Commit graph

7345 commits

Author SHA1 Message Date
Amir Sarabadani fe0fed1d8f FilterLookup: Stop using DBAccessObjectUtils::getDBOptions()
And more db clean ups:
 - Use QueryBuilders
 - Stop relying on actor migration to simplify query building
 - Using expression builder in one case.
 - Change the default actor migration stage to read new and write both.

Bug: T354194
Depends-On: I7c116cab0c748707d9a9fd17feeffe26e7d188ec
Depends-On: I74002911749335f4323a03fb430d02f936771b7e
Change-Id: Id84d1db7a2991f3cccc2f4f1502ba77643ddef24
2024-03-21 20:22:02 +01:00
Umherirrender 5ab7282b4a Fix casing of dropdown-related methods
Methods gets renamed to lowercase variant in core (f1d7e68c)

Follow-Up: Ifda13ba9dee316709c424636ec3b285de8d0e9b1
Change-Id: I0ee5602536033268ff49aadf8d14320f8e5d03d2
2024-03-09 15:44:59 +01:00
jenkins-bot b9e6d0bc65 Merge "Add user_type variable" 2024-03-08 13:27:00 +00:00
Translation updater bot 4ebc556fcb Localisation updates from https://translatewiki.net.
Change-Id: I0b3fb687aad185d9c85a7ace0845f1b03bccd65d
2024-03-08 08:22:06 +01:00
Dreamy Jazz 85022190e5 Add user_type variable
Why:
* An AbuseFilter variable is needed that allows filters to determine
  what type the current user is. That is, whether the user is an
  IP address, temporary account, named user or external user.
* Currently filters implement this by inspecting the value in
  the 'user_name' variable, but this is likely to break when
  temporary accounts are enabled as IPs would be hidden.
* Giving a dedicated variable that indicates the type of the user
  allows filters to work out this information without having to
  know the specific username of the user before performing the
  check.

What:
* Add the 'user_type' variable which is lazily computed. It can have
  the value 'named', 'temp', 'ip' or 'external' depending on the
  type of the user. If the user does not match any of these, then
  the value is 'unknown'.
* Replace call to deprecated User::newFromIdentity with a use of the
  UserFactory service that is dependency injected.
* Add and update tests to ensure consistent test coverage.

Bug: T357615
Change-Id: Ifffa891879e7e49d2430a0330116b34c5a03049d
2024-03-07 10:38:25 +00:00
Translation updater bot 1672130d79 Localisation updates from https://translatewiki.net.
Change-Id: I39df98d92aee72eb56677fbfac9424a2c66847da
2024-03-07 08:47:40 +01:00
Derick Alangi 82d876ada8 Handlers: Drop AutoPromoteGroupsHandler::factory()
This patch solves a pending TODO which is to remove the ::factory()
method from the AutoPromoteGroupsHandler class. If the cache instance
is injected, we'll use it otherwise we'll default to a HashBagOStuff.

Bug: T358346
Change-Id: I2bc414da8733431d1d11025e954282fc7c73aa80
2024-03-06 21:38:12 +00:00
Translation updater bot bd7e10d5ac Localisation updates from https://translatewiki.net.
Change-Id: Ife7be6f220805056a2a39bb0923ae97dbfac23a5
2024-03-04 08:22:29 +01:00
Dreamy Jazz f4e3f78b7e Add integration test to verify logs are saved in CheckUser
Why:
* In f3c87749b8, the sending of logs
  to CheckUser when using a temporary account was fixed. As part
  of that change, it was suggested to add a test to verify that
  the call to `Hooks::updateCheckUserData` actually causes an
  insert into the relevant CheckUser result table.
* This change adds this test as a follow-up.

What:
* Create a test for the AbuseLogger that verifies that an event is
  sent to CheckUser and is saved into the DB for an abuse filter
  hit. This test is only run if the CheckUser extension is installed.

