Commit graph

6423 commits

Author SHA1 Message Date
Translation updater bot f7e760712d Localisation updates from https://translatewiki.net.
Change-Id: I39a24349158a4d57f30312a26b403faf4726a998
2021-09-27 08:33:50 +02:00
Matěj Suchánek 632b39f8ca Stop requiring the Skin interface in AbuseFilterChangesList
IContextSource is now enough for ChangesList.

Change-Id: Iebb525227efe841a17c799d460d352017a2cfc4f
2021-09-25 10:28:50 +02:00
Reedy 026f8a44cd Make mysql/patch-remove-afl_filter.sql valid SQL
Follows-Up: Ic6b1c8a22d17a301faf32d2e23778d90c41c39de
Change-Id: I3d480d7b709b06d7ac213a81b4e0273a2ee385e9
2021-09-25 03:41:43 +01:00
Daimona Eaytoy 020f8a09b4 Remove leftovers of AbuseFilterAflFilterMigrationStage
On second thought, no need to keep the migration script now, since it's
unusable anyway.

Also remove an usage in SpecialAbuseLog, likely a rebase artefact.

Change-Id: I938924b3617ef30046d8317e68a101ed2c1883d3
2021-09-25 03:48:37 +02:00
jenkins-bot a332b3ff0f Merge "Remove afl_filter entirely" 2021-09-25 01:39:08 +00:00
Daimona Eaytoy e8471a717c Add method to properly check visibility of AbuseLog entries
This replaces the previous pattern of callers having to use
RevisionLookup if the result was 'implicit'. Also, in some cases where
we were just hiding things if the visibility was !== true, properly
handle the implicit case by using the new method. Make the new method
return string constants rather than bool|string.

The new method also fixes some potential info leaks which happened when
the row was hidden, the user could view suppressed AbuseLog entries, but
the associated revision was also deleted and the user couldn't see it
(this shouldn't be relevant for WMF wikis since AF deletion is
oversight-level).

Also add a bunch of tests for the various cases to ensure we don't
regress again.

Bug: T261532
Change-Id: I929f865acf5d207b739cb3af043f70cb59243ee0
2021-09-25 00:08:33 +00:00
jenkins-bot 72d03778d0 Merge "Refactor ParserStatus" 2021-09-24 09:34:20 +00:00
Translation updater bot 3f6fc1d9dd Localisation updates from https://translatewiki.net.
Change-Id: I751c4d4d6e972bbfad8d2e656fe362fc3bfa7f8d
2021-09-24 08:25:47 +02:00
Translation updater bot c34a3d9931 Localisation updates from https://translatewiki.net.
Change-Id: I383927110c4eec1dbdeece6c0ff1aec7dad8d2bb
2021-09-23 12:27:03 +02:00
Translation updater bot 1a28b6423d Localisation updates from https://translatewiki.net.
Change-Id: I508bd1915e179ebb375440ce14f34a9b4cd72fbc
2021-09-22 08:10:15 +02:00
Translation updater bot 5d6c62434b Localisation updates from https://translatewiki.net.
Change-Id: I4ed41c20eb7fcbf9e05a7c238a63296f21b21f8f
2021-09-21 08:08:33 +02:00
Translation updater bot a4f9d42705 Localisation updates from https://translatewiki.net.
Change-Id: Icba9f24b2c87ce6e6652044112d44e336adb0eed
2021-09-20 08:17:57 +02:00
Umherirrender 2deea7bb01 Avoid non-namespaced aliases for Wikimedia\Rdbms namespace
Change-Id: Iadc147ff96649253a4b83709f8ebe291305e4bf8
2021-09-18 20:06:16 +02:00
Daimona Eaytoy dae374aec2 Remove afl_filter entirely
As per T220791, the old schema and the flag can be removed in 1.38.

Bug: T220791
Change-Id: Ic6b1c8a22d17a301faf32d2e23778d90c41c39de
2021-09-18 11:06:10 +00:00
Daimona Eaytoy b2dc2c4dd8 Refactor ParserStatus
ParserStatus is now more lightweight, and doesn't know about "result"
and "from cache". Instead, it has an isValid() method which is merely a
shorthand for checking whether getException() is null.

Introduce a child class, RuleCheckerStatus, which knows about result and
cache and can be (un)serialized.

This removes the ambiguity of the $result field, and helps the
transition to a new RuleChecker class.

Change-Id: I0dac7ab4febbfdabe72596631db630411d967ab5
2021-09-17 11:25:54 +00:00
jenkins-bot 693062c5f7 Merge "Re-add space in AbuseLog entries" 2021-09-17 08:33:41 +00:00
Translation updater bot f2cd8ab803 Localisation updates from https://translatewiki.net.
Change-Id: Ie2e7e0053c1c58b10035d48b15919577e9967426
2021-09-17 08:44:35 +02:00
Daimona Eaytoy ccd9b8c889 Re-add space in AbuseLog entries
Follows-up: I097d051e3c30e61d74a8e329b6110b219c72ec1a

Bug: T291206
Change-Id: Id5b6a715019b715a2da96dee71d52850b7984b21
2021-09-16 19:16:28 +02:00
jenkins-bot 0ba45db169 Merge "Remove various AtEase and error_reporting" 2021-09-16 15:29:36 +00:00
Timo Tijhof 3f33e08bac Remove various AtEase and error_reporting
Something somewhere is leaving error_reporting in a dirty state
causing AbuseFilter's ConsequencesExecutorTest case to fail for
the core change Ic9fee6cdd88001025.

