Commit graph

1630 commits

Author SHA1 Message Date
Daimona Eaytoy a9722868ab Improve coverage of parser-related classes
Change-Id: I229c528505f0208b34f37d8c969450731e5a08a3
2021-01-15 03:16:48 +00:00
jenkins-bot 504e807b5f Merge "Misc coverage improvements" 2021-01-15 02:15:42 +00:00
jenkins-bot 7d6d0f9b8a Merge "Improve coverage around consequences" 2021-01-15 02:12:18 +00:00
Daimona Eaytoy 159046fc5a Misc coverage improvements
Change-Id: I656d9c9eedf4e8b8dfb7a13513d699e5ced22423
2021-01-15 00:51:16 +00:00
Daimona Eaytoy ab2ad164ff Improve coverage around consequences
Add a lot more unit tests, improve code testability, remove duplicated
integration tests.

Change-Id: Id8c9266ae107217047f267296070f26f575889d1
2021-01-15 00:51:04 +00:00
Daimona Eaytoy 66928eda89 Remove deprecated param
Depends-On: Ie6abd2df5cf1b09c35f0a9e53b0d559e887de09b
Depends-On: Id99b94806095a974a65dd892b2200e59c475802f
Change-Id: I9a33cadb9903461038aa1095be18b68a60dd726d
2021-01-14 23:43:51 +01:00
Daimona Eaytoy 10c7a11077 Improve coverage for hooks
- Exclude a couple of classes from coverage reports
- Add tests for all handlers
- Add tests for the runner, copied from core
- Make AbuseFilterRunner a real service

Change-Id: I7a0fe3cd8300faef5ef72d7f986b1734c324d8d1
2021-01-14 22:49:24 +01:00
jenkins-bot 192fb15e4d Merge "Refactor VariableGenerator and LazyVariableComputer tests" 2021-01-14 21:47:13 +00:00
Daimona Eaytoy 8646db7573 Add unit tests for load-first-author method
This is using core methods, so it can be unit tested. The same isn't
true for load-recent-authors, which performs a custom DB query and whose
test is probably the slowest AbuseFilter test. Simplify it for now,
until the method is moved to MW core.

Change-Id: Ifbdae1a06aabca996eeac151a6d029fd991ad64d
2021-01-14 17:23:54 +01:00
Daimona Eaytoy bfbdd13c2e Restore hide link when viewing single AbuseLog entries
Partial revert of I13f476d8126f81b0417e7509784c83d4f21cf348

Bug: T271667
Change-Id: I58f162c7ed72c42b24b214d3857590bfd66e8f82
2021-01-12 11:56:19 +01:00
jenkins-bot 57fbeddbd0 Merge "Add pure unit tests for FilterRunner" 2021-01-09 13:56:24 +00:00
Daimona Eaytoy 9afc968523 Refactor VariableGenerator and LazyVariableComputer tests
Additionally, avoid building Title objects in LazyVariableComputer, it
just adds a dependency on TitleFactory and creating mocks is more
complicated, but it's pointless because the caller already has a Title
object.

And also stop using Title::getEarliestRevTime(), since the replacement
is easy (we already have a RevisionLookup).

Note for reviewers about renames:
- Code VariableGeneratorDBTest was moved to LazyVariableComputerDBTest,
  RCVariableGeneratorTest, and AbuseFilterVariableGeneratorTest
- AbuseFilterVariableGenerator test was moved into a dedicated
  directory, methods were changed not to test the var values

Change-Id: I3dff8739a9b79f33321d836449b082c3ce63f277
2021-01-09 11:26:24 +00:00
jenkins-bot 208d64dc07 Merge "Don't show checkbox for hiding AbuseLog entries when showing details" 2021-01-08 09:30:46 +00:00
Daimona Eaytoy 5eee6f6e5d Don't show checkbox for hiding AbuseLog entries when showing details
The checkbox should only appear on Special:AbuseLog, not when deleting
items (checked with $this->hideEntries), AND not when viewing details of
a single entry, which is check with $isListItem.

Change-Id: Id2db07641bf98992b4838e4e7439ac3ee4b1ad8e
2021-01-07 16:25:59 +00:00
Daimona Eaytoy b8efb924f3 Fix a bunch of fatal errors seen in production
Mostly uncaught exceptions, that appeared in places where the previous
code was silently using DWIM-style booleans.
Also a TypeError due to ViewDiff not using filter objects.

Copy the fix from Ic8032592799756521a59ee23c0e76cb03a510b94 to another
place as well.

Bug: T271430
Bug: T271431
Bug: T271432
Bug: T271433
Change-Id: Ica4b82024c57482656cf6bca95bf37641c09cb9a
2021-01-07 17:17:43 +01:00
Daimona Eaytoy 72a23b4e5c Add pure unit tests for FilterRunner
Mainly constructor and conditions limit, which can be removed from
ConsequencesTest (where it was very slow).

Additionally, inject globals into FilterRunner.

Change-Id: I56ca67de6878dbc2185038faae3eb2b04fb56be9
2021-01-07 12:15:11 +00:00
Daimona Eaytoy 4c0690b4b1 Move getFirstFilterChange to FilterLookup
Additionally:
- Add typehints for stronger typing, and use strict comparison in the
  callers
- Use MIN instead of sorting, as the former is optimized by the DBMS;
  sorting was also happening on the wrong key, i.e. afh_timestamp, as
  opposed to afh_id

Change-Id: I631772fdfeb510b0bc8b582b84bcf2533d7bc097
2021-01-04 14:52:42 -08:00
jenkins-bot 6a153096ad Merge "Make HookRunner parameter mandatory in VariableGenerator" 2021-01-04 21:08:51 +00:00
jenkins-bot 93ec5951e2 Merge "Move remaining classes to own namespace" 2021-01-04 21:08:01 +00:00
jenkins-bot d0a7e7ec91 Merge "Move maintenance scripts to a separate namespace" 2021-01-04 21:07:56 +00:00
jenkins-bot 33a095efc6 Merge "Check for non-existing version in ViewDiff" 2021-01-04 21:01:25 +00:00
Daimona Eaytoy a5eab82204 Add a bunch of tests
Code change: in buildVarDumpTable remove special-cased null value. This
was used to avoid passing null to Html::element, but is no longer
necessary, since we now pretty-print the value.

Change-Id: I6180f6c53448d2a8c8c6066f222e9fd9df577554
2021-01-04 15:54:54 +01:00
Daimona Eaytoy b83d532830 Check for non-existing version in ViewDiff
Bug: T271069
Change-Id: I775061098bb5674b7842bce03e9da7a6e5555664
2021-01-04 14:17:25 +01:00
Daimona Eaytoy 4cc608e320 Make HookRunner parameter mandatory in VariableGenerator
Depends-On: Icae3c7cd00bd9be62a46f9e85c311e46157ccabf
Depends-On: Ie5031528593ea28f3cdc3169336aa0e4337306f7
Depends-On: I7ff2f90d890a74fa14f40535c4a567fb3124920e
Change-Id: I4d629e26e31517aa06e6215499cc3422f0fe6c72
2021-01-04 12:47:26 +01:00
Daimona Eaytoy 45f0a66616 Move remaining classes to own namespace
So everything can be loaded using PSR-4. These classes weren't renamed,
nor the alias for the AbuseFilter class was deprecated, because they
should be refactored first.

Change-Id: Ia328db58eb326968edf5591daac9bacf8c2f75da
2021-01-04 12:11:58 +01:00
Daimona Eaytoy d2fa65673c Move maintenance scripts to a separate namespace
Depends-On: Iaf3c218abd5578d604a89634c38d9156bb19a0d2
Change-Id: Ifcc2bff9e400fde564179fe6b96496ceae6b8623
2021-01-04 12:09:00 +01:00
jenkins-bot f7fb9ec57e Merge "Remove deprecated VariableHolder::getVar" 2021-01-03 23:10:14 +00:00
jenkins-bot 21890a7bea Merge "Introduce a VariableGeneratorFactory service" 2021-01-03 22:59:47 +00:00
jenkins-bot 1c67a5b223 Merge "Make VariableHolder param optional in VariableGenerator" 2021-01-03 22:17:12 +00:00
Daimona Eaytoy 496e5baaa5 Remove deprecated VariableHolder::getVar
Bug: T261069
Depends-On: I3468fa5339873efbbef1eaa22f4f654b4e9e166d
Change-Id: I46d69b0c43a45549ceddd837f2b37c76fec2e469
2021-01-03 19:14:13 +00:00
Daimona Eaytoy 6081bf90c4 Introduce a VariableGeneratorFactory service
So we can use DI in all generators. Some improvements were deliberately
omitted, e.g. injecting more services and relaxing User/Title to
UserIdentity/LinkTarget, and they'll be included in a subsequent commit.

Depends-On: I1f351071ef2b0b7c80e91407a9c3bb17be293044
Depends-On: Ie71740fac35a86f8fe03023080ae8ca08671243d
Depends-On: I589a0e1c2c5891070ab82cd5adfd9cedec19e67d
Change-Id: I92ef0abd5e45b672e6f297a71b3c2c345d56f136
2021-01-03 14:17:39 +01:00
jenkins-bot b0e8a76b2e Merge "DI for AbuseFilterSpecialPage" 2021-01-03 12:40:04 +00:00
Daimona Eaytoy 1beb405bc7 Make VariableHolder param optional in VariableGenerator
So we can remove it from callers and then use DI in this class.

Change-Id: I9055f54397279870740a7ff9567635ee4f17e4d2
2021-01-03 13:25:59 +01:00
Daimona Eaytoy 6e27a9ddb3 Cleanup variables-related classes
Change-Id: I20a7fe1a40255043ed0d125dee61ea6052dda69c
2021-01-02 18:19:38 +01:00
Daimona Eaytoy 762d71c51d Create a dedicated namespace for variables-related classes
Some cleanup is left for later to keep the diff easier to read.

Change-Id: Ife445b5e47e707ab77ec867ac3b005866aa74ef2
2021-01-02 18:16:48 +01:00
Daimona Eaytoy d3b330b6d4 Create a VariablesManager service
This makes VariableHolder a true value object, and introduces a
stateless service, VariableManager, to operate on it.

Note, in theory, this new service is still cyclically coupled with
LazyVariableComputed. However, it's now two stateless service being
coupled, not two smart/god value objects, so we've still earned
something. For now, the dependency is hidden by using a callback. Some
alternatives for that are mentioned in a code comment.

Bug: T261069
Change-Id: I2f2c84c8e91472ba36084a8bbb4a923f6e04354b
2021-01-02 17:15:31 +00:00
Daimona Eaytoy 3d33891ab1 Inherit hooks documentations in AbuseFilterHookRunner
Documentation is already in hooks.txt and in every hook interface, let's
not have to maintain it in a third place.

Change-Id: I8cc5e52b6bc164d9512d22283700966d4c51b943
2021-01-02 15:03:15 +01:00
jenkins-bot aaf8722a96 Merge "Harmonize HookAborterConsequence::getMessage implementations" 2021-01-02 13:42:13 +00:00
Matěj Suchánek 85a3e230e6 Harmonize HookAborterConsequence::getMessage implementations
I think either all or none should consider global filters.
Are there any backwards compatibility concerns?

Change-Id: I22b664e9752588edc195dc4e4f5369392f91ad23
2021-01-02 13:07:57 +01:00
Matěj Suchánek de5b7ee8ea DI for AbuseFilterSpecialPage
Change-Id: I5c702990398e0adb5fa73be54638cb8b6b268beb
2021-01-02 11:13:41 +01:00
Matěj Suchánek f5b18a36bf Move special page classes to own namespace
Change-Id: Ic2d13518924e77b1be96d1a7489abcd07e6d1dab
2021-01-02 10:54:13 +01:00
jenkins-bot d2884049be Merge "Add a TextExtractor service" 2021-01-01 19:36:42 +00:00
jenkins-bot b43fc2387c Merge "Inject the condition limit into AbuseFilterParser" 2021-01-01 19:20:57 +00:00
jenkins-bot 80e6e582e4 Merge "Make tests pass on SQLite" 2021-01-01 18:08:58 +00:00
Daimona Eaytoy aafd3bcfcd Inject the condition limit into AbuseFilterParser
Change-Id: I487ba25ca3f3ac4b84c3afaf88b35678944cdb4d
2021-01-01 18:27:06 +01:00
Daimona Eaytoy fad9a11f7a Add a TextExtractor service
This is an important step towards removing the AbuseFilter class. Note:
proposals for the name of the new service are welcome.

Change-Id: Ib4632173f728b1bdafadef96e01645a833bfceaa
2021-01-01 18:25:32 +01:00
Daimona Eaytoy b85f464530 Introduce a VariablesFormatter service
Moves more methods away from the AbuseFilter class. Testing
buildVarDumpTable is not easy because we'd have to parse the generated HTML.

Change-Id: I073a537201de150ba9dd7bf15a99f3a009dc6ba1
2021-01-01 15:45:52 +01:00
jenkins-bot 544911a78d Merge "Add a LazyVariableComputer service" 2021-01-01 00:18:32 +00:00
Daimona Eaytoy a6176399b1 Make tests pass on SQLite
Skip a test that fails with
  Wikimedia\Rdbms\DBQueryError: Error 5: database is locked
  Function: Wikimedia\Rdbms\Database::beginIfImplied (MediaWiki\Extension\AbuseFilter\FilterLookup::getAllActiveFiltersInGroupFromDB)
  
Probably due to some concurrency issue caused by the duplicate connection, and also with

  Wikimedia\Rdbms\DBQueryError: Error 1: no such table: unittest_external_abuse_filter
  Function: MediaWiki\Extension\AbuseFilter\FilterLookup::getAllActiveFiltersInGroupFromDB
  
for unknown reasons.

Move the mwGlobals override inside the test to avoid the same "database is locked" error
on every other test in that class.

Bug: T251967
Change-Id: I552a8d1fa532941f630fd734e590993e7462aeb0
2020-12-31 20:11:10 +00:00
Matěj Suchánek 2793e7f1cf Reversible consequences
Introduce ReversibleConsequence interface for Consequence classes
whose potentially destructive actions can be reverted using
Special:AbuseFilter/revert. This allows moving reverting logic from
AbuseFilterViewRevert to individual Consequence classes and testing.

Unfortunately, the code is definitely not very clean now.

Change-Id: I558da711f1645ccf64792c6102cf743827171320
2020-12-31 14:43:32 +01:00
Daimona Eaytoy c7f06750d6 Add a LazyVariableComputer service
See task for a description of the plan. Also note that
AFComputedVariable should be renamed and its properties made private.

This commit includes some adjustments for taint-check in
AbuseFilter::buildVarDumpTable and ::revisionToString.

There's some space for improvement in the new LazyVariableComputer, but
that's left for another commit.

