes were added
Bug: T353921
Change-Id: Ibe7c0780a3d1eebe35d6a6bce451a48fd57b545f
2023-12-22 02:07:13 +00:00
Umherirrender bd84a6514c Use namespaced classes
This requires 1.42 for some new names

Changes to the use statements done automatically via script
Addition of missing use statements and changes to docs done manually

Change-Id: Ic1e2c9a0c891382744e4792bba1effece48e53f3
2023-12-10 23:03:12 +01:00
MusikAnimal 7db0e05aeb Show notification when editor links to a blocked domain
This leverages the new BlockedExternalDomains system that is now part of
AbuseFilter. It notifies editors in realtime if a link they add is
blocked. See https://w.wiki/7ZsF for more information.

BlockedExternalDomains is slated to have its own API tantamount to the
action=spamblacklist endpoint, after which case this code will need to be
updated. In the meantime, it's meant to serve as a minimal viable product
for the CWS 2023 wish <https://w.wiki/7ZsE> for wikitext users.

The new $wgAbuseFilterBlockedExternalDomainsNotification configuration
setting controls the availability of this feature.

A similar feature for VisaulEditor is tracked at T276857

Bug: T347435
Change-Id: I7eae55f12da9ee58be5786bfc153e549b09598e7
2023-10-31 15:32:02 +00:00
jenkins-bot e23b4bf8ef Merge "Use namespaced Title" 2023-08-19 18:33:50 +00:00
Umherirrender cd7e9d31a7 Use namespaced Title
Bug: T321681
Change-Id: I66fd9b70a5de06ac3c81bdf6a2a5bca64ed094c2
2023-08-19 19:49:36 +02:00
Daimona Eaytoy 85f8f90531 Clean up AbuseFilterConsequencesTest a bit
Most notably, make it not use additional DB tables to test global
filters. Instead, just pretend that the local database is not local (via
config) and "hide" local filters with a simple test-only flag in
FilterLookup.

Change-Id: Ib431dbf6c9d84978ee84e7f0671cfcbf8a54d7a2
2023-08-19 15:31:41 +00:00
Umherirrender 8e6d820154 Use HookHandlers for UserMerge hook
Bug: T254306
Depends-On: Ib78dae49854863af1a37a00636737c94694776ae
Change-Id: If2bc517fb612199f4d744efbfa261ee5c556b6a5
2023-08-16 09:44:30 +02:00
Umherirrender a328477b8d Use HookHandlers for Echo hook
Bug: T254306
Depends-On: Iffa2b409502b4269c9746e0304feb4aaee37a86e
Change-Id: I0e27c535367b37b7038a54955e43ff96d9c81d32
2023-08-16 00:18:02 +02:00
Amir Sarabadani 049e602b07 BlockedDomains: Move filtering logic to a dedicated class
I'm planning to add support for bypass and regex-based blocking which
means it'll grow a bit. So let's give it a dedicated class.

Bug: T337431
Change-Id: I5a6fe2fd2f1efdebd8cada0ba6c481341f830e27
2023-08-06 16:27:23 +02:00
AnaïsGueyte 2efd6d9ac9 Replace userNameUtils with UserIdentityUtils
Where UserIdentity is available and where it's necessary to check ::isNamed

Bug: T342741
Change-Id: I5b52686f1c072282e76874f3863962345ca8097e
2023-07-27 10:29:31 -03:00
Timo Tijhof 203d54be11 BlockedExternalDomains: Optimize host extraction by using parse_url
Unlike what the 20-year old source comments in UrlUtils.php would
have you believe, parse_url() works fine nowadays, including for
protocol-relative URLs and indeed lots of prod code uses it directly.

The class still has some convenience value for case where you need to
expand or manipulate URLs, but for the common case of extracting a part
of it, you really don't need it.

