It is behind a feature flag. Improvements on it can happen in follow
ups. The patch is already quite massive.
Bug: T337431
Bug: T279275
Change-Id: I3df949c4d41ce65bb4afa013da9c691ac05fc760
* Set the same block expiry for temp and anon users
* Don't block autopromote for temp users; they can't be autopromoted
* Bail early from CheckUserHandler if the user is temporary
Bug: T335062
Change-Id: I6b72537f568c4c70a0b86f1825ea30b767f5634a
This patch migrates abuse_filter and abuse_filter_history tables
to new actor schema.
MigrateActorsAF was copy-pasted from core's
maintenance/includes/MigrateActors.php before removal (ba3155214).
Bug: T188180
Change-Id: Ic755526d5f989c4a66b1d37527cda235f61cb437
Looks like it's needed for the UpdateVarDumps script, so add a note
about that. Also add a type check to the script so that it produces a
clearer error message if it finds an entity with unexpected type.
Bug: T331861
Change-Id: I68f8f954ed754c4282e13599ce06118e2336ecbb
Use the very new getPrimaryDatabase and getReplicaDatabase.
We skip FilterLookup and CentralDBManager in this patch.
Change-Id: I22c6f8fa60be90599ee177a4ac4a97e1547f79be
Increase default widths from `65%` to `90%` for the editor, notes,
description, group inputs.
Add `mw-abusefilter-edit-description-input` id to
`abusefilter-edit-description` TextInputWidget.
Bug: T294856
Change-Id: Ia9472298170740a39fd24864003b766078fcdfaf
Hook on to CheckUserInsertPrivateEventRow and CheckUserInsertLogEventRow
to override the IP, XFF and User-Agent string when the user is the
abuse filter user for log events.
These two hooks are being added as log entries are being removed from
cu_changes and added into two new tables. Because the columns and their
names are different for these tables, reusing the same hook won't work
for callers that rely on setting values for a specific column name.
Edits and log entries performed by the abuse filter user need to be
marked as being by the software (and not using the IP, XFF and
User-Agent provided in the main request).
These hooks will not be run until the appropriate config is set to
write to the two new tables. Until that point using the one currently
defined hook will work for all actions.
Bug: T324907
Bug: T44345
Depends-On: I7c7754323ade9a8d96273c1742f30b1b5fbe5828
Follow-Up: Idd77545af94f9f9930d9ff38ab6423a72e680df9
Change-Id: Id78417e9d95220946f110afbe1430df5b3bb4f4f
Add RecentChange as a optional parameter to the code that hooks
on CheckUserInsertChangesRow as this hook will soon provide a
RecentChange object if this row was triggered by a RecentChange.
If this row was not triggered by a RecentChange, then this
parameter will be null. This needs to be added before the parameter
is added to the definition of the hook in the CheckUser extension
as the tests will fail if all usages do not already have the new
parameter.
Bug: T324907
Change-Id: I44e54a3fca5558a1cb8d8f06a3990ded863454bc
We might consider adding an in-process cache because there
will be a duplicate database lookup for content model and
wikitext of the same revision.
Bug: T230295
Change-Id: I9723f21069e03a49fa7131bd8f79c6e7e442104b
The motivation is to have a single immutable object providing
information about the action. It can represent the current
action being filtered, but also a past action stored in the
abuse log. It will hopefully help us get rid of passing
User(Identity) and Title/LinkTarget objects around together.
Change-Id: I52fa3a7ea14c98d33607d4260acfed3d3ba60f65
Each generator knows in which situation it is executed, and it
can pass this information to the computer. VariableHolder should
just hold the variables.
Change-Id: I0fb2e01e3e9457cd63948afe2a20439a1c800790
For fixing bugs like T65632, T105325, or T264104, we will need
to update code in more than one place at once. To prevent
regressions, create an integration test which tests the whole
pipeline, from the request submission to variable evaluation.
Edits are simulated using action=edit API call because the hook
AbuseFilter uses is run from EditPage.
To increase confidence in test coverage, remove some annotations
from AbuseFilterConsequencesTest or make them less greedy.
Ideally, it would only test consequences.
This patch includes refactoring of AbuseFilterCreateAccountTestTrait
which now only inserts the user into the database if it really
should be created.
It also restores test coverage of some other classes.
Change-Id: I661f4e0e2bcac4770e499708fca4e4e153f31fed
Core now supports special pages registering sub menus
natively in skins. The menu is rendered when the skin
supports it, so at current time of writing this will
only work in Vector 2022 and MinervaNeue.
The existing menu that appears under the abuse filter
page title is converted into the new format. For other skins
no difference.
Bug: T315553
Change-Id: Ief51a9c60125c11e3b735fabee2a4544b7955f64
Change the IP to 127.0.0.1 (to indicate an internal IP), and blank
the XFF and UA when the performer of an action being logged by
CheckUser is the abuse filter user. Actions performed by the abuse
filter user can only be initated by the software, and as such should
not use the request's IP, XFF and UA. Also test the newly added
code.
Bug: T44345
Depends-On: I28acaaebd2d0067b700da0930e7b7ba924fa5c1c
Change-Id: Idd77545af94f9f9930d9ff38ab6423a72e680df9
$wgAbuseFilterAnonBlockDuration is documented to be deprecated and
fall back to $wgAbuseFilterBlockDuration. This was just missing here.
This makes code fail in PHP 8.x where null is not allowed any more in
functions that expect a string.
Change-Id: I0edb0f14630aed88635aa564a11d6f42e470c29f
PHP does this automatically, however in PHP8 this causes an
E_DEPRECATED warning.
This fixes a phpunit test
Change-Id: Ie2b2dbf4a1c0ff500ba251ee43a37823432e3047
Follows-up Iaa1b4683c5c856.
* Match $IP pattern verbatim from most other WMF extensions.
* Improve descriptions a bit, and move/merge any meaningful
information from file docblock into class docblock. The file blocks
are visually ignored and identical in each file, and often out of
date or duplicated when given text separately from the class block.
See also similar changes in core:
https://gerrit.wikimedia.org/r/q/message:ingroup+owner:Krinkle
* Use `@internal` instead of `@private` as per Stable interface
policy.
Change-Id: I8bed9a625af003446c7e25f6b794931164767b5a
A protocol-relative URL has two entries for el_to in externallinks table,
the different is on the el_index colum
Bug: T314373
Change-Id: I3d6229aaa10a089baf15d5ba3407f6a8870429e3
In theory, it's possible that some consequences could use "0"
as one of their parameters. At least change tags, see T296642.
But PHP treats "0" as false.
Also make the code on all places consistent.
Change-Id: I5255dfb26878ceb4f78c4d8277521edbb4821d7d
We mask the IP address on purpose, so that it is not
leaked to the abuse log. This breaks CheckUser because
it attempts to assign an actor id to the "fake"
(uncreated) user account. So unmask the IP address
when we send the data to CheckUser.
Bug: T233004
Change-Id: Ib58193927bc8254d36a8de0fd1b5f9fba68a0cb0