mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-12-18 00:20:37 +00:00
bf28dbce0e
Some exposed variables (eg. `user_ip`) used in filters are sensitive and need to only be available to restricted groups of users. Back-end changes: - Add `AbuseFilterProtectedVariables` which defines what variables are protected by the new right `abusefilter-access-protected-vars` - Add the concept of a `protected` variable, the use of which will denote the entire filter as protected via a flag on `af_hidden` New UX features: - Display changes to the protected status of filters on history and diff pages - Check for protected variables and the right to see them in filter validation and don't allow a filter to be saved if it uses a variable that the user doesn't have access to - Check for the right to view protected variables before allowing access and edits to existing filters that use them Bug: T364465 Bug: T363906 Change-Id: I828bbb4015e87040f69a8e10c7888273c4f24dd3 |
||
---|---|---|
.. | ||
AbstractFilter.php | ||
ClosestFilterVersionNotFoundException.php | ||
ExistingFilter.php | ||
Filter.php | ||
FilterNotFoundException.php | ||
FilterVersionNotFoundException.php | ||
Flags.php | ||
HistoryFilter.php | ||
LastEditInfo.php | ||
MutableFilter.php | ||
Specs.php |