Bug: T261069
Change-Id: Ia44f6e079d39f44cf0122dec5ddb5513ab54f0c6
2020-12-31 14:05:52 +01:00
Umherirrender 18094772c7 Replace compact() with real array
Easier to read

Change-Id: I5eb35b27399d7a4524fcfdf864d38e70a0f3a4ae
2020-12-29 23:00:44 +01:00
jenkins-bot 534ad9cfe6 Merge "Add a service to format filter specs" 2020-12-20 10:21:39 +00:00
jenkins-bot 16ef710ee3 Merge "Test some Consequence classes and clean up" 2020-12-20 09:25:39 +00:00
jenkins-bot 7be26dcb27 Merge "Improve code coverage" 2020-12-20 09:13:20 +00:00
jenkins-bot 3aafce35d2 Merge "build: Updating mediawiki/mediawiki-phan-config to 0.10.6" 2020-12-19 22:52:07 +00:00
Matěj Suchánek 63b950e5b6 Test some Consequence classes and clean up
Sadly, these are not unit tests.

Bug: T201193
Change-Id: I4c977ab14b273b02803a63f0a7b152a581a838b2
2020-12-19 16:31:22 +01:00
Matěj Suchánek 352a207c70 Improve code coverage
Bug: T201193
Change-Id: Ie086fd525bec19c63c13f8710a27897229cc33c8
2020-12-19 16:28:34 +01:00
jenkins-bot 4ef41d3844 Merge "Avoid 'finally' clause in AbuseFilterParser::parseDetailed" 2020-12-19 15:13:13 +00:00
Daimona Eaytoy 7bcb5ec2d5 Add a service to format filter specs
This requires a MessageLocalizer, which currently means providing the
main RequestContext. This is the only alternative right now, until core
provides a proper MessageLocalizer service (see T247127).

Change-Id: I8c93e2ae7e7bd4fc561c5e8490ed2feb1ef0edc2
2020-12-19 14:22:08 +01:00
libraryupgrader 682b6136e7 build: Updating mediawiki/mediawiki-phan-config to 0.10.6
Change-Id: I910c56e32829cea54a16105253004901e00a1885
2020-12-19 13:09:09 +00:00
Daimona Eaytoy 5d4b2fde27 Avoid 'finally' clause in AbuseFilterParser::parseDetailed
Bug: T270514
Change-Id: I1e3e6675ec8c3bfd435797cb044b85b3d2a34450
2020-12-19 11:17:58 +00:00
Matěj Suchánek dc7509811a Notify of a throttled filter
Use Echo for delivering the notification to the last
user who edited the filter.

Much boilerplate.

Change-Id: I7a46a03b4f15de20902ec70c62fb4fe750096842
Depends-On: If585b14a6dd6fb8c7d2c3bee1f20d9d08eaac706
2020-12-19 10:31:29 +01:00
jenkins-bot d386633103 Merge "Create a dedicated namespace for all consequences-related classes" 2020-12-18 22:57:00 +00:00
Daimona Eaytoy b394956c22 Create a dedicated namespace for all consequences-related classes
Change-Id: Ibc39593e34da36e57b640af0b5bbf2145f725e92
2020-12-18 19:27:33 +00:00
Daimona Eaytoy 7c1d1c6d7d Return warnings from the parser, add warning for catch-all regexps
This commit introduces some boilerplate for emitting warnings from the
AbuseFilter parser, and also code for showing these warnings in the ace
editor. Adding new warnings should be as simple as appending to
AbuseFilterParser::warnings (and adding the relevant i18n).

Bug: T264768
Bug: T269770
Change-Id: Ic11021b379f997a89f59c8c0572338d957e089a6
2020-12-18 18:22:41 +01:00
jenkins-bot e1a7acf55f Merge "Implement GetAutoPromoteGroupsHook" 2020-12-18 13:41:28 +00:00
James D. Forrester 7109c954a2 Use User->isRegistered(), not deprecated isLoggedIn()
Bug: T270450
Change-Id: I6ebf2f8040b6ac53025b5ccf503e5e221341eb09
2020-12-17 18:37:14 -08:00
Matěj Suchánek 2da4cb4321 Implement GetAutoPromoteGroupsHook
Test coverage included.

Bug: T261067
Change-Id: Iba49f0518d2c1a72405498b2743e5ef300dd6d61
2020-12-15 18:01:04 +01:00
Daimona Eaytoy 3f7dd25fbf Create FilterRunnerFactory
Next step is splitting the Runner into various subclasses.

Change-Id: I766555f31b425cee52fd262c5bfb1c73f3f170d2
2020-12-15 12:47:34 +00:00
Daimona Eaytoy 68adaa5cb1 Introduce ConsequencesExecutor
This is the last big step towards moving Consequences-related things away from
AbuseFilterRunner. There's still some cleanup to do (+ write proper tests), but
this should really be the last important code change.

Change-Id: I347795fe93ba496c43b1d5cfc9ba6e1326842c06
2020-12-15 13:47:21 +01:00
jenkins-bot f430cd211a Merge "Add a VariablesBlobStore service" 2020-12-15 12:43:28 +00:00
jenkins-bot e4023defd0 Merge "Use a BlobStore for storing var dumps" 2020-12-15 02:58:49 +00:00
jenkins-bot dc28fba015 Merge "build: Remove unneeded phan suppression" 2020-12-15 02:51:43 +00:00
Daimona Eaytoy c52ef337d7 Add a VariablesBlobStore service
Change-Id: If0c1eab2391819f8b4c801d12275d9ec14490f7a
2020-12-15 02:35:15 +00:00
daniel dfeff89317 Use a BlobStore for storing var dumps
AbuseFilter emulates the storage mechanism also used for page content.
Instead of duplicating the relevant code, AbuseFilter should use the
same BlobStore service also used by RevisionStore.

Note that this change is not strictly needed to resolve T198341, but is
needed to unblock T183490

Bug: T261889
Bug: T198341
Bug: T183490
Change-Id: I3fc8475dd8d50d73d705b706ff597a130267e990
2020-12-15 02:35:05 +00:00
jenkins-bot a7e965bbad Merge "Overhaul the interface for hiding AbuseLog entries" 2020-12-15 02:33:33 +00:00
jenkins-bot 3668ac1bd9 Merge "Simplify page handling in AFComputedVariable" 2020-12-13 19:31:18 +00:00
Daimona Eaytoy 9d288478fe Remove a bunch of deprecated methods
These are all unused.

Depends-On: Id99da02a98bb392cafed370768edcc8ac3d712ab
Change-Id: I9ff17714f94e1fbbd52da32ebf4f054a551edc1f
2020-12-13 18:31:27 +00:00
Umherirrender 90254368fc build: Remove unneeded phan suppression
Depends-On: Iab770702fd3a1d20f25f54057770dc03e28f1b0e
Change-Id: I3ce1816abb0f64843e9c8e3f866a6ef84c66285f
2020-12-13 00:37:20 +01:00
Daimona Eaytoy 5e609eb537 Add GlobalNameUtils class
This is just a temporary location for these two methods. Since they're
used a lot, having them in the AbuseFilter class means that the
dependency graph is unnecessarily complicated. Thus, since these methods
aren't doing much, they were moved to a dedicated class. Future todo is
finding an appropriate location, that might be either as part of another
service, or keep them in a Utilities class, perhaps a single class with
all util methods, rather than a specific class.

Change-Id: I52cc47a6b9a387cd1e68c5127f6598a4c43ca428
2020-12-12 17:49:48 +00:00
Daimona Eaytoy 2e703bdbb7 Simplify page handling in AFComputedVariable
Change-Id: I8a992a67222928e3a412470d1cb31653da4d172a
2020-12-12 17:17:10 +00:00
jenkins-bot f7f34924d1 Merge "Partly decouple SpecialAbuseLog and AbuseLogPager" 2020-12-11 21:17:57 +00:00
jenkins-bot c992529f3d Merge "Create a separate view for hiding AbuseLog entries" 2020-12-11 21:15:47 +00:00
Daimona Eaytoy 21d7c08aa7 Overhaul the interface for hiding AbuseLog entries
The main change is the addition of checkboxes to hide/show multiple
entries at the same time. Also, tweaked some i18n and made the process
return more useful success/error messages.

This patch introduces some technical debt, caused by SpecialAbuseLog and
AbuseLogPager being tightly coupled (which is a pre-existing problem,
but it got worse here).

Bug: T260904
Bug: T144096
Bug: T206945
Bug: T206938
Change-Id: I13f476d8126f81b0417e7509784c83d4f21cf348
2020-12-11 20:55:08 +00:00
Daimona Eaytoy 86f308c6f0 Partly decouple SpecialAbuseLog and AbuseLogPager
Move to the latter some methods that make more sense in there. Inject
some more services, don't require a SpecialAbuseLog to be passed in the
constructor.

There are still a couple of static calls, but fixing those would require
factoring more classes out of SpecialAbuseLog (e.g. a service to
determine visibility of AbuseLog entries).

Change-Id: I1b3012ca85bf049a07e0433fc0b357f502c355ad
2020-12-11 20:53:53 +00:00
Daimona Eaytoy 7243dd6cf9 Create a separate view for hiding AbuseLog entries
This is moving code away from SpecialAbuseLog, which is already too big
and has too many purposes. As such, the behaviour is not changed,
including for now bugs that were already present in the old version.

Change-Id: Idc13f7f746ada2e425662c6948c32aa744edac61
2020-12-11 20:34:52 +00:00
jenkins-bot 6f848578ea Merge "Allow the parsers to return extra info" 2020-12-11 16:35:25 +00:00
Daimona Eaytoy 3e0c30ff92 Allow the parsers to return extra info
This is achieved by creating a new ParserStatus class. Aside from the
result of parse(), it contains whether the cache was warm. This can be
used to differentiate profiling data as part of T231112.

Another use case is returning non-fatal warnings (T269770).

Change-Id: Ifcbda861ce1a44bbe9bffba5b83cd9ef338a8dba
2020-12-11 15:03:23 +00:00
jenkins-bot 4e5b97b6d2 Merge "build: Updating mediawiki/mediawiki-phan-config to 0.10.5" 2020-12-11 00:29:04 +00:00
libraryupgrader 281eec8e4d build: Updating mediawiki/mediawiki-phan-config to 0.10.5
Change-Id: Ie3fcfdf733885aac2ef0ee07cc1a8d4f3fedb7d7
2020-12-10 18:28:54 +00:00
jenkins-bot 8c4265b4a0 Merge "Write afl_filter_id and afl_global by default" 2020-12-10 17:36:33 +00:00
jenkins-bot 93c477d4b8 Merge "Move parser classes to a dedicated namespace" 2020-12-09 10:48:36 +00:00
Daimona Eaytoy 8b21c994fd Remove more BC code
Bug: T187153
Change-Id: I0c74b855893c7da8ab531e67a0aac298aed32c2c
2020-12-09 02:40:55 +01:00
Daimona Eaytoy da1c71ec4c Move parser classes to a dedicated namespace
Names were kept for now.

Change-Id: Ib2eb5d7b523a64f2a0f72fdcdde2043a76cc9a37
2020-12-09 01:30:20 +00:00
Daimona Eaytoy f41fe76df7 Kill $wgUser
Depends-On: Iadbce7501e42971901f6d9efcb2810ae42be51d8
Depends-On: I624610cb2372db200995c8d01d62b1d74efca19e
Change-Id: I51d99c30fbc0e87c038013bf5b8c27b1c735e977
2020-12-08 23:23:13 +00:00
Daimona Eaytoy ca3f652cd7 Almost kill the last use of wgUser
This is the last use, and it was a bit harder to remove because it was
buried inside AFComputedVariable. Starting with
I4444cada720ab62d187f2dd0c4760697e465f2ff, we can freely change the
parameters to AFComputedVariable without breaking old log entries.

Note, we still need a fallback for other extensions calling this
method...

Bug: T246733
Depends-On: I4444cada720ab62d187f2dd0c4760697e465f2ff
Change-Id: I5d786a518ef88fad9c8d9c25ef4553a0bf30b2b2
2020-12-08 23:28:24 +01:00
Daimona Eaytoy bcbfa66fe8 Write afl_filter_id and afl_global by default
The schema was introduced in 1.34, so there should be no issue in
starting off with writing the new columns.

Bug: T220791
Change-Id: I8f956d4a27692a33368a413fbf4a8eb5da20afe1
2020-12-08 23:06:03 +01:00
jenkins-bot 5de037dea6 Merge "Simplify User handling in AFComputedVariable" 2020-12-08 20:58:30 +00:00
Daimona Eaytoy 815ef6051c Split afl_filter in afl_filter_id and afl_global
Add a script to migrate the columns (which can also
be executed in dry run), and a config option with the migration stage
(defaults to SCHEMA_COMPAT_OLD).
Some of the script-related code is stolen from
Ic755526d5f989c4a66b1d37527cda235f61cb437.

Bug: T220791
Change-Id: I7460a2d63f60c2933b36f8383a8abdbba8649e12
2020-12-08 18:31:27 +00:00
Daimona Eaytoy e91ab70175 Simplify User handling in AFComputedVariable
This is some more back-compat code that we can get rid of after cleaning
old entries.

Change-Id: I374fc4496c27cf50e6960a9ab07b9c80431b4a3a
2020-12-08 17:51:08 +00:00
Daimona Eaytoy 1c625eeae4 Drop back-compat code
This should be merged once T246539 is done.

Bug: T213006
Change-Id: I4444cada720ab62d187f2dd0c4760697e465f2ff
2020-12-08 17:15:47 +00:00
Matěj Suchánek 08db320afe Fix Special:AbuseLog not to throw when global filters are not available anymore
There is a try-catch block but the same call was also done
unconditionally after it, making it throw when global filters
are disabled.

Change-Id: Ic8032592799756521a59ee23c0e76cb03a510b94
2020-12-07 20:12:06 +01:00
Daimona Eaytoy 600f1735f2 Add a hook for extensions to add custom actions
The global is now deprecated, and it will be removed soon.

Bug: T265794
Change-Id: I4e6c9b143744cb72c441017921bac9cd1960609c
2020-12-04 16:10:44 +00:00
jenkins-bot 1c8eb3963e Merge "Always take into account custom actions" 2020-12-04 14:07:09 +00:00
jenkins-bot edd998f532 Merge "Move API modules to separate namespace and rename them" 2020-12-04 12:33:05 +00:00
Daimona Eaytoy af8c237559 Move API modules to separate namespace and rename them
Change-Id: I436e8fed4a1cbe4f1b36a16b213ede7976e871ba
2020-12-03 22:11:09 +00:00
Daimona Eaytoy d351d7150b Always take into account custom actions
$wgAbuseFilterActions shouldn't be used normally, as it excludes actions
registered by other extensions.

Note: mw:Extension:AbuseFilter#Integration_with_other_extensions should
be updated after merging.