Bug: T358632
Change-Id: I33ed0810db13e38eacf4e682eb54d4ffcd583084
2024-03-01 16:11:33 +00:00
Translation updater bot 8a0e586257 Localisation updates from https://translatewiki.net.
Change-Id: Id8289ce4790d2f65a02d8ea398bca30fe5953d34
2024-02-29 08:34:57 +01:00
jenkins-bot 901d8812e2 Merge "Send AbuseFilter logs to CheckUser on PRESEND" 2024-02-28 13:37:14 +00:00
Dreamy Jazz f3c87749b8 Send AbuseFilter logs to CheckUser on PRESEND
Why:
* AbuseFilter can send AbuseFilter logs to CheckUser if they are
  not being sent to Special:RecentChanges.
* However, if this action is indirectly causing the creation of
  an account (such as through temporary account auto-creation),
  the log entry is sent to CheckUser before the temporary account
  actually exists in the 'user' table.
* This causes a CannotCreateActorException, as the performer does
  not exist on the wiki just yet and therefore cannot have an
  actor ID until the temporary account is created.
* This exception can happen if the AbuseFilter filter only creates
  a log entry and does not prevent the edit, so would not be
  necessarily fixed by T334623.
* Sending the logs to CheckUser on PRESEND avoids this, as the
  user will exist by the time that PRESEND is run but still allows
  any failures to cause an exception which can be seen by the user.

What:
* Wrap the call to Hooks::updateCheckUserData in AbuseLogger
  ::insertLocalLogEntries in a DeferredUpdate which is set to run
  on PRESEND.

Bug: T358632
Change-Id: Ia615fce3e26b88d5457ecc01231044b326b79973
2024-02-28 13:09:22 +00:00
Translation updater bot ba764abedd Localisation updates from https://translatewiki.net.
Change-Id: Ia338ecadec15233bfa4ee572838db3872340fbfb
2024-02-28 08:13:37 +01:00
Translation updater bot c78e07c75c Localisation updates from https://translatewiki.net.
Change-Id: Ie4479b237236463591520b9c2c449d117cfd2a72
2024-02-27 08:19:15 +01:00
Translation updater bot 4a5a45e916 Localisation updates from https://translatewiki.net.
Change-Id: I434172cb9078c03bb599e527fae14ee53a66014e
2024-02-26 08:34:49 +01:00
Derick Alangi e1f78da351
Fix wrong namespacing of integration test using \Unit\
Change-Id: Idcafe1dd97951db41b78c2a1c54d8519ae8802b7
2024-02-23 15:55:47 +03:00
Translation updater bot 4c6623b294 Localisation updates from https://translatewiki.net.
Change-Id: I929741877774d5a8ce274fc975af6600b6edd5aa
2024-02-23 08:43:23 +01:00
jenkins-bot 3f5e3415a0 Merge "Remove $wgAbuseFilterBlockedExternalDomainsNotification and related code" 2024-02-22 11:07:00 +00:00
Translation updater bot b305155460 Localisation updates from https://translatewiki.net.
Change-Id: I5d9823f3a0ee6f1f4ecc8911ab4725dff619c50c
2024-02-22 08:42:43 +01:00
MusikAnimal 2c9801766d Remove $wgAbuseFilterBlockedExternalDomainsNotification and related code
This feature never worked very well, and the original wish
https://w.wiki/7ZsE didn't ask for a 2010 editor solution, anyway.
Rather than have AbuseFilterBlockedExternalDomainsNotification linger in
an unstable state, we remove the code entirely.

Bug: T347435
Follow-Up: I7eae55f12da9ee58be5786bfc153e549b09598e7
Change-Id: I88e87c4e0a2968b892394461b1227f4d15938e8e
2024-02-20 23:01:02 +00:00
Translation updater bot 9523801cbd Localisation updates from https://translatewiki.net.
Change-Id: Iebfb7616d131781ec25104daa80bd13a1a9ea2ed
2024-02-20 08:37:42 +01:00
Translation updater bot 9f0956492b Localisation updates from https://translatewiki.net.
Change-Id: I2bd836bf394086d92fa0b067d5eedb4778308e2b
2024-02-19 08:39:15 +01:00
Translation updater bot a8a8b4eac3 Localisation updates from https://translatewiki.net.
Change-Id: Ie72572c71400cc96f69f055d3266f1f616704df3
2024-02-15 13:27:05 +01:00
Translation updater bot 7305788480 Localisation updates from https://translatewiki.net.
Change-Id: I1851a57efaa8442f32e757b096e6eb2cbf0142f4
2024-02-14 08:17:56 +01:00
libraryupgrader 9d658fdb81 build: Updating wdio-mediawiki to 2.5.0
Change-Id: I1fb123255bd10e8fab7247b3edbc94af407e1f5b
2024-02-12 16:16:49 +00:00
Translation updater bot a8d15481b8 Localisation updates from https://translatewiki.net.
Change-Id: I1350f2b6a73fd4c20d92387e570f3addb8710671
2024-02-12 14:48:17 +01:00
Translation updater bot edbb26d03b Localisation updates from https://translatewiki.net.
Change-Id: I2e157a48242618d921ded085b1001de642e6c8b0
2024-02-09 08:43:15 +01:00
James D. Forrester 1cfd2c8d3b build: Upgrade mediawiki/mediawiki-phan-config from 0.13.0 to 0.14.0 manually
The new version fixes a false-positive, success.