Per T253461, we're meant to eventually remove this anyway, so might
as well remove it in areas that are known to get it wrong somehow.

Change-Id: I2a665f09a357f2f2cc258d8c4011d49a7ab9c13b
2021-09-16 02:59:37 +00:00
jenkins-bot 2a32919ad8 Merge "Bump EditStashCache version" 2021-09-15 19:36:25 +00:00
Daimona Eaytoy 742cc865ad Bump EditStashCache version
I0a30e044877c6c858af3ff73f819d5ec7c4cc769 added a new param to
ParserStatus.

Bug: T291123
Change-Id: Ie82d01d85a189081b45a1d34a0f5390536163ee4
2021-09-15 21:17:16 +02:00
jenkins-bot 5475cae543 Merge "Rename AbuseFilterVariableGeneratorTest" 2021-09-15 17:10:27 +00:00
Matěj Suchánek 3ffbfb63f2 Rename AbuseFilterVariableGeneratorTest
We don't need the AbuseFilter prefix anymore.

Change-Id: Ia54016000895fd22dec5f397ab2d42d20bfd1816
2021-09-15 18:17:36 +02:00
jenkins-bot ee3d7c39e9 Merge "More cleanup for parser-related classes" 2021-09-15 15:16:13 +00:00
Translation updater bot c42f2b6aae Localisation updates from https://translatewiki.net.
Change-Id: I8cdb41723f2599a2610eb672ae3eb6b1fd240a5b
2021-09-14 08:32:05 +02:00
Translation updater bot 0d2bc7ca17 Localisation updates from https://translatewiki.net.
Change-Id: Icf05d17f79ea9cfaa17fccec25b424c989131b62
2021-09-13 08:28:40 +02:00
Daimona Eaytoy 7c26c4b8d5 More cleanup for parser-related classes
Change-Id: I6a2bbf519e1d5c6fe2778f69624bd80b9ea1ef86
2021-09-10 12:50:20 +00:00
jenkins-bot 9bbec9a81a Merge "Rename ParserFactory -> RuleCheckerFactory" 2021-09-10 11:56:08 +00:00
Translation updater bot a934ecc3b1 Localisation updates from https://translatewiki.net.
Change-Id: I9ba1b2f7a1d80538502d0ccbf22584c3d0c00ff6
2021-09-10 08:14:57 +02:00
jenkins-bot a46ecc689c Merge "Clean up / simplify parser-related classes" 2021-09-09 09:56:02 +00:00
Translation updater bot 4d8242f429 Localisation updates from https://translatewiki.net.
Change-Id: I3981778e72e2ae315f8765cbd294ec9395519269
2021-09-09 08:16:53 +02:00
Daimona Eaytoy a722dfe1a4 Rename ParserFactory -> RuleCheckerFactory
The old parser now has the correct name "Evaluator", so the
ParserFactory name was outdated. Additionally, the plan is to create a
new RuleChecker class, acting as a facade for the different
parsing-related stages (lexer, parser, evaluator, etc.), which is what
most if not all callers should use. The RuleCheckerFactory still returns
a FilterEvaluator for now.
Also, "Parser" is a specific term defining *how* things happen
internally, whereas "RuleChecker" describes *what* callers should expect
from the new class.

Change-Id: I25b47a162d933c1e385175aae715ca38872b1442
2021-09-08 21:59:34 +02:00
Daimona Eaytoy 357ddd498c Clean up / simplify parser-related classes
Remove unnecessary setters, injecting everything in the constructor.
These were leftovers from before the introduction of ParserFactory.
Remove public access to the conds used, include the information inside
the returned ParserStatus instead, and consequently simplify callers.

Change-Id: I0a30e044877c6c858af3ff73f819d5ec7c4cc769
2021-09-08 13:41:52 +02:00
Daimona Eaytoy f8e9ac7e2a Rename AbuseFilterCachingParser -> FilterEvaluator
It's an evaluator, not a parser.

Change-Id: Ib6d33e8423ea72709cf5a33f4397ba33e352ea80
2021-09-08 13:40:47 +02:00
Translation updater bot 79c7f568f5 Localisation updates from https://translatewiki.net.
Change-Id: I56b56c165580f4ddf7960b94fa39c55d9cd043ca
2021-09-08 08:09:47 +02:00
libraryupgrader 2a4860e322 build: Updating mediawiki/mediawiki-phan-config to 0.11.0
Change-Id: I097d051e3c30e61d74a8e329b6110b219c72ec1a
2021-09-07 19:30:42 -07:00
Translation updater bot 8fe4c04aed Localisation updates from https://translatewiki.net.
Change-Id: I776ede58099f8264e0c61a46bf1bd6446709eace
2021-09-07 08:10:08 +02:00
Daimona Eaytoy 6684ea6450 Remove AFPTransitionBase
Also cleanup the mPos hack in the CachingParser.