Bug: T239348
Change-Id: I89b3f0228eacdf145e8f2dd2a5602d0c7ce75a86
2020-12-03 21:39:35 +00:00
Daimona Eaytoy c786c4adc6 Add ConsequencesRegistry
Change-Id: I91f4f28e09fa46b9ab2457b2a241b6f105320bdd
2020-12-03 22:39:25 +01:00
jenkins-bot a7670f2bb5 Merge "Move pagers to their own namespace" 2020-12-03 20:26:59 +00:00
jenkins-bot c560217865 Merge "Use 'default' as default group when reading filters from history" 2020-12-03 18:04:34 +00:00
jenkins-bot d02b10db97 Merge "Improve type safety of filter ids" 2020-12-03 17:50:31 +00:00
jenkins-bot 6f7a9965a0 Merge "Add UpdateHitCountWatcher" 2020-12-03 17:46:37 +00:00
Thiemo Kreuz e45ce1f5bd Mark two private methods as such
Not used anywhere else:
https://codesearch.wmcloud.org/search/?q=stringifyActions
https://codesearch.wmcloud.org/search/?q=normalizeBlocks

This patch also moves that [ '' ] fallback out of a method
where it was misplaced. That fallback is very specific for
the diff algorithm, but not something one would expect from
a method called "stringifyActions".

Change-Id: I458eef61c6b6741bbd433ea26a012aaeb01cea3f
2020-12-03 16:52:17 +01:00
Thiemo Kreuz 34968d783e Simplify a few pieces of code
… mostly by inlining pieces, instead of assigning them to
a variable first.

Change-Id: Ibc432ed05f7b853a44fc1a301ef820984facb067
2020-12-03 16:50:55 +01:00
DannyS712 0fb033775f Use 'default' as default group when reading filters from history
This was NULL for old entries, because no default was added
in I758795f01eaf3ff56c5720d660cd989ef95764a7 (see T263324)

Bug: T269314
Change-Id: I5af8b0d3a9d7b6d2570cf79bbbe8b5b170ba1230
2020-12-03 15:16:17 +00:00
Daimona Eaytoy 1a3bd4b2b3 Move pagers to their own namespace
Change-Id: I5d3da5e51bbc54179c0618f1877f2eabb8302542
2020-12-03 14:17:09 +00:00
Matěj Suchánek de997fe98e Improve type safety of filter ids
Also fix a bug in FilterProfiler. It would attempt to reset
stats for global filters but we do not record them (yet?).

Change-Id: I0228d8c85dab146deb877dfce506f1e8e7711a9f
2020-12-03 14:58:51 +01:00
Daimona Eaytoy ed1195ea23 Add UpdateHitCountWatcher
Change-Id: I61c40312022c1037abb03819d06e5e220dd07e15
2020-12-03 13:47:10 +00:00
Daimona Eaytoy 22dc4af459 Create an AbuseLogger service
For now this is just moving code around.

Change-Id: Ie61a1c122b4e93a74b465eb781f9cbf49f0b32e6
2020-12-03 14:46:57 +01:00
Matěj Suchánek 0f062fca06 Move AbuseFilterView classes to separate namespace
Change-Id: I569281b13ec81d9f35038c7ef17a2d98f16f9b5c
2020-12-03 13:06:53 +01:00
Matěj Suchánek a1ba43f586 DI for AbuseFilterView and subclasses
Also add a test to ensure all views can be instantiated without problem.

Change-Id: Iedd7a5dca240efab1077fa51a3522c983b0ba4fa
2020-12-03 13:04:35 +01:00
Thiemo Kreuz 7047dba1f1 Update a few unspecific PHPDoc comments
Change-Id: I363d7f854c550654c5d4345f381e3731de6f2d3c
2020-12-03 09:50:09 +01:00
jenkins-bot 753a0dc482 Merge "Add ConsequencesLookup" 2020-12-02 15:49:33 +00:00
DannyS712 ace8a613a4 Consequences cleanup, should be a no-op
Reduce use of User objects in favor of UserIdentity
Use `use` statements

Change-Id: Icdd1b8be2d1345a8dd48b8d5d3af8781c6658c7c
2020-11-30 01:12:25 +00:00
Reedy 95d8278b58 Clean up SchemaChangeHandler
* Move all SQL files into db_patches (or below)
** Remove db type from filename
* Remove a lot of duplicated code and simplify

Change-Id: If22f2a2c46a59ac24c89ce612c74d169f053ab26
2020-11-29 19:14:24 +00:00
Matěj Suchánek db87a68260 Remove unused variable and comment
Change-Id: I76f1d08aadda89dc9ba22eb35469c33cf9c86a33
2020-11-29 11:11:39 +01:00
Reedy f11bbe1c9b Use ::class rather than stringified class name
Change-Id: I5695f40627122b76d792a3a05c97c42d921a5536
2020-11-28 11:19:51 +00:00
DannyS712 66a43948f3 EditBoxBuilder: Minor cleanup for readability
Add use statements for OOUI classes,
clean up line breaks
Should be a no-op

Change-Id: I7e83a41a138557f99fadcef38e992bfc1bff7f7f
2020-11-27 23:33:11 +00:00
Daimona Eaytoy c957188866 Add ConsequencesLookup
The class is used to retrieve consequences from the Database.

Change-Id: I46b3925aac47554723649c076eff64707a2ea2e6
2020-11-27 16:43:44 +01:00
Matěj Suchánek d76affb1db Move ChangeTags stuff to separate namespace
Change-Id: I6d7bed0e62f001f82c00a3528cc0018388c9c70e
2020-11-27 15:13:34 +00:00
jenkins-bot a6e96ed915 Merge "Introduce ChangeTagValidator service" 2020-11-27 15:13:06 +00:00
Matěj Suchánek 872b6118f4 Introduce ChangeTagValidator service
Just moving code around. Without a unit test because DI
coverage of change tags in core isn't available yet.

Change-Id: Iac861e1e24dae13581b8d9173357a1d6c94be88a
2020-11-27 15:11:48 +01:00
Matěj Suchánek 1ad77dc9fb Introduce EditBoxBuilderFactory service and EditBoxBuilder
It makes sense to look at this and Iedd7a5dca24 together,
as this patch itself doesn't really fix anything.

Change-Id: Ifef5266b1803d1a96489789b08d9beed044d908f
2020-11-26 14:49:04 +01:00
Daimona Eaytoy 904d9cddbb Represent Consequences with command objects
The consequence-taking logic is moved away from AbuseFilterRunner, to
dedicated classes. There's now one class per consequence, encapsulating
everything it needs to take the consequence.

Several interfaces allow customizing different types of consequences.
Every "special check" in AbuseFilter was generalized to use these
interfaces, rather than knowing how to handle each consequence.

Adding more consequences from other extensions will also be easier, and
it should happen via a hook (not a global), returning a class that
implements Consequence. The BCConsequence class was temporarily added
for legacy custom consequences.

A ConsequenceFactory class is added to instantiate consequences; this
would possibly benefit from using ObjectFactory, but it doesn't because
it would also reduce readability (although we might do that in the
future).

These classes are still not covered by unit tests, and this is left to
do for later. The new unit tests should mostly replace
AbuseFilterConsequencesTest. @covers tag were added to keep the status
quo (i.e. code that was considered covered while in AbuseFilterRunner
will still be considered covered), although we'll have to adjust them.

Change-Id: Ia1a9a8bbf55ddd875dfd5bbc55fcd612cff568ef
2020-11-25 17:35:36 +00:00
jenkins-bot 26d3abfab4 Merge "Introduce a service for saving filters" 2020-11-25 14:47:21 +00:00
Daimona Eaytoy c368575af0 Create a base interface for watchers
This will ease adding new watchers, for instance to send Echo
notifications (see T179495 and T100892).

For now, this is just boilerplate, and converting EmergencyWatcher to
the new interface.

Change-Id: I18d62aba53471202b709cdb19033b1729c5c25b4
2020-11-20 23:34:20 +01:00
Daimona Eaytoy 9595bd9da5 Introduce a service for saving filters
Change-Id: I6b7d16ad7ea1124989ed67c74413979cfd0275c4
2020-11-20 22:33:21 +01:00
jenkins-bot ca54f0b2e3 Merge "EmergencyWatcher: update data for all filters at the same time" 2020-11-20 07:04:58 +00:00
jenkins-bot a16cca0ecb Merge "Adjust code coverage" 2020-11-20 06:48:12 +00:00
jenkins-bot b6b90c07cb Merge "Remove AbuseFilter::getFilter" 2020-11-20 06:46:01 +00:00
Daimona Eaytoy cdbe9260c7 EmergencyWatcher: update data for all filters at the same time
This will avoid unneeded queries, in theory. In practice, it will
almost never happen to have more than one filter to throttle.

Change-Id: I5b8df51215463ce4464f6a2d0390f58612a5a213
2020-11-20 06:41:56 +00:00
Daimona Eaytoy 3f7fff56e8 Adjust code coverage
-Exclude methods and classes that cannot be meaningfully covered
-Add a simple test for AbuseFilterServices
-Exclude ServiceWiring because there's no way to tell PHPUnit it's
covered

Change-Id: I4c67b0d3fea68c7a3b3cbe01b5608f87e1b492db
2020-11-19 22:40:26 +00:00
libraryupgrader e5c9bf119d build: Updating mediawiki/mediawiki-phan-config to 0.10.4
Change-Id: I8309c5ed36536f5304e1429c4c24553b456ddc8e
2020-11-19 20:33:25 +00:00
Matěj Suchánek 83c2ccb1b3 Optimize EmergencyWatcher
Avoid queries for profiler data when the filter hasn't
been changed recently.

Change-Id: I691d3922436e80264403f9c5b8b822be729e1d94
2020-11-19 18:20:16 +01:00
Daimona Eaytoy a71ea3aa38 Remove AbuseFilter::getFilter
Needs the patch in ContentTranslation first.

Depends-On: I0b74db70ad4e9768e4dcb84b9decb9c737e942e5
Change-Id: Id186ea99fcf69aa4348e404677ce5da998d83170
2020-11-19 15:11:32 +00:00
jenkins-bot 97019239bc Merge "FilterProfiler: allow searching for slow global filters" 2020-11-18 23:43:20 +00:00
jenkins-bot 31f4607790 Merge "Handle DUNDEFINED in array offsets" 2020-11-18 23:30:58 +00:00
DannyS712 09c3a9df05 FilterProfiler: allow searching for slow global filters
The slow filter hits are logged for the target wiki, but
the fix would be on meta, so make it possible to filter
for those

Change-Id: I6e02866479e77d707f4fa951ec909c325b944158
2020-11-18 23:20:30 +00:00
jenkins-bot 8f47259285 Merge "Add an interface for exporting/importing filters" 2020-11-18 23:13:53 +00:00
Daimona Eaytoy 3fc30021d2 Handle DUNDEFINED in array offsets
The behaviour is:
- When assigning to an undefined offset, delete the whole array and turn
it into another DUNDEFINED
- When retrieving from an undefined offset, just return DUNDEFINED.

Bug: T237214
Change-Id: I621ee7a16c90bb86a57be04e7ce0a748ecdbfcc7
2020-11-18 14:20:49 -08:00
Daimona Eaytoy 210cf29658 Add an interface for exporting/importing filters
The main benefit of having a dedicated interface is that we can easily
change the output format. So we're now using a custom array without
references to the DB schema, thus making the import/export process
completely independent from the schema.

Change-Id: I4c0de41d914baf1e9a0e588bd31f95b3524a424b
2020-11-18 22:06:09 +00:00
Daimona Eaytoy 7a24c94d6e Evaluate left-to-right when adding elements to array
Bug: T237090
Change-Id: I5fb72dec0ea12240b6563e66b69e399edc4c72d6
2020-11-18 21:25:45 +00:00
Daimona Eaytoy b5ae7360bc AbuseLog: Use a radio button not checkbox for suppressing entries
Add a radio to select between "hide" and "show" instead of a single,
cryptic checkbox which doesn't really explain what it does.
Also wrap the list in a form which will later be used to mass-delete
entries.

Depends-On: I1bb45e47c3b42c01388b99778ce833e4e44419e1
Change-Id: Ie2d019fad5af7c626d722dc348f40eb0db21e527
2020-11-18 20:57:39 +00:00
jenkins-bot cc10f76bfa Merge "Use a WikiPage object when filtering edits on a non-existing Title" 2020-11-18 20:52:53 +00:00
Daimona Eaytoy 6305746de3 Use a WikiPage object when filtering edits on a non-existing Title
Remove $title->exists() from the check, so we have the following
changes:
 - The AbuseLog will add a diff link for page creations
 - Searching the AbuseLog for impact:saved will include page creations
 - We don't have to recreate the WikiPage again in RunVariableGenerator

Also remove an old reference to "bug 31656": that comment was added in
rEABFefecf8b2441ae2f31f924ff33103f5affe5d1d62, which changed
Article::getContent() to Article::getRevision()->getRawText(). Nowadays
we don't even use Article anymore, and that conditional isn't even for
retrieving the page content, so the comment is wrong.

Add logging for when the Title object cannot exist, as this should never
happen in the context of the EditFilterMergedContent hook, and always
create a WikiPage. Some signatures were changed to require a WikiPage
object now, and every caller updated to provide it.

Bug: T263104
Bug: T62179
Depends-On: Ic238eaa529ef6bfba06b4dd03924a8e0111d8259
Change-Id: Ibf3bf4f68328ba4a5616ab8f26a8b44d27a25cd7
2020-11-18 20:13:46 +00:00
Daimona Eaytoy df017d478c Factor out another method from AbuseFilterRunner::getFilteredConsequences
This is a no-op, moving code around, introducing another distinction re
"filtering actions", which now happens in 2 steps:

 - The first step only uses "generic" information available by looking
   at enabled actions as a "group". This includes keeping only the
   longest block, and removing 'disallow' if other blocking actions are
   enabled.
 - The second step uses information that is only available after having
   "partly executed" (named "pre-checked") a consequence. For instance,
   we need to pre-check 'throttle' to see if the throttle was hit, and
   remove any other actions if not.

Change-Id: I7be5cfaa61e942a06f97ed52f50e9c8c70a120e8
2020-11-18 16:49:26 +00:00
Daimona Eaytoy ef9e828fbe Filter out actions to execute before actually executing them
This way we don't have special cases in executeFilterActions, and instead, we execute
all actions in the same place. In turn, this is going to ease the
transition to a new consequences system: next step is refactoring this
code into a service with proper DI etc.

Bug: T204447
Change-Id: I8134ecc41fbecdbed99faf406e9e3ca91b6123b9
2020-11-18 16:49:01 +00:00
Matěj Suchánek e7813fbafb Introduce EmergencyWatcher service
Change-Id: I45477ca84a99f620d182ef95e5627d421d38f077
2020-11-18 14:20:18 +00:00
Daimona Eaytoy ae29451ab8 Introduce a FilterCompare service
The scope is still quite limited, but as noted in a todo, we might want
to make this completely independent from the database, and add the use
case of ViewDiff.

Change-Id: Ie980fff0983b3e86037265e85da04444c809a6e8
2020-11-18 11:52:44 +00:00
jenkins-bot 914f0f4a13 Merge "Remove AbuseFilter::filterHidden and ::getGlobalFilterDescription" 2020-11-18 09:36:03 +00:00
jenkins-bot 3158a7ebc7 Merge "Remove temporary parameter" 2020-11-18 09:09:02 +00:00
Daimona Eaytoy 6376394713 Remove AbuseFilter::filterHidden and ::getGlobalFilterDescription
They've been replaced by getters in the Filter class.