Change-Id: I69400879b4e79695be787b911fb3bd0ff923cf83
2024-02-08 18:05:12 -05:00
Translation updater bot 40e79deee3 Localisation updates from https://translatewiki.net.
Change-Id: I9aab2ab068ec5d8d1633f6b7508ae1e3ddaf2c9c
2024-02-08 09:14:01 +01:00
jenkins-bot 9799ad7a9c Merge "build: Upgrade eslint-config-wikimedia from 0.25.1 to 0.26.0" 2024-02-07 16:53:27 +00:00
Translation updater bot a1a847e8b6 Localisation updates from https://translatewiki.net.
Change-Id: Iceb880008d3653690d80348de213100692e72135
2024-02-07 08:25:48 +01:00
James D. Forrester 607ebb965c build: Upgrade eslint-config-wikimedia from 0.25.1 to 0.26.0
LibUp was getting caught out by the false-positive hit to
es-x/no-resizable-and-growable-arraybuffers, so doing a
manual fix to make progress.

Otherwise just whitespace changes.

Change-Id: Ibf20dd2d88613b0a74813c33239e7d0bac682b17
2024-02-06 09:26:59 -05:00
Translation updater bot 05cdc0df9d Localisation updates from https://translatewiki.net.
Change-Id: I8591102fb6c884676840c2ee2c384ef61d3073ee
2024-02-05 08:48:57 +01:00
Bartosz Dziewoński a105ddf99a maintenance: Replace unnecessary uses of LBFactory::waitForReplication()
Change-Id: I7289e76ffa94b4cb0298bddad7423bb855c77e55
2024-02-03 02:52:16 +01:00
James D. Forrester 9f3e647738 build: Upgrade mediawiki/mediawiki-phan-config to 0.13.0
Change-Id: Id7026f2371db564f2341bc70c8a1786beb53bf39
2024-02-02 16:24:51 +00:00
jenkins-bot 34f39ce76e Merge "Don't attempt to steal or create the FilterUser in CheckUserHandler" 2024-02-01 23:26:09 +00:00
Translation updater bot 4668a40617 Localisation updates from https://translatewiki.net.
Change-Id: Ie863a0073d78a862bcff2fd1b8c01e6a4c0dec24
2024-02-01 08:59:49 +01:00
Dreamy Jazz a5b68cf46d Don't attempt to steal or create the FilterUser in CheckUserHandler
Why:
* When CheckUser asks the AbuseFilter extension for modifications
  to rows inserted into the CheckUser tables, the AbuseFilter
  extension attempts to get the Filter user via User::newSystemUser
* User::newSystemUser can deadlock if multiple requests to create
  the system user are being made at once.
* The CheckUserHander does not need to create the abuse filter system
  and instead only needs to know if a given $user is the equal to
  the FilterUser.
* As such the FilterUser service needs to provide a way to check if
  a given $user is equal without creating the FilterUser.

