mediawiki-extensions-AbuseF.../maintenance/RemoveProtectedFlagFromFilter.php
Thalia 91456d79b2 Add RemoveProtectedFlagFromFilter maintenance script
Why:

* Protected variables were introduced to support temporary accounts
  so that temporary users could be filtered based on their IP address.
* Filters that use protected variables are protected in order to
  preserve privacy. This can't be undone.
* It is mistakenly possible to protect a filter that does not use
  protected variables (T378553). We need a mechanism to fix these
  mistakes.

What:

* Introduce a maintenance script that takes a filter ID and, if the
  filter is protected, sets it to unprotected while maintaining any
  other existing privacy levels.

Bug: T378551
Change-Id: I4dfe3970221397d5be5ea0697490d8c8e3726adf
2024-11-15 13:13:38 +00:00

76 lines
2.1 KiB
PHP

<?php
namespace MediaWiki\Extension\AbuseFilter\Maintenance;
use MediaWiki\Extension\AbuseFilter\Filter\Flags;
use MediaWiki\Maintenance\Maintenance;
// @codeCoverageIgnoreStart
$IP = getenv( 'MW_INSTALL_PATH' );
if ( $IP === false ) {
$IP = __DIR__ . '/../../..';
}
require_once "$IP/maintenance/Maintenance.php";
// @codeCoverageIgnoreEnd
/**
* Maintenance script that allows an individual filter's privacy level to remove the
* "protected" flag from a filter, while keeping other privacy flags. This is for
* correcting filters that were mistakenly allowed to be protected (T378551).
*
* @ingroup Maintenance
* @since 1.44
*/
class RemoveProtectedFlagFromFilter extends Maintenance {
public function __construct() {
parent::__construct();
$this->addDescription(
'Remove the "protected" flag from a filter, while keeping other privacy flags'
);
$this->addArg( 'filter', 'ID of the protected filter to update' );
$this->requireExtension( 'Abuse Filter' );
}
/**
* @inheritDoc
*/
public function execute() {
$filter = $this->getArg( 0 );
$privacyLevel = $this->getReplicaDB()->newSelectQueryBuilder()
->select( 'af_hidden' )
->from( 'abuse_filter' )
->where( [
'af_id' => $filter
] )
->caller( __METHOD__ )
->fetchField();
if ( $privacyLevel === false ) {
$this->fatalError( "Filter $filter not found.\n" );
}
if ( ( $privacyLevel & Flags::FILTER_USES_PROTECTED_VARS ) === 0 ) {
$this->output( "Filter $filter is not protected. Nothing to update.\n" );
return false;
}
// The new privacy level is the old level with the bit representing "protected" unset.
$newPrivacyLevel = (string)( $privacyLevel & ( ~Flags::FILTER_USES_PROTECTED_VARS ) );
$this->getPrimaryDB()->newUpdateQueryBuilder()
->update( 'abuse_filter' )
->set( [ 'af_hidden' => $newPrivacyLevel ] )
->where( [ 'af_id' => $filter ] )
->caller( __METHOD__ )
->execute();
$this->output( "Successfully removed \"protected\" flag from filter $filter.\n" );
return true;
}
}
$maintClass = RemoveProtectedFlagFromFilter::class;
require_once RUN_MAINTENANCE_IF_MAIN;