Note, the Lookup is not injected in this patch because some places would
need careful thought, so it's left to do later.

Change-Id: I40b8c8452d9df741217d7fa090a5e746a2f46994
2020-11-18 08:43:22 +00:00
jenkins-bot de67c30d96 Merge "Don't show form for reverting filter actions when no actions were found" 2020-11-18 02:06:34 +00:00
Matěj Suchánek 8955c55dc7 Don't show form for reverting filter actions when no actions were found
Change-Id: I779a318a9daaf6d3a17335914a7fd85877765625
2020-11-18 01:42:38 +00:00
Daimona Eaytoy 1bcfdc3b13 Introduce a FilterValidator
This moves a lot of things away from the AbuseFilter class. There's a
nasty static dependency on ChangeTags, but it's very limited anyway, and
it's going to be fixed once T245964 is resolved.

Change-Id: Ia7df4b4d3289c2722323f59ceecf3fdd38277785
2020-11-18 01:41:31 +00:00
Daimona Eaytoy 725ec052ed Add a FilterLookup service
Some pieces of code were updated to use Filter objects, while other
places are still to be updated. We also need to change the history part
to exclude actions somehow, cleanup the ViewEdit, reduce direct DB
access or anything mentioning DB fields outside of FilterLookup, etc.

Change-Id: I42b7ded685db76eddd45e4b1336f9828cba811ce
2020-11-18 01:17:47 +00:00
Daimona Eaytoy bad5a9a29c Make AbuseFilterViewEdit work with Filter objects
This requires adjusting some methods to work with Filter objects. Some
methods and tests are left in an inconsistent/suboptimal state, plus some todos
were added, but all of this is going to be remediated in another commit.

Change-Id: Id063ee73d97c7aef56323e1457d99704f77ab943
2020-11-18 00:52:37 +00:00
Daimona Eaytoy 555383a5c6 Unbreak master build
Phan is failing on master with

  includes/Views/AbuseFilterViewEdit.php:506 PhanTypeMismatchArgument Argument 1 ($salt) is ['abusefilter',$filter] of type array{0:'abusefilter',1:?int} but \User::getEditToken() takes string|string[] defined at ../../includes/user/User.php:3735

due to a documentation change in core.

Change-Id: Ibc01332c67224e3efc7922d1be882615c2de5d9a
2020-11-18 00:15:54 +00:00
jenkins-bot 524555c400 Merge "Add value objects to represent filters" 2020-11-05 15:08:53 +00:00
Daimona Eaytoy e8947970ce Remove temporary parameter
The only usage outside of AbuseFilter (in ContentTranslation) was fixed with
Ifc9ede277791398290786cdb6743137004b5c713.

Change-Id: I22cf9c76ef3b007502045a02c82255ba6c9fd0f2
2020-11-04 15:06:32 +00:00
jenkins-bot 1d06f5fc4c Merge "Use HTMLForm features instead of mSubmit" 2020-11-04 13:07:47 +00:00
Daimona Eaytoy 71a61c2089 Add value objects to represent filters
This is just a start; next step is adding a factory/store method to
get/store these objects. And then use these value objects whenever
applicable.

Note: the actions-related code is still not fully implemented. This is
going to happen as part of the FilterLookup.

Change-Id: I5f33227887c035e301313bbe24d1c1fefb75bc6a
2020-11-04 12:56:14 +01:00
Daimona Eaytoy 0f17e47d88 Use HTMLForm features instead of mSubmit
Rely on modern HTMLForm features instead of using a dedicated class
property. The form identifiers are necessary, because these forms are
GET forms, and HTMLForm will always think that the form was submitted,
if it doesn't have an identifier (see T238467 and related
tasks/patches).

Additionally, make the first form on ViewRevert a GET form, like on
Special:AbuseLog.

Bug: T263627
Change-Id: Ia6ca45896732742ef73e401b09663728b9e7dda2
2020-11-04 11:51:27 +00:00
jenkins-bot 3b9a79cabc Merge "Introduce AbuseFilterParserFactory service" 2020-11-04 10:34:43 +00:00
jenkins-bot 648c2f8001 Merge "Divide AbuseFilterPermissionManager::canSeeLogDetails" 2020-11-04 10:32:46 +00:00
jenkins-bot 94ef2b3ad4 Merge "Resolve/remove a few todos in AbuseFilterRunner" 2020-11-04 10:00:33 +00:00
jenkins-bot 16c6cba1f5 Merge "Remove exclusions for new PHPCS rules, bump PHPCS to 33.0.0" 2020-11-03 19:53:16 +00:00
Daimona Eaytoy 4cc3934a73 Remove exclusions for new PHPCS rules, bump PHPCS to 33.0.0
Change-Id: I346c5e41b76322c4bcbc6b2402f1316e73c45681
2020-11-03 19:26:11 +00:00
Huji 9c9d2885a4 Correct the documentation of publishEntry() method
The publish() method that it resembles is not a method defined in
the LogEntry class, and not even in LogEntryBase class. It is
defined in the ManualLogEntry class. Let's reference it correctly.

Change-Id: I60cfceac7c19047e299cf9f704dda8d8ef2f2ba6
2020-11-02 15:53:55 -05:00
jenkins-bot 8946ba54a2 Merge "Remove dead line of code from AbuseFilterExaminePager" 2020-11-01 14:44:12 +00:00
Daimona Eaytoy c1c3daa031 Resolve/remove a few todos in AbuseFilterRunner
Some were outdated/not doable, others were resolved.

Change-Id: Ice524a4d31f8d90ab507801562787b946c59d651
2020-11-01 14:08:25 +01:00
Daimona Eaytoy be75cf1c40 Introduce AbuseFilterParserFactory service
TODO For the future: the final directory for Parser-related classes
should be "Parser", not "ParserNS". However, moving all classes now
would make it harder to rebase changes etc.

Change-Id: Ice335f4723e74f4e5fbe8dcc76ff8ea16310962c
2020-10-31 21:19:00 +01:00
Matěj Suchánek 5efbf80034 Remove dead line of code from AbuseFilterExaminePager
Ordering is done by in IndexPager::buildQueryInfo. In fact,
this key is unconditionally overridden there and the query
is sorted by rc_id (specified in ::getIndexField). It would
probably deserve some performance analysis because
the ordering and filtering don't seem to use matching indices.

Change-Id: I9e73d44d868ddf5beba6dc6e4550e851a6df5119
2020-10-31 18:00:03 +01:00
jenkins-bot bec7c44d12 Merge "Move mCounter property from AbuseFilterViewExamine to AbuseFilterExaminePager" 2020-10-31 16:27:12 +00:00
Matěj Suchánek 3e8a4b63ab Move mCounter property from AbuseFilterViewExamine to AbuseFilterExaminePager
It is only used there. Reduce coupling.

Change-Id: I1fad101c4cd971914a031b08f10114cd7278cc66
2020-10-31 15:31:23 +00:00
Daimona Eaytoy 1f8df50cb3 Add a service to retrieve the central DB
This is a thin wrapper around LBFactory and the global variable, that
can be injected in classes requiring it (no real class right now, but
that's going to change soon).

Also, remove some DWIM-style returns which made the code harder to
understand.

Change-Id: I1d28ad4a67f914103f3a17cda5f61b28070c7f1c
2020-10-31 12:32:46 +00:00
jenkins-bot 6a081ade68 Merge "Little cleanup for AbuseFilterRunner" 2020-10-31 11:42:31 +00:00
jenkins-bot 4f30f4e188 Merge "Process 'throttle' action if object caching is disabled" 2020-10-30 22:24:02 +00:00
Daimona Eaytoy 04451d7bde Little cleanup for AbuseFilterRunner
Remove outdated/pointless comments, use already defined variables, etc.

Additionally, make it possible to disable throttling locally.

Change-Id: I98fd5f3eb47b32fc1013360e462a57d932174a95
2020-10-30 21:42:54 +00:00
jenkins-bot f0962ccd51 Merge "Use MainObjectStash for generating throttle keys" 2020-10-30 20:06:37 +00:00
Daimona Eaytoy 91f2cf9439 Process 'throttle' action if object caching is disabled
See a longer explanation on phabricator.

Bug: T265216
Change-Id: I8e0054ba523f993aeb48a7e1533bbb913b46c435
2020-10-30 20:20:58 +01:00
Matěj Suchánek 59f507b16c Use MainObjectStash for generating throttle keys
Keys should be generated for a cache that will use
them.

Change-Id: Ic634410e2521b02c1b50c798a7f2d5b96705af8c
2020-10-30 18:41:45 +01:00
Daimona Eaytoy d73a94ad30 Create helper methods for the 'warn' action
Change-Id: I62e752e0dbed4f723cc6f600085a1689f3962bd3
2020-10-29 11:10:47 +00:00
Daimona Eaytoy 7dd10ff348 Split checking vs setting throttle
This is still not very useful, but it's going to come up handy when
we'll be refactoring this code.

Additionally, fix a shortcircuit issue which caused additional throttle
types to not be processed if a type was already triggered.

Change-Id: Ied44d9300b3fa2ad00fe95c9c3da3c3f8faa650b
2020-10-29 10:17:43 +00:00
jenkins-bot ec5b9bef44 Merge "Add a service to retrieve the filter user" 2020-10-29 09:52:56 +00:00
Matěj Suchánek 77f6ecce13 Cleanup FilterProfiler API
Make FilterProfiler::getFilterProfile return stats unchanged,
in a structured way. Move computations to AbuseFilterViewEdit,
as they are only useful there. Don't return false on cache
misses, return arrays with zero values instead.

Bug: T266531
Change-Id: I8718cc31a5004340bf742315c7075e10a61fcbfd
2020-10-28 12:48:30 +00:00
jenkins-bot 5f38ddd5cf Merge "Add typehints to hook handlers" 2020-10-28 12:43:10 +00:00
Daimona Eaytoy be4ef544c4 Merge "Simplify ViewEdit, last round" 2020-10-28 10:38:15 +00:00
Daimona Eaytoy ccf8afe75b Add typehints to hook handlers
Needed after core change I95bb47104ad3dc0a69c812c627ffa631c5dc6ace to
make phan pass on master.

Change-Id: I6202212493340064945a559799e248130f418d6e
2020-10-28 11:37:07 +01:00
Daimona Eaytoy e0b187a546 Divide AbuseFilterPermissionManager::canSeeLogDetails
This commit splits this method into a version that doesn't need a
filter, and another version which requires one. This latter version has
a single mandatory parameter, $filterHidden, and it's up to the callers
to retrieve the value to pass in.

As mentioned in a TODO, this should eventually be changed to take a
Filter object (still under review as
I5f33227887c035e301313bbe24d1c1fefb75bc6a), which is also why
AbuseFilter::filterHidden is not being used here.

Change-Id: Id47a80131e12a5f7e1e93676299641dbf1e2b0ad
2020-10-27 19:51:01 +00:00
Matěj Suchánek be0268f200 Unbreak EmergencyDisable
FilterProfiler::getFilterProfile returns data in a different
format than the data is really stored.

Bug: T266531
Change-Id: I0d961a1ae67769da61f841df2462d47f81849972
2020-10-27 10:07:15 +01:00
Daimona Eaytoy 916234598d Simplify ViewEdit, last round
This deals with data inconsistencies in buildFilterEditor. Every
property of $row was tested in all 5 scenarios (also using Selenium) to
check when it's set. The result is in the normalizeRow method, which
aims to remove any inconsistencies, so that buildFilterEditor always
receives a "complete" row with all defaults set.

The code in buildFilterEditor is now cleaner (because there are no
isset() checks), and it gives us a unique place where we can set
defaults (rather than partly doing that in
loadRequest/loadFilterData/loadImport, and partly relying on isset).

This will be especially useful when introducing value objects to
represent filters, because now you just have to look at normalizeRow()
to tell which properties are allowed to be missing, and thus what "kind"
of filter object you need (see
I5f33227887c035e301313bbe24d1c1fefb75bc6a).

Additionally, reduce the properties that get passed around during
export/import, and make the selenium test try a roundtrip, rather than
relying on hardcoded data that may get outdated. A future patch will
refactor the import/export code.

Change-Id: Id52c466baaf6da18e2981f27a81ffdad3a509e78
2020-10-26 13:07:29 +00:00
Daimona Eaytoy cbea88f818 Add a service to retrieve the filter user
Unfortunately, this isn't using DI completely, because of the
User::newSystemUser call. I'm not even sure if we really need to call it
or we can just stick to new UserIdentityValue, but leaving like this for
now.
Also, the types were weakened to UserIdentity, so the transition is
going to be easy anyway.

Change-Id: I08f8fae0fcc622ff0ac3f86771476d06d1c18549
2020-10-26 14:06:53 +01:00
jenkins-bot 711f949b95 Merge "Cleanup for AbuseFilter class" 2020-10-26 11:25:01 +00:00
Daimona Eaytoy 0d751dde04 Cleanup for AbuseFilter class
Remove unused property, move to AbuseFilterView a method that's only
used there.

Change-Id: I16658521e32eeaafc1d601528d52bef17e1bf3b5
2020-10-25 15:55:21 +01:00
Daimona Eaytoy 6c9fc516aa ViewRevert: avoid needless query
The previous code would call getUserGroups again once creating the log
entry, but this was slightly flawed: we're updating groups on master,
but the read happens on a replica that might be outdated, hence
resulting in broken logging. Instead of reading from master, we can just
keep a list of the groups that were actually added, and use that
afterwards.

Change-Id: I7cc282e15561de3a3d3e183808a65991aa27d2bb
2020-10-25 10:29:59 +01:00
jenkins-bot 8fe9902af3 Merge "Use UserGroupManager when reverting degroup action" 2020-10-25 09:24:15 +00:00
jenkins-bot 50ae561641 Merge "Simplify ViewEdit, round 2" 2020-10-25 09:10:11 +00:00
Matěj Suchánek 6d81fca76b Improve FilterProfiler coverage
Also improve documentation of some FilterProfiler methods.

Change-Id: I08198c643a7d2dac10e928914e8a5c7413f2543d
2020-10-24 16:23:47 +02:00
jenkins-bot d7770ad520 Merge "Introduce BlockAutopromoteStore service" 2020-10-24 13:16:57 +00:00
jenkins-bot ba9e461ed0 Merge "Deduplicate cache keys used to check blockautopromote" 2020-10-24 12:57:11 +00:00
Matěj Suchánek 1445d5962a Introduce BlockAutopromoteStore service
This service is responsible for the blockautopromote feature:
(un)block autopromotion and check status.

The patch mostly moves code from static methods to the new class
and relaxes type hints (e.g. from User to UserIdentity).