Change-Id: Ib5693802a3ceb80cb736880ed65e27340abef689
2021-09-06 19:33:48 +00:00
Translation updater bot 9c8af59d2c Localisation updates from https://translatewiki.net.
Change-Id: I0e6ec717baff0495aabe9f9c3a0f5125ae68335a
2021-09-06 08:19:58 +02:00
jenkins-bot 199cf1edf8 Merge "Add a static analyzer for the filter language" 2021-09-03 19:51:58 +00:00
Translation updater bot c93662e240 Localisation updates from https://translatewiki.net.
Change-Id: Ia0a0f86728aa0431624d9d01c92db9ef0434c427
2021-09-02 08:25:21 +02:00
libraryupgrader 04693b060d build: Updating dependencies
composer:
* php-parallel-lint/php-parallel-lint: 1.3.0 → 1.3.1

npm:
* stylelint-config-wikimedia: 0.10.3 → 0.11.1

Change-Id: I2a79b93fbaa0e13cc723dc40ae4d35fbcd83f7a5
2021-09-02 00:07:53 +00:00
Translation updater bot fcfd5fbdf6 Localisation updates from https://translatewiki.net.
Change-Id: I20ea2a972c577c87b471ab68a7e503d658b88c23
2021-09-01 08:15:40 +02:00
Matěj Suchánek 0af21948fc Replace WikiPage::factory in non-test code
Change-Id: I1442ca6603ce5151b98fc88cd84c25af0f34e4f6
2021-09-01 04:55:25 +00:00
Daimona Eaytoy 86257d825c tests: Use DBConnRef, not IDatabase, as retval of getConnectionRef
So that the method can be typehinted in core.

Also add phan-var to fix broken master build due to typehint additions
in core.

Change-Id: I4a072e00ffeeb437753fc3d3c1f15de9929df510
2021-08-31 21:45:10 +02:00
Translation updater bot 4b01397324 Localisation updates from https://translatewiki.net.
Change-Id: I566cec67a166c1891b4b34d233260e414c1f9503
2021-08-31 08:15:08 +02:00
Sorawee Porncharoenwase 320e3d696f Add a static analyzer for the filter language
This commit adds a class AFPSyntaxChecker which can statically analyze
a filter code to detect the following errors:

- unbound variables (which comes in two modes: conservative and liberal,
  default to conservative)
- unused variables (disabled by default for compatibilty)
- assignment on built-in identifiers
- function application's arity mismatch
- function application's invalid function name
- non-string literal in the first argument of set / set_var

The existing parser and evaluator are modified as follows:

- The new (caching) evaluator no longer needs to perform variable
  hoisting at runtime.
  - Note that for array assignment, this changes the semantics.
- The new parser is more lenient, reducing parsing errors.
  The static analyzer will catch these errors instead, allowing us
  to give a much better error message and reduces the complexity of
  the parser.
  * The parser now allows function name to be any identifier.
  * The parser now allows arity mismatch to occur.
  * The parser now allows the first argument of set to be any expression.

Concretely, obvious changes that users will see are:

1. a := [1]; false & (a[] := 2); a[0] === 1

   would evaluate to true, while it used to evaluate to the undefined value
   due to hoisting

2. f(1)

   will now error with 'f is not a valid function' as opposed to
   'Unexpected "T_BRACE"'

3. length

   will now error with 'Illegal use of built-in identifier "length"'
   as opposed to 'Expected a ('

Appendix: conservative and liberal mode

The conservative mode is completely compatible with the current evaluator.
That is,

false & (a := 1); a

will not deem `a` as unbound, though this is actually undesirable because
`a` would then be bound to the troublesome undefined value.

The liberal mode rejects the above pattern by deeming `a` as unbound.
However, it also rejects

true & (a := 1); a

even though (a := 1) is always executed. Since there are several filters
in Wikimedia projects that rely on this behavior, we default the mode
to conservative for now.

Note that even the liberal mode doesn't really respect lexical scope
appeared in some other programming languages (see also T234690).
For instance:

(if true then (a := 1) else (a := 2) end); a

would be accepted by the liberal checker, even though under lexical scope,
`a` would be unbound. However, it is unlikely that lexical scope
will be suitable for the filter language, as most filters in
Wikimedia projects that have user-defined variable do violate lexical scope.

Bug: T260903
Bug: T238709
Bug: T237610
Bug: T234690
Bug: T231536
Change-Id: Ic6d030503e554933f8d220c6f87b680505918ae2
2021-08-31 03:28:24 +02:00
jenkins-bot ee5ff0077f Merge "Move parser exceptions to specific namespace and rename them" 2021-08-31 01:14:44 +00:00
Translation updater bot 32d5fd0218 Localisation updates from https://translatewiki.net.
Change-Id: Ifcff6e49b0690ebd9dca0a897d49f83f20dbb6a1
2021-08-30 08:19:21 +02:00