Test plan:
$ php phpunit.php ../../extensions/AbuseFilter/tests/phpunit/integration/FilteredActionsHandlerTest.php

Bug: T337431
Change-Id: I1e76d2f5aef65365743214530faba656325b965a
2023-06-19 13:36:27 +00:00
Amir Sarabadani 8b67de5bc1 blocked domains: Make sure users can't bypass the list by using uppercase
Added tests too

Bug: T337431
Change-Id: Ie3406d0b3c7d82ba44c11865e493375453555664
2023-06-16 01:22:48 +02:00
Amir Sarabadani da53cfe9dd BlockedDomains: Add logging in case of hit
This is basically copy paste of SpamBlacklist logging with the added
extra bit of what triggered the hit.

Bug: T337431
Change-Id: Ieb9e3ca615af88ab56735b56e24c80c42a68d478
2023-06-14 22:23:50 +02:00
Amir Sarabadani 60cbc3b464 BlockedDomains: Use cleaner array building and add tests
Regarding array building: Instead of adding to array with
$array[] = 'foo' and then doing array_flip(), simply do
$array['foo'] = true;

Regarding tests: I originally wanted to create a unit test but I ended
up mocking so many things that it wasn't worth it and the config variable
is globaly which first we need to clean up after deployment is done.

Bug: T337431
Change-Id: Iac8dca7078668ee3441d19b6aafe499c1aa0d732
2023-06-12 17:46:55 +00:00
Amir Sarabadani 0acfe05251 Add abusefilter-bypass-blocked-external-domains right
This is similar to sboverride right in SpamBlacklist. Defaults are also
the same

Bug: T337431
Change-Id: Iaff91c1f9f7aece0787348dd071701ef99e0291d
2023-06-08 22:06:19 +02:00
Amir Sarabadani 7658885d75 BlockedDomains: Make lookup for domains added in blocked domains faster
We will have a pretty large list of blocked domains that we need to
swift through in each edit for any added domain. In order to cacth
subdomains being added, we have to do all sorts of complicated
operations and string search in large set of strings which is quite
slow. To fix that, let's simply pretend a user who has added
foo.bar.com, also added bar.com and com and do exact match in array of
strings making it much faster.

h/t Krinkle for the idea

Bug: T337431
Change-Id: I96795ed7d1a25f051db0b591dde21b032b138ded
2023-06-08 21:50:43 +02:00
Daimona Eaytoy caee78c24d Replace deprecated MWException
These are all unchecked.

Bug: T328220
Change-Id: I8d2f098a8b634d4a226b40ddaef31f0303a0789f
2023-06-07 17:41:20 +02:00
Amir Sarabadani 462096f523 Allow interface-admins to edit blocked domains json directly
For now, we will revisit this in the future. Specially if the
communities think otherwise.

Bug: T337431
Change-Id: I2847264eba9a3cc4fc47a22eacb523199015f9e7
2023-06-06 23:36:12 +02:00
Siddharth VP 8a22007034 BlockedExternalDomains: validate JSON structure before save
This makes raw page editing safer, and potentially enables opening up
access to less restricted user groups.

Bug: T337431
Change-Id: I14f21003a551f34b6e524e9b229613e79b0e5a70
2023-06-06 23:31:28 +02:00
James D. Forrester fb50c1f019 BlockedExternalDomains: Make this a special right, prohibit direct editing
Bug: T337431
Bug: T279275
Change-Id: I96d1e2c8d8728c26e38515032ef773770e26dda4
2023-06-01 09:20:44 -04:00
Amir Sarabadani adae5b95b5 Minor improvements to blocked domain filtering
See I3df949c4d41ce

Follows-Up: I3df949c4d41ce65bb4afa013da9c691ac05fc760
Change-Id: I81974a8d935838e00b4155454f2fb619f8a6bad9
2023-05-31 21:59:45 +02:00
Amir Sarabadani 53eb27f086 Introduce Special:BlockedExternalDomains
It is behind a feature flag. Improvements on it can happen in follow
ups. The patch is already quite massive.