Change-Id: I79a72377881cf06717931cd09af12f3b8e5f3e3f
2020-10-24 12:31:44 +00:00
jenkins-bot dfc9cc2a19 Merge "Code cleanup for FilterProfiler" 2020-10-23 14:43:26 +00:00
Daimona Eaytoy 5890dea4ff Deduplicate cache keys used to check blockautopromote
Previously, AbuseFilterHooks would proxy the data from a slower backend
(db-replicated) to a faster one (hash) reusing the same key. This change
makes it use a dedicated key, so that the "main" key can be kept
internal inside the upcoming BlockAutopromoteStore.

Change-Id: Id46a66991d0e994ee0a83b83b9c95e8951f3041c
2020-10-23 16:43:24 +02:00
Daimona Eaytoy 416dcd9ba3 Simplify ViewEdit, round 2
- Add a helper method to output an unrecoverable error, comprising a
   button to go back to the filters list;
- Move the token check to attemptSave, so to make the conditionals
  easier to read, and group errors together
- Make buildFilterEditor take an HTML parameter for the error, so the
  caller can specify whether it's error or warning
- Move the check for non-existing filters out of buildFilterEditor
- Add a bunch of typehints
- Don't set af_throttled and af_hit_count in the empty row template, but
  set af_deleted (these are only used in buildFilterEditor)
- Make AbuseFilter::translateFromHistory consistently include the af_global
  property (previously it would only be set for global filters; this error
  was introduced when first implementing global filters)
- The only user-facing change is that, when trying to use a custom
  warning/disallow message on a global filter, this is now considered a
  non-fatal error, so we now show the editing interface (and not just an
  unrecoverable error).

The next step is resolving the @todo in buildFilterEditor about null
checks.

Change-Id: I9d217dcac3f4cc0b26e53eca735cc327d5efc76d
2020-10-23 13:00:43 +00:00
Daimona Eaytoy 4de4ef358b Use UserGroupManager when reverting degroup action
This commit avoids direct queries on the DB, which is already an
improvement. It also adds some TODO comments for future improvements,
mostly things that depend on core changes.

Bug: T265224
Change-Id: I8eb76a0c463751976c2c5deedb3570305f1ab4f0
2020-10-23 12:07:45 +00:00
jenkins-bot cc7763f760 Merge "Add dedicated classes for more hook handlers" 2020-10-23 11:38:20 +00:00
Daimona Eaytoy 6724227182 Flatten the array returned by getConsequencesForFilters
There's no point in repeating the action name, because it's already used
as key. We can then flatten the array and just keep the parameters in
the third nesting level.

Change-Id: I54abcc49322f432cedd361abeedb72e067d3de41
2020-10-22 16:36:11 +00:00
Daimona Eaytoy b309c804fc Add dedicated classes for more hook handlers
The schema changes hook was chosen because the handler is very long. The
test ones were chosen to keep test things away from actual code.

Bug: T261067
Change-Id: Ie06bf62399f6353e3e268cccb3fe4b41bbf951c5
2020-10-22 18:23:09 +02:00
Matěj Suchánek 6b1b879da8 Code cleanup for FilterProfiler
Follows up Ib66c42ac220731f4e1da9ee6cfb5290759dd6494.

Apply DannyS712's suggestions from that patch.

Change-Id: Ib9f19969a888bd29f9f46e90fb52b49ce883c667
2020-10-22 15:39:00 +02:00
Daimona Eaytoy 4c06dd52c8 Replace $wgAbuseFilterRestrictions with more specific variables
So that sysadmins can further customize the extension. It was also wrong
to use the same variable for many different things.

Note that there's no associated patch in wmf-config because we use the
defaults. However, before merging this patch, please recheck that
AbuseFilterRestrictions and AbuseFilterDisallowGlobalLocalBlocks aren't
used there (https://codesearch.wmflabs.org/operations/?q=AbuseFilterDisallowGlobalLocalBlocks%7CAbuseFilterRestrictions&i=nope&files=&repos=)

Bug: T175221
Change-Id: I7581b3ee6d9d11a6cf1599b8ff874e8c3d54adf4
2020-10-22 13:38:59 +00:00
jenkins-bot 1c10edb80f Merge "Migrate change tags hooks to DI" 2020-10-21 18:04:20 +00:00
jenkins-bot 1c1b40f322 Merge "Inject ChangeTagsManager to ChangeTagger" 2020-10-21 17:21:23 +00:00
jenkins-bot c7e1d11c74 Merge "Add ChangeTagsManager service" 2020-10-21 17:15:40 +00:00
jenkins-bot c865e210de Merge "Simplify ViewEdit::loadRequest" 2020-10-21 16:39:18 +00:00
Matěj Suchánek 2ee3a0d247 Migrate change tags hooks to DI
Bug: T261067
Change-Id: I7b95cd19ab0ae04820e8dcb3481d29a2f9e7a0ca
2020-10-21 16:18:06 +00:00
Matěj Suchánek 93556284a0 Inject ChangeTagsManager to ChangeTagger
We decided to have the tag name provided by ChangeTagsManager,
so make ChangeTagger depend on it.

Change-Id: If3cbfd992f45651f47477031befffc0fd30f4a28
2020-10-21 16:30:43 +02:00
Matěj Suchánek 85e000c6ed Add ChangeTagsManager service
This service will be resposnsible for loading
and caching change tags used by abuse filters.

Change-Id: I9a710af1dd1ae58c47de1e8509246ed929d0a662
2020-10-21 16:24:32 +02:00
jenkins-bot f5950e638f Merge "Performance: don't check autopromotion if blockautopromote is disabled" 2020-10-21 13:20:13 +00:00
Daimona Eaytoy 7e44146781 Performance: don't check autopromotion if blockautopromote is disabled
This hook is called on every request, even for view actions, hence it's
a hot spot and a potential source of performance issues. We can slightly
optimize it by avoiding a cache lookup if blockautopromote is disabled.
Note: this won't really have an impact on WMF wikis since blockautopromote
is enabled almost everywhere.

Bug: T22487
Change-Id: I3743bfea9fe5865a3947cd23a07ae27e2dfa9301
2020-10-21 13:28:41 +02:00
Daimona Eaytoy 9bc885b6b3 Add a ChangeTagger class
The logic about action IDs and the persistent buffer is now encapsulated
inside a single service, which is a step towards getting rid of global
state in the AbuseFilter class, and reducing the responsibilities of the
Runner.

An important change made here is that we now require a LinkTarget rather
than a Title. This removes a dependency on the Title class (a monster
object), makes tests simpler, and denies the need to inject a
TitleFactory. This means living without some bits of context (e.g. we're
no longer using makeTitleSafe to ensure a valid title, and we have to
build a "prefixedtext" manually), but this shouldn't be a problem, given
that the titles are only used to create a cache key: invalid titles are
not a problem, and concatenating namespace + title should always be
sufficient.

Bug: T265370
Change-Id: Iff59cd3d889454a482a89c16691bfefcc5ec0a12
2020-10-21 13:19:30 +02:00
Daimona Eaytoy 215f16a177 Prevent uncaught warnings/exception on Special:AbuseFilter
This patch addresses two issues observed in WMF production:
 - Specifying a search mode without a search pattern would result in a
   call to mb_stripos (in AbuseFilterPager) with an empty delimiter,
   which triggers a PHP warning. Avoid this by checking that the search
   pattern is not the empty string, and unset the search mode if that's
   the case.
 - Trying to use an invalid search mode would result in an unhandled
   LogicException. We have some code in place to check the validity of
   the URL parameter, but the relevant code didn't reset the search mode
   to null, hence AbuseFilterPager would throw before we can show a
   pretty error to the user.

Bug: T265994
Change-Id: Ib19d36d6265981097bbb551783fdac8bdaa98854
2020-10-20 13:59:45 +02:00
jenkins-bot 3b59156b4c Merge "Minor updates related to var dumps" 2020-10-19 08:27:05 +00:00
jenkins-bot e002cbb4fa Merge "Exclude implicit groups when degrouping the user" 2020-10-19 07:56:41 +00:00
Daimona Eaytoy a330d0c454 Exclude implicit groups when degrouping the user
It doesn't make much sense to try to remove implicit groups like 'user'
and '*'. As a matter of fact, these groups are also excluded in
AbuseFilterViewRevert when undoing degroups.

Change-Id: I292499611ccfbd12df28b713d4244530db15c26d
2020-10-18 15:34:04 +02:00
Daimona Eaytoy 3a85e03c72 Simplify ViewEdit::loadRequest
This method was divided into multiple, shorter methods. We now have a
dedicated method for imports, and one for everything else, plus a method
for loading actions. Merged a conditional for when the token didn't
match. Avoid returning Status objects with data inside as it's too
difficult to properly infer types for those.

This is still not perfect, and another round of simplification might be
necessary before this class can be updated to use the upcoming Filter
value objects.

Change-Id: I2de1de1982105e5b9b817a893c357615ffb7db86
2020-10-18 11:06:30 +00:00
Daimona Eaytoy f589629b12 Avoid direct coupling between SpecialAbuseFilter and AbuseFilterView
While this might seem a small change, it removes the last remaining
coupling between SpecialAbuseFilter and the *View classes, that were
forming a huge tangle.

Change-Id: I5a9d6516e3fa2d3efc4bb2e19b05379dc33cd84d
2020-10-17 00:37:11 +02:00
jenkins-bot 94af753348 Merge "Use new services in AbuseFilterRunner" 2020-10-16 13:20:08 +00:00
jenkins-bot c094da9cec Merge "Simplify code for tagging the action on cache hit if the cond limit was hit" 2020-10-16 11:49:20 +00:00
Matěj Suchánek adbe9bcbce Improve display of log entries when global filters are not enabled
Don't create <a> tags without a href. Show a placeholder
message instead of nothing (alternatively, we could create
a new message for each existing one).

Bug: T174000
Change-Id: Id55b90881aacc620ff3c519ad6eedf212f36c4ed
2020-10-15 15:05:16 +02:00
Daimona Eaytoy 1efc324d97 Use new services in AbuseFilterRunner
The first one is UserGroupManager, used for the 'degroup' action. This
is a simple one-line replacement (repeated twice), and the current code
was already using this service under the hood.

The second one is BlockUser, which is not a one-line change (but still
quite simple). In particular, this allows us to avoid duplication with
core logic when constructing the log entry (this is now done by
BlockUser).

Bug: T248743
Change-Id: Ib7c1dc107a169b575f7021e64b6a8fee09529548
2020-10-14 23:08:32 +00:00
Daimona Eaytoy a7182acafd Simplify code for tagging the action on cache hit if the cond limit was hit
This code was simply caching the AbuseFilter::$tagsToSet property, but
this is not necessary. The only tag that can be buffered during edit
stashing is the conds limit tag. So we just save whether the conds limit
was hit, and apply the tag from a single point afterwards.

Also avoid checking whether 'tag' is enabled as an action, since this tag
should always be added when applicable.

Next step is creating some sort of Watcher service that will do
everything on its own: check whether the limit was hit, save this
information, and tag the action later.

Bug: T265370
Change-Id: I90319a658736fad7d564cb51152061709c230411
2020-10-13 16:05:18 +00:00
Daimona Eaytoy 45d80bc7e5 Clean up view classes
- Depend on a generic IContextSource rather than SpecialAbuseFilter
  (lower coupling);
- Inject a LinkRenderer (IContextSource doesn't have a ::getLinkRenderer
  method)
- Add a helper method in SpecialAbuseFilter to get the page title, that
  can also be used elsewhere (and the name constant can be made private
  now)
- Pull down the mFilter property (and rename it to just 'filter') to
  classes that actually need it. Some classes didn't need this at all
  and the types were different among subclasses

Now the only cause of coupling between the View classes and
SpecialAbuseFilter is the static call in getTitle.

Change-Id: I3df0c3a7621f0cc9a64a16b0a402a15aae2d5d73
2020-10-13 10:38:43 +02:00
jenkins-bot 95766762c4 Merge "Migrate a few hook handlers to DI" 2020-10-13 08:36:27 +00:00
jenkins-bot 3e61e886ba Merge "Add an AbuseFilterPermissionManager service" 2020-10-13 08:36:25 +00:00
jenkins-bot 51ce0bacf6 Merge "Delegate some switch cases to the parent in GlobalAFPager" 2020-10-12 10:13:25 +00:00
Matěj Suchánek 7ef2259228 Migrate a few hook handlers to DI
Bug: T261067
Change-Id: If699917c3d2e9e22525c7d0495554e25f6b45125
2020-10-10 17:23:04 +00:00
jenkins-bot 42525e4d5a Merge "Cleanup filter id handling on Special:AbuseFilter/history" 2020-10-10 12:28:05 +00:00
Daimona Eaytoy 2026e3ac3a Add an AbuseFilterPermissionManager service
This service should act as a mediator between the AF code and the
permission manager, and it should know what are the permissions required
by each action.

Change-Id: Ieb177d9992147b11fa7b8f05929da6c182cc2286
2020-10-10 14:03:29 +02:00
jenkins-bot f1de9145f5 Merge "Remove sorting by user from Special:AbuseFilter/history" 2020-10-10 11:58:54 +00:00
Matěj Suchánek d91ddd2169 Cleanup filter id handling on Special:AbuseFilter/history
In particular, the interface shouldn't generate links to
"Special:AbuseFilter/history/0" (AbuseFilterHistoryPager::getTitle,
can be seen when visiting "Special:AbuseFilter/history").

Change-Id: Id3dc1bb4fc3c5e853603bf0ec04a6b1751f7d862
2020-10-10 11:40:46 +00:00
Daimona Eaytoy f0539e0c1e Represent new filters with null instead of 'new'
PHP is not strongly typed, so it's not a good idea to use scalars of
different types (here it's an integer vs the string 'new') to represent
different possibilities. This can have bad effects when type juggling
occurs, and it's also harder to figure out what the type of the
parameter can be (because a numeric ID might have been passed as a
string). Using integer vs null avoids all of this, and also allows us to
use nullable typehints.

These changes were partly copied from
If981cb35bf19a8469aa6c43c907e107cf8c65bc2 and should help with the
migration to the Filter value objects.

Change-Id: I8837d46c3c33761fea53f67b530b721dc7bd49b0
2020-10-10 12:23:50 +02:00
jenkins-bot c0defc1055 Merge "Add a new FilterProfiler service" 2020-10-10 10:08:58 +00:00
jenkins-bot f4570e232d Merge "Hide filter group selector when filter selector is hidden" 2020-10-09 23:02:04 +00:00
jenkins-bot da3bfa3314 Merge "Reduce dependencies of AbuseFilter::saveFilter" 2020-10-09 14:58:30 +00:00
Matěj Suchánek 826f03d928 Remove sorting by user from Special:AbuseFilter/history
This feature didn't work and even if we fixed it as suggested
in the task, it would still be bogus. For deterministic paging,
the afh_user_text field should be in an index together with
another field(s). But currently it's indexed alone.

By the way, the indexes on abuse_filter_history should be fixed
anyway. Special:AbuseFilter/history also allows filtering by
filter/user which require index on the fields. They are present
but are not composite, so either the sorting is done
inefficiently without an index or there is a fullscan.

Also remove the getIndexField override. TablePager knows best
what value can be used there, we don't really have to override
it.