What:
* Add FilterUser::isUserSameAs which returns a boolean value
  indicating whether the Abuse Filter system user is the equal
  to a given UserIdentity in the same way that UserIdentity::equals
  is implemented.
* Refactor ::getUser to get the username for the filter user in
  a separate method, so that the ::isUserSameAs method can also
  use this method. Name this new method ::getFilterUserName.
* Add a test for the FilterUser service to ensure consistent test
  coverage
* Convert the @covers and @coversDefaultClass annotations to be
  a @covers for the class. This is because PHPUnit recommends this in
  https://docs.phpunit.de/en/9.6/annotations.html#appendixes-annotations-covers-tables-annotations

Bug: T356275
Bug: T346967
Change-Id: I8a101781bb47612deabb0f2a06a398ac13e860e6
2024-01-31 19:32:52 +00:00
Translation updater bot 02a1f7cbca Localisation updates from https://translatewiki.net.
Change-Id: Ia9efbd8d4c37e51800118747e0816fe0e9cccd96
2024-01-31 08:28:29 +01:00
Translation updater bot f9c4dec110 Localisation updates from https://translatewiki.net.
Change-Id: I5cbec26c49c22571be23495b8ca028370b49d0b6
2024-01-30 09:38:16 +01:00
Translation updater bot 0c754131b1 Localisation updates from https://translatewiki.net.
Change-Id: I1d1237ada8e1b24f2b05e368c8cbc2383eb1887d
2024-01-28 16:04:35 +01:00
gerritbot 71c181219a Remove indirect calls to IDBAccessObject::READ_* constants
We are getting rid of the schema of implementing this interface and
calling self::READ_* constants, it's confusing, inconsistent, prone to
clashes and isn't really useful for non-ORM systems (which we are not)

Bug: T354194
Change-Id: I5d7a2c91a49311a6bdf6e56053c08610d4d6d110
2024-01-26 09:25:35 -05:00
jenkins-bot 0342668682 Merge "Use ::getLocalUrl instead of ::getFullUrl for HideAbuseLog form" 2024-01-25 12:41:53 +00:00
Translation updater bot eb73b6e6c3 Localisation updates from https://translatewiki.net.
Change-Id: Ief59e01327592f617a5e1d16506a3c125ae12e5d
2024-01-25 10:08:58 +01:00
James D. Forrester 9f8941409a composer: Require wikimedia/equivset 1.6.1, which will ship with MW 1.42+
Bug: T355590
Depends-On: I5c7d1e67e45522669a88a75cb95e61feb116c588
Change-Id: Id9d641627a54bfa00f7ef8fe7198b7c1e8520978
2024-01-24 21:53:03 +00:00
Dreamy Jazz 1c0a5b9c6f Use ::getLocalUrl instead of ::getFullUrl for HideAbuseLog form
Why:
* The AbuseFilter Special:AbuseLog/hide page has a form that allows
  those with sufficent rights to hide abuse filter log entries.
* This form defines a custom action, which uses a URL including the
  wgServer by calling ::getFullUrl.
* When on WMF wikis and using mobile view, the domain name includes
  'm' and as such the wgServer is not the correct URL for the form
  action in this case.
* HTMLForm by default uses ::getLocalUrl for the action and as such
  Special:AbuseLog/hide should also use ::getLocalUrl to prevent
  these issues.

What:
* Change the call to ::getFullUrl in HideAbuseLog::show for the
  action text for the HTMLForm instance to instead be a call to
  ::getLocalUrl.

Bug: T355012
Change-Id: I6c909d5e6724dd620cf656c9a55439ed5d5c2fb4
2024-01-20 11:42:16 +00:00
Translation updater bot ca2ff0790a Localisation updates from https://translatewiki.net.
Change-Id: Ic447e1467ee00ef71ca9ee4bf1a223c40f6777da
2024-01-19 09:15:09 +01:00
Translation updater bot f470568611 Localisation updates from https://translatewiki.net.
Change-Id: I20af08359474abeae45462e45a9606ca2f9a0202
2024-01-18 09:23:14 +01:00
Reedy 4ea577a777 Remove old maintenance scripts
Bug: T353923
Change-Id: I3e599dee3775ca3048205b915d6c341ed2e37b74
2024-01-18 05:50:19 +00:00
Translation updater bot 79fdc1fbe7 Localisation updates from https://translatewiki.net.
Change-Id: Icb139d26bda142b90c77e92cd462bc5cb34c46c5
2024-01-17 08:36:40 +01:00