Bug: T337431
Bug: T279275
Change-Id: I3df949c4d41ce65bb4afa013da9c691ac05fc760
2023-05-30 20:48:42 +02:00
AnaïsGueyte d42b7335d5 Update user type checks to handle temporary users
* Set the same block expiry for temp and anon users
* Don't block autopromote for temp users; they can't be autopromoted
* Bail early from CheckUserHandler if the user is temporary

Bug: T335062
Change-Id: I6b72537f568c4c70a0b86f1825ea30b767f5634a
2023-05-25 17:26:58 -02:30
Umherirrender 6fabca14c8 Use renamed CheckUserInsert*Hook interfaces
Follow-Up: I8d632f2808fde57c977c0ed22531db7b3741beef
Change-Id: I88bee654f80d9c40996ebef75136f310520a496f
2023-04-22 20:06:24 +02:00
jenkins-bot 290dd70bb2 Merge "Replace deprecated database object access methods" 2023-03-27 09:11:46 +00:00
Matěj Suchánek bb78cb0a56 Use actor table in AbuseFilter
This patch migrates abuse_filter and abuse_filter_history tables
to new actor schema.

MigrateActorsAF was copy-pasted from core's
maintenance/includes/MigrateActors.php before removal (ba3155214).

Bug: T188180
Change-Id: Ic755526d5f989c4a66b1d37527cda235f61cb437
2023-03-22 14:01:29 +01:00
Matěj Suchánek 8f6a428f02 Replace deprecated database object access methods
Use the very new getPrimaryDatabase and getReplicaDatabase.
We skip FilterLookup and CentralDBManager in this patch.

Change-Id: I22c6f8fa60be90599ee177a4ac4a97e1547f79be
2023-03-08 16:50:56 +01:00
Taavi Väänänen 7789ce1090
UserRenameHandler: Use core RenameUser classes
Bug: T27482
Change-Id: Ia36cd6d0ae8562101f8bcb0ddbf647097b6a8429
2023-03-08 12:53:43 +02:00
Dreamy Jazz 8e4a1237f1 Hook on privateEvent and logEvent insert hooks like CuChangesInsert
Hook on to CheckUserInsertPrivateEventRow and CheckUserInsertLogEventRow
to override the IP, XFF and User-Agent string when the user is the
abuse filter user for log events.

These two hooks are being added as log entries are being removed from
cu_changes and added into two new tables. Because the columns and their
names are different for these tables, reusing the same hook won't work
for callers that rely on setting values for a specific column name.

Edits and log entries performed by the abuse filter user need to be
marked as being by the software (and not using the IP, XFF and
User-Agent provided in the main request).

These hooks will not be run until the appropriate config is set to
write to the two new tables. Until that point using the one currently
defined hook will work for all actions.

Bug: T324907
Bug: T44345
Depends-On: I7c7754323ade9a8d96273c1742f30b1b5fbe5828
Follow-Up: Idd77545af94f9f9930d9ff38ab6423a72e680df9
Change-Id: Id78417e9d95220946f110afbe1430df5b3bb4f4f
2023-01-08 13:09:52 +00:00
Dreamy Jazz d3d0910bee Add RecentChange as a optional parameter for CheckUser hook
Add RecentChange as a optional parameter to the code that hooks
on CheckUserInsertChangesRow as this hook will soon provide a
RecentChange object if this row was triggered by a RecentChange.
If this row was not triggered by a RecentChange, then this
parameter will be null. This needs to be added before the parameter
is added to the definition of the hook in the CheckUser extension
as the tests will fail if all usages do not already have the new
parameter.