Bug: T204210
Change-Id: I7335f82c917a1d219fd7f0999da5b62433f14bd8
2020-10-09 15:41:19 +02:00
Matěj Suchánek 2c650f7710 Hide filter group selector when filter selector is hidden
This was a means to bypass the limitation to filter by
triggered filter (for example, when a group contains
a single filter).

Change-Id: Icd7b0b64ff16b4ce26f4d52ad9d9abce62972e60
2020-10-09 13:33:13 +00:00
Daimona Eaytoy 9f2906e34b Reduce dependencies of AbuseFilter::saveFilter
This patch removes the dependency of saveFilter on the ContextSource
kitchen sink. It also removes some unneded dependency, and adds
$originalRow/$originalActions as parameter, rather than hacky properties
in $newRow that are easy to forget. The related test can also be greatly
simplified.

This also introduces a behaviour change: checking $newRow instead of the Request allows us
to account for values normalization done in
AbuseFilterViewEdit::loadRequest, and to also work correctly for imports
(and generally speaking, it makes the method suitable for an
AbuseFilterEdit API module, too).

Next step is moving this method to a service. Some signatures,
indenting, name choices etc. are subpar, but this is just because these
methods are temporary anyway.

Bug: T213037
Change-Id: I235b928d7b9c2ef1c46ea0bf3e3ed212500b4161
2020-10-09 11:52:02 +00:00
jenkins-bot 73d6544bc6 Merge "Avoid array_filter on explode()" 2020-10-09 07:49:24 +00:00
jenkins-bot f2648afb15 Merge "Prevent cache pollution in fetchAllTags and clean up" 2020-10-08 18:02:21 +00:00
Daimona Eaytoy 7a1d6dbdbb Avoid array_filter on explode()
The array_filter is likely meant to empty the array if the empty string
was exploded ( `explode( "\n", '' ) === [ '' ]` ). However, it can also
remove other stuff, e.g. the string '0'. An explicit comparison is
easier to read & interpret, marginally faster, and avoids rare but not
impossible edge cases.

Change-Id: Ie77d65b56319664a2ac370f32341dc72b619a635
2020-10-08 18:56:27 +02:00
Matěj Suchánek 9e6bc2f4ee Move log formatters to a separate directory and namespace
This will clean up the includes/ directory a little.

Change-Id: I61adacf32257bb2402a272b60b52b69505d981c5
2020-10-07 16:25:38 +02:00
Matěj Suchánek b7cda4de4c Prevent cache pollution in fetchAllTags and clean up
Previously, the cached value would depend on the tags
parameter to be updated. The provided value may be
different for each call, so callers may receive
unexpected values.

For example, while core usually calls this with core-defined
hooks, our method AbuseFilter::isAllowedTag calls this
providing an empty array. If core's call happened shortly
after ours and hit cache, its array would be overwritten
with only AbuseFilter's tags, the rest would be lost.

Also do some clean up:

- only call array_filter on explode'd array
- call array_unique on the value, since it's usual that
  multiple filters share the same tag

Noticed when thinking about moving this to a service.

Change-Id: I4f4322e80ec89e48458a3bf46a1146863bec8237
2020-10-07 15:20:41 +02:00
Daimona Eaytoy 58538103c9 Delegate some switch cases to the parent in GlobalAFPager
af_actions and af_hidden are treated in the same way, so avoid
duplicating that code. Some of the remaining cases are also quite
similar (although not identical), so we might want to merge them in the
future.

Change-Id: I1b48502e077e58eb9ff459326bba18bb1d127242
2020-10-07 12:46:52 +02:00
jenkins-bot 1b0fa6bc6e Merge "Remove useless param to wfMessage" 2020-10-06 11:21:14 +00:00
jenkins-bot b0e68af5f5 Merge "ViewEdit: account for empty actions in imported data" 2020-10-06 09:34:30 +00:00
Daimona Eaytoy 11d922d1bd Remove useless param to wfMessage
Copying my investigation from I8c93e2ae7e7bd4fc561c5e8490ed2feb1ef0edc2:

This code was introduced in 2009, see rEABF0f1eb8db78bfa83ddb93427f39aad619523d8f25:

  $display = wfMsg( "abusefilter-action-$action" );
  $display = wfEmptyMsg( "abusefilter-action-$action", $display ) ? $action : $display;

And wfEmptyMsg looked like this:

  function wfEmptyMsg( $msg, $wfMsgOut ) {
    return $wfMsgOut === htmlspecialchars( "<$msg>" );
  }

so this made sense. But then, in 2010 (rMWae3ced88e535c7fd046f0ad6f0710cc87f0004ea) the function was changed:

  function wfEmptyMsg( $key ) {
    global $wgMessageCache;
    return $wgMessageCache->get( $key ) === false;
  }

without anyone removing the parameter from AbuseFilter.

Finally, in 2012 (rEABF176227e721c9475de2c2163d3b6e20ca4769c406) the usage of wfEmptyMsg was removed, and $display became a parameter to wfMessage().

Long story short, no need to pass that parameter.

Change-Id: Iad875f0c0ab5aaa06c795232638f52e9ca62786e
2020-10-05 23:39:23 +02:00
jenkins-bot 2cdec2473e Merge "Actually apply patch-afl_change_deleted_patrolled." 2020-10-05 08:15:48 +00:00
jenkins-bot 2e1afd5a51 Merge "Add test traits for uploads and account creation" 2020-10-05 07:49:38 +00:00
Daimona Eaytoy bc9898f1a1 Add a new FilterProfiler service
Change-Id: Ib66c42ac220731f4e1da9ee6cfb5290759dd6494
2020-10-04 22:00:57 +00:00
jenkins-bot b45c9205e9 Merge "Add tests for retrieving RC variables" 2020-10-04 13:38:32 +00:00
Daimona Eaytoy 6c8a29698b Add test traits for uploads and account creation
Ideally, this might live in MediaWikiIntegrationTestCase. For the
createaccount one, AuthManager should also provide a method to log the
creation, because currently we are forced to copypaste that code here.

 - Add the missing tests for 'upload' in RCVariableGenerator, and adjust
the existing ones (delete file afterwards, more tablesUsed, use the
right extension).

 - Exclude from the coverage report a couple of lines which should
theoretically be unreachable. Escalate logging to WARN level, where it's
more likely to be spotted.

 - Remove an unused method (RCVariableGenerator::newFromID). This denies
   the need to maintain and cover it. We also don't want this generator
   to act as a factory.

Overall, this change brings the coverage for RCVariableGenerator to 100%

Bug: T201193
Change-Id: I425c3d9f6800f74eb6e4eda483b90cfb3bbbcb51
2020-10-04 13:16:58 +00:00
jenkins-bot 9530684878 Merge "Use null defaults for search options on Special:AbuseFilter" 2020-10-04 12:56:14 +00:00
Daimona Eaytoy 2e13d58c74 Add tests for retrieving RC variables
This was also long overdue. Also fix a bug that caused page creations to
not be shown when examining past edits (using rc_last_oldid doesn't work
for page creations).

Bug: T201193
Bug: T262903
Change-Id: I5f7a994add12332c950904146248c5de7c2beee5
2020-10-04 12:43:04 +00:00
Matěj Suchánek eb81b92c06 Refactor AbuseFilterView instantiation
- Make a separate method which determines the view
  to be shown from subpage syntax and test it.
- Reduce circular dependency between SpecialAbuseFilter
  and AbuseFilterView. Use params to transfer information
  to views.

Change-Id: Ib9442ea5f9990a5c48f9b9e04055aa22bf7e456e
2020-10-04 13:15:04 +02:00
Daimona Eaytoy f8c525fc52 Minor updates related to var dumps
- Include an attempt to restore the dump in case the text table
   contains a truncated dump (not 100% sure that this can really
   happen, nor do I know the cause, but it shouldn't hurt)
 - Remove a check for 'action'. The variable might be missing in case of
   a corrupted dump. Having an array at that point can only mean "new
   format".
 - Don't assume that old_wikitext and new_wikitext are set when showing
   past filter hits (again, might be unset due to data corruption).

Bug: T264513
Change-Id: I7510d28fc3f43f985a1283e23b413f07adfe7921
2020-10-04 01:18:14 +02:00
Daimona Eaytoy 04d735117f Use ::class in SpecialAbuseFilter
This is a simple change but with tons of benefits:
 - Easier to track usages for IDEs
 - Easier to understand in static analysis (phan)
 - Can be analyzed by phpda
 - Ensures no typos
 - These classes can be namespaced without affecting readability here

Change-Id: Ic04d19dfbe9184baf2ef4bac53011521e2e44953
2020-10-02 12:55:19 +02:00
Matěj Suchánek ce41ddb85b Remove void unset statement
The key isn't set in the above declaration.

Change-Id: If256acc85913fca10062d00e46092e298b6553f7
2020-10-01 15:01:06 +02:00
Daimona Eaytoy 752492c2ba Use null defaults for search options on Special:AbuseFilter
- Use null instead of empty strings
- Check the mode, and not the pattern, to decide whether the user
  searched for something
- The call to parent::__construct can now be moved up
- Note in a comment how this code is problematic due to "smart"
  constructors
- Avoid caching the headers, as that's not going to work anymore.

Change-Id: I420ab0215d53354a67d9d130ebd8d85dfbd2778b
2020-10-01 13:35:36 +02:00
jenkins-bot edb1c5289a Merge "Integrate with Renameuser" 2020-10-01 11:33:08 +00:00
Matěj Suchánek 65708afcea Integrate with Renameuser
Register abuse_filter and abuse_filter_history tables.
abuse_filter_log is more difficult (if possible).

Bug: T27377
Bug: T206477
Change-Id: If8289101a08887519d5a90ef84700421b8ed2406
2020-10-01 08:10:22 +00:00
Matěj Suchánek f851b529b3 Deduplicate instance variables in Pagers
These have been saved in the parent class for quite some time.
Refactor accessors in method overrides.

Change-Id: I9819caa5ab87ac3a8e47efb32b00d89c3e2a61af
2020-10-01 08:05:49 +00:00
jenkins-bot fa412f4e7e Merge "Rewrite the VariableHolder code to translate deprecated variables" 2020-09-30 09:10:37 +00:00
Daimona Eaytoy 1bdf4e5351 Rewrite the VariableHolder code to translate deprecated variables
The current code was more of a subpar, temporary solution. However, we
need a stable solution in case more variables will be deprecated in the
future (T213006 fixes the problem for the past deprecation round). So,
instead of setting a hacky property, directly translate all variables
when loading the var dump. This is not only stable, but has a couple
micro-performance advantages:
 - Calling getDeprecatedVariables happens only once when loading the
   dump, and not every time a variable is accessed
 - No checks are needed when retrieving a variable,
   because names can always assumed to be new

Some simple benchmarks reveals a runtime reduction of 8-15% compared to
the old code (8% when it had varsVersion = 2, 15% for varsVersion = 1),
which comes at no cost together with increased readability and
stability. It ain't much, but it's honest work.

Change-Id: Ib32a92c4ad939790633aa63eb3ef8d4629488bea
2020-09-29 15:06:14 +00:00
jenkins-bot 32baa3a166 Merge "Hide rule search if global filters are to be shown" 2020-09-29 14:18:17 +00:00
jenkins-bot 7a684c487c Merge "Move some misplaced AbuseFilterParser entry points" 2020-09-29 13:51:17 +00:00
jenkins-bot 261e551856 Merge "Fix check for central wiki" 2020-09-29 13:25:03 +00:00
Matěj Suchánek aa7f381bca Fix check for central wiki
It should be the other way around.

Change-Id: Ia55c70a9f5ac17d791352899ee0d38c4969ea6dd
2020-09-29 12:59:34 +00:00
Matěj Suchánek 86ad51a57a Hide rule search if global filters are to be shown
When the user selects to see global rules and it's a remote wiki, hide the rule search field. (Note that the list of search modes needs to listen to this setting as well.)

This was discussed during reviewing I0771fa048.

Also move local/global filters setting to the top as it's more important than that for disabled and deleted filters (which will both stay together).

Change-Id: I0912aa1f5d7a5d75e6ae5a2a3362b8d38260c611
2020-09-29 13:49:11 +02:00
Daimona Eaytoy 55ba083b13 Introduce a KeywordsManager service
This will decouple a bit the huge and chaotic tangle of AF classes. Some
boilerplate code for AbuseFilter services is also added with this patch.

Note that this requires injecting a KeywordsManager in
AbuseFilterVariableHolder, or unit tests would fail. This is still
incomplete, and the Manager is only injected in tests, because
VariableHolder still has to be refactored.

The test for the UpdateVarDumps script had to be updated, because
serializing VHs in there was a bad choice. As pointed out in a comment,
the test is likely going to break again once we remove the BC code, but
I hope that we'll be able to remove the test at that point.

Change-Id: I12a656a310adb8c5f75cab63f6db9e121e109717
2020-09-28 23:03:52 +00:00
Daimona Eaytoy a1626a0d7f Move some misplaced AbuseFilterParser entry points
These methods had no reals reason to be static and belong to the
AbuseFilter class. Most of them were moved to Parser class as common
variations of the existing entry points. One was specific to the
EvalExpression API module and was moved there.

This change comes at no cost, and will make it possible to inject a
parser where needed.

Change-Id: Ifd169cfc99df8a5eb4ca94ac330f301ca28a2442
2020-09-29 00:36:08 +02:00
Daimona Eaytoy 8fa9e6625a Add tests for 'upload' action
This adds some coverage for the *VariableGenerator classes. It's still
not perfect, but something to start with in sight of future
refactorings.

Bug: T201193
Change-Id: Iafa85fb8623ea278ce6e42118df72751806382c2
2020-09-28 11:53:53 +00:00
jenkins-bot f07f7348ee Merge "Move link to /import in a button on ViewList" 2020-09-27 08:50:58 +00:00
Matěj Suchánek 5fcb826519 Hide rules search options if the pattern is empty
This reduces the consumed space if the user is not going to search through filter rules.

Change-Id: Ic53edeab75f8110871bdf69afc1184ea7d72cee9
2020-09-25 17:47:34 +02:00
Martin Urbanec eeb7ee8cef HookRunner: onAbuseFilterGenerateUserVars should run generateUserVars
Bug: T263750
Change-Id: I23751b78f363f35ca47f9af5c0c70129c838f4c6
2020-09-24 16:40:03 +02:00
jenkins-bot a9309c9921 Merge "Revert "Drop duplicate index wiki_timestamp"" 2020-09-23 11:06:12 +00:00
Daimona Eaytoy 01cc79e1d4 Revert "Drop duplicate index wiki_timestamp"
This reverts commit 6a268e7339.

Reason for revert: Ic1252efe9f96743d9402fa31a7b2dca1f57ff6ae ended up not renaming the index, so this patch removed an index that was still in use.

Change-Id: Ide4a600a57bcfa4da0c7354b972cc89709ccd660
2020-09-23 10:39:19 +00:00
jenkins-bot b6c21df589 Merge "Inject a user into RCVariableGenerator" 2020-09-22 12:10:29 +00:00
jenkins-bot 8e75557ac8 Merge "ViewTools: hide the result box when empty" 2020-09-22 11:59:21 +00:00
DannyS712 801e1f57e5 Inject a user into RCVariableGenerator
Needed in ::addUploadVars

Bug: T263033
Change-Id: Iedde4a39dcc3192616e36a45690a0619efeb7309
2020-09-21 16:15:21 +00:00
Alexia E. Smith 422b77ab0e Actually apply patch-afl_change_deleted_patrolled.
This fixes the abuse_filter_log patch-afl_change_deleted_patrolled
not being applied. The patch is provided for (and should work with) all
the supported DBMS.
Additionally, fix the base table files, which would report
afl_patrolled_by as 'NULL', whereas on the WMF cluster it's 'NOT NULL
DEFAULT 0'. The schema patch takes care of converting that column as
well.

Note that this schema change needs not be applied on the WMF cluster, as
that's already up-to-date.

Finally, note that this patch must be backported to 1.33 and 1.34 (and
it might be fairly hard due to the recent schema changes on the
abuse_filter_log table).

Bug: T240895
Change-Id: Ibdbc9b50c25b9e871ebdeae93a54d10877b585f8
2020-09-21 14:52:22 +00:00
jenkins-bot ed160a69a7 Merge "Let sysops see difflinks to deleted revisions on Special:AbuseLog" 2020-09-20 14:44:16 +00:00
jenkins-bot 6140d688f7 Merge "parser: Add a BC option to get DNULL for unset variables" 2020-09-20 13:58:27 +00:00
Matěj Suchánek 4605baa289 Let sysops see difflinks to deleted revisions on Special:AbuseLog
Bug: T261630
Change-Id: I01eeecea28cbd3520702155860b340ea673bab0d
2020-09-20 15:41:12 +02:00
Daimona Eaytoy c1b4f1084c ViewTools: hide the result box when empty
The <pre> element is now hidden with CSS, and is only shown after the
user clicks the "Eval" button.
Moreover, make the button primary and progressive, as to indicate that
it activates the primary function of that page.

Bug: T253492
Change-Id: I300ce6ec0a84ea73025a5af9173024df7c291e03
2020-09-19 12:37:06 +00:00
Matěj Suchánek f1ecdd4aff Inject PermissionManager to SpecialAbuseLog
Change-Id: I1c80490567ac2d9f716c988ebdad6b59cf28aa06
2020-09-18 23:22:11 +00:00
jenkins-bot f1ab4a1777 Merge "Cleanup abuse log code and join it with revision" 2020-09-18 23:05:37 +00:00
Daimona Eaytoy f8c9b8fa36 Move link to /import in a button on ViewList
We have many topnav links, and future patches may add others (e.g.
Ia5fd4f0b35fcabf045a7b49fa40fa85b72c92544). The "import" feature is
probably the less used, and is also pretty similar to creating a new
filter.
Thus, remove its link from the topbar and move it to a button next to
the "Create a new filter" button.
Note that the old message is reusable, and thus it should be moved on
translatewiki after merge.

Change-Id: I52042d62b2bab7e4a1e9bbc027e7de5addec8157
2020-09-18 14:59:00 +00:00
Daimona Eaytoy 8a7a576cb0 ViewEdit: account for empty actions in imported data
Empty actions are JSONified as [], not {}, hence they're not objects.

Bug: T252181
Change-Id: Ieb5e315ad87bd3a489ade26f5f0dd202810ae896
2020-09-18 14:52:43 +00:00
Daimona Eaytoy e5746bbb0e parser: Add a BC option to get DNULL for unset variables
While checking a filter, if a variable is not set (e.g. added_lines for
an account creation), the VariableHolder will return a DNULL, rather
than a DUNDEFINED. This means that some filters will resume working, and
the WMF servers will stop getting AF warnings at a rate of 4 millions per
day. This also requires adjusting some tests to reflect the new
behaviour (which is actually the OLD behaviour, that filters had until
last year when we introduced the DUNDEFINED data type). It also requires
adjusting a check in the old parser, but that's not really relevant
because the plan is to remove the old parser before 1.36 is released
(see I0e75f334c7e0dfc1239f2e5f5f7d7452b0bbf29e).

Bug: T230256
Change-Id: I4d06303047397674c1edbfc32628f1bc83ac3340
2020-09-18 15:05:58 +02:00
jenkins-bot 36a0f41873 Merge "Add separate abusefilter-log-search-filter-help-central message" 2020-09-18 07:55:02 +00:00
DannyS712 a75e01dcb6 Add separate abusefilter-log-search-filter-help-central message
On the central abuse filter wiki, show a different help message

Bug: T238510
Change-Id: I7f60e279f0301b1636e19a31535cb3bac87c241a
2020-09-17 23:50:35 +00:00
Umherirrender bd45434102 Add MessageLocalizer to AbuseFilter::getActionDisplay
Avoid global state when parsing messages

Change-Id: Ib65182f6d41430fb87337082a16b8006a73fe95d
2020-09-17 22:45:52 +02:00
jenkins-bot 3f8e61b42f Merge "Allow Blockautopromote duration to be configured for wikis." 2020-09-17 17:53:06 +00:00
DannyS712 bf74fd0c23 Allow Blockautopromote duration to be configured for wikis.
Rather than always using 5 days, the length (in days) can be configured by setting
`AbuseFilterBlockAutopromoteDuration` to the desired length.

Bug: T231756
Change-Id: I996e08a9099ab59657fe511ec2934d26edfa5c7b
2020-09-17 17:19:00 +00:00
Matěj Suchánek 02962b9665 Cleanup abuse log code and join it with revision
This is an intermediate step for better "diff" links
on abuse log. With this first change, only links
to existing revisions are shown.

Change-Id: Ib420d46fd34dc38d8c7fd3d511a905738e49db0b
2020-09-17 16:36:31 +02:00
jenkins-bot 12586812c2 Merge "Hide "User:" prefix from autopromote log entries" 2020-09-17 11:26:57 +00:00
jenkins-bot 6bf5e2ce6f Merge "Standardize the order of options in dropdown filters for search" 2020-09-17 11:26:55 +00:00
Matěj Suchánek cba29fe85b Hide "User:" prefix from autopromote log entries
Bug: T247173
Change-Id: I40aa888bc45d8274d03eb7ead7bedaf1d087fb1c
2020-09-17 12:12:00 +02:00
DannyS712 9c1868d55e Update hook calling to use new HookContainer
Bug: T254306
Change-Id: Ic5c82a367e34135bbc0f00ece5aeef4f2d92881b
2020-09-17 10:05:45 +00:00
jenkins-bot 001d8b92fb Merge "Hardcode 'abusefilter-view' right when adding CU log entry" 2020-09-15 11:16:33 +00:00
jenkins-bot 91f4a1e5a8 Merge "AbuseFilter: Remove duplicate filter log link" 2020-09-15 01:44:59 +00:00
proc 3e5b9f18fd Hardcode 'abusefilter-view' right when adding CU log entry
Bug: T255506
Change-Id: I397e1160d0fee28873ff73404fefa8edd08652ac
2020-09-15 01:20:12 +00:00
DannyS712 1601bbf0f6 Reduce direct references to $wgUser
Bug: T246733
Change-Id: I2c919fcb01476e8299e15046789023b42cccc6ee
2020-09-13 22:49:46 +00:00
C. Scott Ananian 1bd6f2aa94 AbuseFilterViewEdit: only invoke Language::filterNum on a numeric string
Bug: T237467
Change-Id: I9dcbe91fa926dba1cfd24d9bf075ee1ebef36b9e
2020-09-09 01:38:20 -04:00
Umherirrender f932ba8328 Use LinkBatchFactory in Special:AbuseLog
Change-Id: I2ccf9cd36475a65e61ad0e80ec159f841849089f
2020-09-06 09:31:49 +00:00
Ammar Abdulhamid 679c777c33 AbuseFilter: Remove duplicate filter log link
For history action, the link would be already added by
HistoryPageToolLinks hook, so it should not be duplicated by this hook.

See images on https://phabricator.wikimedia.org/T261087#6430172

Change-Id: Ia8dd5be49d3ffb48f298ea287e0b2f98c3052015
2020-09-03 17:55:42 +01:00
jenkins-bot 03f1190bf9 Merge "SpecialAbuseLog: Add redirect=no to page link" 2020-08-31 06:34:01 +00:00
jenkins-bot 08f68c77c2 Merge "Use LogFormatter::getLinkRenderer in AbuseLogHitFormatter" 2020-08-29 00:23:40 +00:00
Umherirrender 64ef0fe00c Use LogFormatter::getLinkRenderer in AbuseLogHitFormatter
Available since 1.30

Change-Id: Ia5e0d5561692f78ac91feca5dddcb67d2809a9ba
2020-08-29 00:03:26 +00:00
DannyS712 f06a632c3d SpecialAbuseLog: Add redirect=no to page link
Bug: T247615
Change-Id: Ifa8f7b949336ae735fd0067dbc2dec15748be7cf
2020-08-28 23:19:54 +00:00
DannyS712 bf0ed6d631 Fix abusefilter-log-cannot-see-private-details
Should be privatedetails, not private-details

Change-Id: I58d8f0ce760e92739876cc783b8dd4258965cd1e
2020-08-28 21:29:37 +00:00
jenkins-bot e5cefc7d18 Merge "Hard-deprecate a few methods in the AbuseFilter class" 2020-08-25 23:48:33 +00:00
Daimona Eaytoy f673a04026 Add updateVarDumps to update.php
This shouldn't happen before the script has been tested thoroughly on
WMF wikis with --dry-run.

Bug: T213006
Change-Id: I51425c85bd6932a5c60eb870b02195aae1c24117
2020-08-25 12:49:00 +00:00
jenkins-bot 14be09701b Merge "Use $user param when filtering edits" 2020-08-20 07:10:52 +00:00
Daimona Eaytoy 28ea0e525a Use $user param when filtering edits
This can be different from the User set inside the $context object, as
seen e.g. in Wikibase jobs. Given that the hook provides a $user param,
it makes more sense to use that, rather than extracting it from the
ContextSource kitchen sink.

Bug: T258717
Change-Id: Ib5961068d3df6ae2bfc3f9c6a7b9e555d248b332
2020-08-19 14:24:57 +02:00
Daimona Eaytoy 5faea5ee58 Add BC hack for some 2009 AbuseLog entries causing a fatal error
Some AbuseLog entries from 2009 are missing the 'timestamp' parameter
used to compute the old wikitext of the page. This was only used for a
short amount of time before
https://phabricator.wikimedia.org/rEABFd1d27eede6536067c5180b2515ea937d71525d4d.

Nowadays, it's causing a fatal error when we try to migrate the affected
entries, see T246539#6388362.

Since we only have a Title available, we cannot rebuild what the old
wikitext would look like, so a placeholder text is used (this should
hopefully be clearer than showing an empty string).

Bug: T246539
Change-Id: I5230f2fdc84da121728a5a75da458f1a4ef1ecd3
2020-08-19 12:37:40 +02:00
C. Scott Ananian a135c2f4da Remove calls to ParserOptions::setTidy()
ParserOptions::setTidy() was already a no-op in MW 1.35, and
AbuseFilter already requires MW >= 1.35 in extension.json.
ParserOptions::setTidy() was deprecated in MW 1.35 and will be removed
in a future release.

Bug: T198214
Change-Id: I269e829cf1f33e233bfcf7f95388e041180c2556
2020-08-12 23:39:36 -04:00
Umherirrender e10b7e4208 Fix broken PHPDoc comments not starting with /**
Change-Id: Id9579ad6ca4dc75921e8fd4aaaccdffd530c2e35
2020-08-09 01:04:29 +02:00
Timo Tijhof 314a1f419f Avoid use of unfiltered 'getTraceAsString' in debug logs
These render string arguments with potentially sensitive information
that we don't want to store in debug logs. Use the standard
'exception' field instead per T233342, letting the central
logic be in charge of creating 'exception.trace' with the normalised
trace rendering and filtering logic we have there.

Bug: T233342
Change-Id: I4620f36229fd5076b4370d20149c890030bf4c64
2020-07-23 22:41:27 +01:00
proc a31f4e46af
Strict type comparison
Bug: T248806
Change-Id: I039ab7f103bb37052987b815412b71f70643a6d2
2020-06-27 15:55:57 +01:00
Huji Lee b523b71fc3 Standardize the order of options in dropdown filters for search
Any should always be the first choice. Other/None should always be
the last choice. The rest of the choices come in between and should
be sorted alphabetically.

Also capitalize the first letter of "None" for filtering logs down
to those in which no action taken. This makes the options uniform.

Bug: T255533
Change-Id: Id106bbc352531437af95a303b7dcf32e44383f95
2020-06-25 19:01:16 +00:00
Daimona Eaytoy 3d06e2d165 Hard-deprecate a few methods in the AbuseFilter class
All usages fixed, see https://codesearch.wmflabs.org/search/?q=AbuseFilter%3A%3A(generate%7CgetEditVars)&i=nope&files=&repos=

Depends-On: I49c635efbe46820e6340f64504f3bc417b78dde3
Change-Id: I45d11b2b015f4abf1ec9cedd14355f9c1c049bba
2020-06-23 14:48:42 +02:00
Ostrzyciel 99e2766f26 Update PageSaveComplete hook to use EditResult
Bug: T254074
Change-Id: I3922d9a92242c9a6469058a2a2c2a95891e9e429
2020-06-23 14:25:38 +02:00
Umherirrender c55a12993d Handle null from VariableGenerator::getVars in AbuseFilterViewExamine
Bug: T255633
Change-Id: I94ce4303d9250b84181b1cb230e680c2351d887b
2020-06-17 19:42:58 +02:00
DannyS712 4b35336638 Update hooks to use PageSaveComplete
Extension requires MW 1.35+, always available

Bug: T250566
Change-Id: I60cf3cc42db989d8ccb0d06d3cf9eae8a85784ac
2020-06-16 04:18:39 +00:00
Daimona Eaytoy 6a268e7339 Drop duplicate index wiki_timestamp
For MySQL it was renamed Ic1252efe9f96743d9402fa31a7b2dca1f57ff6ae, but
the old index isn't being deleted, hence creating a duplicate.

Change-Id: I09b9f64759f6a897c393caa77458d63995d5713b
2020-06-12 19:34:41 +02:00
Umherirrender 6e2d7931a5 Pass function name to database functions
Useful for logging

Change-Id: Ib6b3ad814dd24d31aab37be486ff32d3f57c7905
2020-06-07 01:54:41 +02:00
jenkins-bot 1f72bc838c Merge "Do not abuse RCDatabaseLogEntry" 2020-06-05 12:08:05 +00:00
Umherirrender 82f549bed9 Do not abuse RCDatabaseLogEntry
When using RecentChange::getQueryInfo() it should be used to instance a
RecentChange class
RCDatabaseLogEntry is only useful in context of LogFormatter

This is a breaking change for the hook variable,
but "RC entry" refers more to the RecentChange class than to the
RCDatabaseLogEntry class

Change-Id: I3af1e42594f8235be815ce38e3411c762ae01092
2020-06-04 21:28:23 +00:00
libraryupgrader ef7f867f35 build: Updating mediawiki/mediawiki-phan-config to 0.10.2
Additional changes:
* Removed phan-taint-check-plugin from extra, now inherited from mediawiki-phan-config.