Bug: T324907
Change-Id: I44e54a3fca5558a1cb8d8f06a3990ded863454bc
2023-01-08 13:09:23 +00:00
dreamyjazz 627a73ec5e Ensure IP, XFF and UA are valid for abuse filter user actions in CheckUser
Change the IP to 127.0.0.1 (to indicate an internal IP), and blank
the XFF and UA when the performer of an action being logged by
CheckUser is the abuse filter user. Actions performed by the abuse
filter user can only be initated by the software, and as such should
not use the request's IP, XFF and UA. Also test the newly added
code.

Bug: T44345
Depends-On: I28acaaebd2d0067b700da0930e7b7ba924fa5c1c
Change-Id: Idd77545af94f9f9930d9ff38ab6423a72e680df9
2022-11-11 23:19:22 +00:00
Umherirrender 4fca77068c Clean up line indent with mixed tabs and whitespaces
Change-Id: Icc418130ad34e5f169bfc51bb13b58a7806bd636
2022-07-31 16:34:07 +02:00
jenkins-bot f13f3dcd2c Merge "Call IContextSource::getAuthority instead of IContextSource::getUser" 2022-07-29 10:25:23 +00:00
Umherirrender 11386c312d postgres: Fix changeNullableField calls
Follow-Up: I97cb12e6aa25d75ea24e187174db2fe88e5ce790
Change-Id: I61b8e102fd5041685941d89995f54a23ff5509c8
2022-07-13 22:13:48 +02:00
Umherirrender dc4dd928b7 Call IContextSource::getAuthority instead of IContextSource::getUser
Change to use Authority object where possible
to use the interface instead of implementation

Change-Id: I90ef126b3d799c3fc27467a4ffe671785c446d3e
2022-07-03 16:37:18 +02:00
Umherirrender e18136f269 Convert to abstract schema
Rename index on postgres and fix nullable fields

Bug: T259377
Change-Id: I97cb12e6aa25d75ea24e187174db2fe88e5ce790
2022-06-20 17:19:57 +00:00
TerraCodes 2c0e61a030 Add class to AF log contribs link
Continuation of MW core change 603941

Change-Id: I16ade657179fdce40b8acb7f8be8cde8b9a64949
2022-06-02 09:34:38 +00:00
Daimona Eaytoy 59eb3b70fb Inject dependencies into the authentication provider
- Define it with the extension.json key, instead of using the
  registration callback
- Inject the services it needs
- Replace direct User instantiation with UserFactory
- Move log subtypes to extension.json as well

Change-Id: I86a761c7fa844b1f417b974798373622a15f6411
2022-04-09 18:44:25 +02:00
Alexander Vorwerk 9bc01b4986 Use namespaced Renameuser classes
Change-Id: Ibac446d50a34a26182b801fa15c8a8ddffd2eea0
2022-03-06 17:10:41 +00:00
Daimona Eaytoy 5e95676e99 Rename filter_timestamp index in a different file
Otherwise there might be interferences with the remove-afl_filter patch.

Bug: T291725
Change-Id: If339663d491e1da4a118c13cd667d228365b4864
2021-10-20 15:22:04 +02:00
Daimona Eaytoy f2e2f5ae48 Move renaming of the afl_wiki_timestamp index to its own file
Note that this doesn't have to be applied in WMF prod, since the indexes
are already correct there.

Bug: T291725
Change-Id: I7fcee0581f469e0d7ada43d1f30f31061c5bf5c0
2021-10-16 16:55:52 +00:00
Daimona Eaytoy 020f8a09b4 Remove leftovers of AbuseFilterAflFilterMigrationStage
On second thought, no need to keep the migration script now, since it's
unusable anyway.

Also remove an usage in SpecialAbuseLog, likely a rebase artefact.

Change-Id: I938924b3617ef30046d8317e68a101ed2c1883d3
2021-09-25 03:48:37 +02:00
Daimona Eaytoy dae374aec2 Remove afl_filter entirely
As per T220791, the old schema and the flag can be removed in 1.38.

Bug: T220791
Change-Id: Ic6b1c8a22d17a301faf32d2e23778d90c41c39de
2021-09-18 11:06:10 +00:00