Change-Id: Ib63be75df4bfdbd2c5b97de5f80dbec715108c01
2020-06-02 21:33:38 +00:00
Daimona Eaytoy b9346a3eba runner: Improve blocking methods
This is necessary for future improvements.

Bug: T234164
Change-Id: Ia334cdc84ac1408ad72ffd8c87c958ae7deebb54
2020-05-28 18:42:31 +00:00
Daimona Eaytoy 61efc9ad87 runner: Move the filtered action to a class prop
Change-Id: I4d7666f5e2a5df0e0ed8d38855cbd32c8518a28f
2020-05-28 16:17:34 +00:00
Daimona Eaytoy 8d435ee463 Make the form on Special:AbuseLog collapsible
The form is now collapsed by default, as that seems to be the most
common way to do that.

Bug: T252584
Change-Id: Ie3fa3d2858519e6bc03854a12f90f76a684e7648
2020-05-14 18:56:53 +00:00
DannyS712 4844bfe26a Use ParserOptions::newFromUser() instead of relying on global $wgUser
Bug: T246861
Change-Id: Ie304f962c8d1e23c897e87471990db85a7d909de
2020-05-11 14:27:36 +00:00
Reedy 7a2373f7d8 Remove some SQLite specific files
Bug: T251613
Change-Id: Ic1252efe9f96743d9402fa31a7b2dca1f57ff6ae
2020-05-04 17:50:18 +00:00
jenkins-bot b118fd50dc Merge "Improve var dumping in /details, /examine and /tools" 2020-04-29 20:00:54 +00:00
DannyS712 1b65bd1862 Remove a remaining use of Revision objects
Remove use of Title::getFirstRevision and Revision::getUserText

Bug: T249393
Bug: T250579
Change-Id: I0f77b124a0c7de1dec6baf4c997e0997ecdd55f8
2020-04-23 18:39:20 +00:00
Daimona Eaytoy 1d6b9f6617 Add new methods for checking DUNDEFINED recursively, use them
The problem is explained at T250570#6068702; basically, the previous
check didn't account for DUNDEFINED nested deep inside arrays.

Bug: T250570
Change-Id: Iacee2db54ca00108de6339bb3dae70af7e2eeb56
2020-04-19 13:58:14 +02:00
Aaron Schulz 6375287964 Cleanup unique keys parameter to IDatabase::replace() calls
Bug: T248147
Change-Id: Ic355dece67eda323e5c6129ef4d1275c1235fb9a
2020-04-17 15:10:27 -07:00
Daimona Eaytoy 4c98aecf4d Improve var dumping in /details, /examine and /tools
Using var_export for better visual effect, especially for arrays.
The result from /tools is much clearer and the 'wrong syntax' message is
a bit more explicative than before.

Bug: T190653
Bug: T239972
Change-Id: I79a17305c7f19f7900f896f895e9365bb5f2fd58
2020-03-28 17:35:43 +01:00
DannyS712 25fd11f7ac Use lowercase for primitive type 'string'
Change-Id: I65d322ffbed399fddb1fbf3cb25272e812171a46
2020-03-20 16:00:05 +00:00
ArtBaltai 096fe88993 Replace usage of deprecated Page in favor of WikiPage/Article
Use Article instead object/Page
delete deprecated unused method

Bug: T239975
Change-Id: Ic3c8e3bee66c63177f51621bf727029a87b51105
2020-03-19 04:03:15 +03:00
Daimona Eaytoy cd1a8efb90 Minor fixes for the updateVarDumps script
- Increase batch size to 500
- Add an option to print progress markers
- Fix some bad logic which caused some JSONified data to be stored in
the text table without checking (and respecting) old_flags. This caused
some errors on the beta cluster.

Additionally, add a return typehint to AbuseFilter::loadVarDump to make
sure that errors are caught asap. Not only there's no apparent way that
loadVarDump can return an array, but most code is already using the
result as a VariableHolder, unconditionally. This is probably another
leftover from the past.

Bug: T213006
Bug: T246539
Change-Id: Iaebd28badb70d27693fa809cad4db956881e3e5e
2020-03-03 18:31:52 +00:00
jenkins-bot 76f8cb0ced Merge "Add fixOldLogEntries to update.php" 2020-02-28 18:35:01 +00:00
jenkins-bot 7e66b01cf3 Merge "Factor out get(Local|Global)Filters methods" 2020-02-27 20:33:56 +00:00
Daimona Eaytoy c9a4146f2c Add fixOldLogEntries to update.php
Already done in WMF production, see T228655.

Bug: T208931
Change-Id: Id477387d1607e263a6bf054060dc6dd440e88467
2020-02-27 18:19:50 +00:00
jenkins-bot 08c0a3f482 Merge "ViewEdit: add af_id to the row" 2020-02-26 16:53:35 +00:00
jenkins-bot b28e9e8c1f Merge "Start using new format for var dumps" 2020-02-26 16:51:02 +00:00
jenkins-bot 22adab7159 Merge "Stop using the Revision class" 2020-02-26 16:47:37 +00:00
Daimona Eaytoy f454e60e83 Start using new format for var dumps
Migrating old log entries is I22cf698c5be77506727cbd227c67e037a5d89b5c.

Bug: T213006
Change-Id: I3242acd5c5163a941f584d6119e3ad3b3cad8c29
2020-02-26 16:03:38 +00:00
jenkins-bot 8de3ecdb89 Merge "Replace usage of deprecated Page in favor of WikiPage/Article" 2020-02-26 15:49:19 +00:00
Daimona Eaytoy 518c176754 Stop using the Revision class
Change-Id: Ie257c9b1ea94dcadce59f4541d5947465262bd75
2020-02-26 15:39:12 +00:00
Daimona Eaytoy fe28aff82a ViewEdit: add af_id to the row
A PHP notice is sporadically emitted in production, e.g. reqId XlVEMgpAMNAAA6zMVhQAAACV

Change-Id: Ie42d00c6520aa31daf127c5df9515a3ab01d986f
2020-02-26 15:27:54 +00:00
Daimona Eaytoy b9a1e86245 Remove old number syntax
Bug: T212730
Change-Id: I7573da1683efc83b5002b8948c97dd7f6658a488
2020-02-25 23:38:19 +00:00
Daimona Eaytoy 1bac110205 Remove dependency on $wgRestrictionTypes
This was used to dynamically generate *_restriction_* variables.
However, it had two big problems:
 - We only have i18n for 'create', 'move', 'edit', and 'upload' (the
 default value of the global); other restrictions would show missing
 messages in various pages.
 - We had to access the global state in various points.

This change also makes some code in AbuseFilterVariableHolder simpler,
and also allows us to make AbuseFilterTest a unit test.

Change-Id: I321ad6e07f8243200af67a581b6e485970efd3ce
2020-02-25 23:17:54 +00:00
jenkins-bot e802e6556d Merge "Add string typehint to $summary in onParserOutputStashForEdit" 2020-02-25 22:56:27 +00:00
ArtBaltai 22925c5344 Replace usage of deprecated Page in favor of WikiPage/Article
Complete WikiPage/Article split and deprecate Page interface
Using actual WikiPage/Article contract

Bug: T239975
Change-Id: I343c3ca2e30715656950cab49c6470061c72b9a0
2020-02-26 01:03:49 +03:00
Ammar Abdulhamid 323fe4666c Draw suppression reason from Revdelete-reason-dropdown-suppress
Bug: T245990
Change-Id: Ic5adcf4e6693cb5b4c849156e54d97cf35b70dee
2020-02-24 14:06:43 +01:00
Daimona Eaytoy aa15267c79 Add string typehint to $summary in onParserOutputStashForEdit
Bug: T245928
Depends-On: I8fa287f335e90a59ac18365e7401a5cf703130a3
Change-Id: Ia075e4bdf3a3f011a181c8026ff1cdb8e186f096
2020-02-22 19:27:05 +00:00
jenkins-bot 76a1be97a4 Merge "Add site name and language variables" 2020-02-10 19:06:01 +00:00
jenkins-bot b6ca1402d0 Merge "Rename addStaticVars and related hook" 2020-02-10 19:03:34 +00:00
Daimona Eaytoy 0d2cab0deb Validate imported data
At the moment there's no validation for import data, so it's totally
possible to insert rubbish in the field, and the code will produce other
rubbish. For instance, it's not so uncommon to see lots of PHP notices
on logstash for ViewEdit code trying to access members of the imported
data as if it were an object.

Change-Id: If9d783f0f9242d3d1bc297572471e62f51ee0e40
2020-02-10 18:41:36 +00:00
Daimona Eaytoy 57415d8a31 Fix PHPNotice caused by missing row fields
Follow-up Ie9aae938cca06e38a7a834a3f74f3e8735ab01ee.

Some fields are actually necessary when the filter isn't saved. This
would cause PHP notices when showing the editor again.

Change-Id: I2b9e0f04b3e8ad4eea8e334e16ee422bb40f0eb5
2020-02-09 13:36:36 +00:00
Daimona Eaytoy d9ae71f578 Add site name and language variables
In T43172 it was told that adding the site name could increase the risk of
attracting more spam, but I don't see how this variable could cause that.

Bug: T240948
Bug: T97933
Change-Id: I1d2aeabaf008ac06798b8d7e4af7d61ae1702776
2020-02-09 14:32:02 +01:00
Daimona Eaytoy 661a77f0eb Rename addStaticVars and related hook
This code was introduced with Iba59fe8d190dd338ecc8cfd682205bce33c9738b
and is unused since then. The name should highlight that those variables are not
supposed to be "static", i.e. immutable. Examples are: timestamp, spam
blacklist, site name, site language. These are not immutable, but rather
"generic", and they're known even without an ongoing action.

Also add an RC row param and update docs.

Change-Id: I402f04585e9154059fc413e527e39dcb8e6b3d7c
2020-02-09 14:29:08 +01:00
jenkins-bot 391bbee53c Merge "Fix some edge cases in ViewEdit" 2020-02-08 16:36:19 +00:00
jenkins-bot c0b58d7699 Merge "Factor out variables-related methods" 2020-02-08 14:42:13 +00:00
Daimona Eaytoy 0834f37e42 Fix some edge cases in ViewEdit
Follow-up Iabd0ae5b18571f8cad44ef2d86bcf2519e7f95ba.

This patch:
 - Moves some save-related code to a separate method
 - Reduces conditionals nesting
 - Fixes an edge case where the content of the form would be
 wiped in case the token didn't match.
 - Adds another (basic) selenium test
 - Standardizes return types
 - Moves data load outside of buildFilterEditor

Change-Id: I89444b59f04c495c9ab59244151c8ed5d38cf0fe
2020-02-08 15:35:46 +01:00
jenkins-bot 430058f2c0 Merge "Avoid keeping superfluous row properties" 2020-02-07 21:26:34 +00:00
jenkins-bot 02cd866f53 Merge "Refactor data load in ViewEdit" 2020-02-07 21:26:32 +00:00
Daimona Eaytoy 3f83e57ad7 Factor out variables-related methods
This is another step needed to reduce the size of the gigantic
AbuseFilter and AbuseFilterHooks classes. It also makes many methods
non-static, for more testability.

Note, this layout is still not final. We should somehow merge the
functionality of VariableGenerator and AFComputedVariable, for which
I already have plans.

Change-Id: I366d598b69ad866496b7cb0059e0835c02e54041
2020-02-07 20:27:26 +00:00
Daimona Eaytoy 1686042a91 Move variable generators to new classes
RunVariableGenerator is for generating variables based on the current
action;
RowVariableGenerator is for RC entries;
VariableGenerator is the generic one.

This patch only moves the methods to the new classes, to keep the diff
easier to read, and facilitate conflict resolution. These classes will
then be revamped in I366d598b69ad866496b7cb0059e0835c02e54041.

Note that these classes are now namespaced.

One method, AbuseFilter::getEditVars, was renamed to
AbuseFilterVariableGenerator::generateEditVars, because it would
otherwise conflict with an incompatible method in RunVariableGenerator.

Change-Id: Iff412e5492873d4fae55402939a51609e64d55a8
2020-02-07 19:44:31 +00:00
Daimona Eaytoy 6b7be78534 Use RCDatabaseLogEntry as wrapper in get*VarsFromRCRow
This provides various shortcuts for user, target, comment, etc.,
avoiding direct access to the row, and thus a dependency on the
schema.

Change-Id: I250f94e0ac6cade33441a31ae8a27093a4d937a0
2020-02-07 19:19:10 +00:00
Daimona Eaytoy 472d1221bd tests: Increase and rebalance code coverage
Also fix a couple of broken tests in Consequences:
 - For createaccount, $user->addToDatabase must be called before
   testForAccountCreation, or it will throw a CannotCreateActorException.
 - In testThrottleLimit, also set wgAbuseFilterEmergencyDisableThreshold
   to avoid relying on the local config.

Bug: T201193
Change-Id: If1a50b0a729e4d554485f2e2225d5877510966b6
2020-02-07 18:32:17 +00:00
libraryupgrader a14ec744f7 build: Updating composer dependencies
* mediawiki/minus-x: 0.3.2 → 1.0.0
* mediawiki/mediawiki-phan-config: 0.9.0 → 0.9.1

Change-Id: I119f4d56cce674302f34e938e598e6cc6bf28dc0
2020-01-28 17:51:38 +00:00
Ammar Abdulhamid 641aeebbcf Replace deprecated IP class with IPUtils
Bug: T242556
Change-Id: If8e9034885726b673d1500fa8b538b5302e66165
2020-01-24 18:27:26 +01:00
Daimona Eaytoy 102789f62a Avoid keeping superfluous row properties
Most of them are overwritten either in ViewEdit::loadRequest or
AbuseFilter::saveFilter. af_hit_count and af_throttled are actually
relevant for the old version, so list them explicitly. And also add
default af_group and af_global, which are later read, for import action.

Depends-On: Iabd0ae5b18571f8cad44ef2d86bcf2519e7f95ba
Change-Id: Ie9aae938cca06e38a7a834a3f74f3e8735ab01ee
2020-01-23 12:50:03 +00:00
James D. Forrester bdef1200f8 Follow-up 87459ec: When no registration date is recorded, use 2008-01-15
Before the phan upgrade, this was silently choking on null as so falling
back to age since 1970-01-01 (~50 years); since the upgrade, the code is
breaking filters by responding with 0. The approximation of using 2008's
Wikipedia Day is less wrong and more fun (credit to Roan for making this
suggestion).

Bug: T243469
Change-Id: Ibc25ab09ecd0bf0b2292425c2768b1dc911b9974
2020-01-22 15:38:09 -08:00