mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-11-23 21:53:35 +00:00
bf28dbce0e
Some exposed variables (eg. `user_ip`) used in filters are sensitive and need to only be available to restricted groups of users. Back-end changes: - Add `AbuseFilterProtectedVariables` which defines what variables are protected by the new right `abusefilter-access-protected-vars` - Add the concept of a `protected` variable, the use of which will denote the entire filter as protected via a flag on `af_hidden` New UX features: - Display changes to the protected status of filters on history and diff pages - Check for protected variables and the right to see them in filter validation and don't allow a filter to be saved if it uses a variable that the user doesn't have access to - Check for the right to view protected variables before allowing access and edits to existing filters that use them Bug: T364465 Bug: T363906 Change-Id: I828bbb4015e87040f69a8e10c7888273c4f24dd3 |
||
|---|---|---|
| .. | ||
| integration | ||
| unit | ||
| AbuseFilterConsequencesTest.php | ||
| AbuseFilterCreateAccountTestTrait.php | ||
| AbuseFilterFilterUserTest.php | ||
| AbuseFilterRowsAndFiltersTestTrait.php | ||
| AbuseFilterUploadTestTrait.php | ||
| ConsequenceGetMessageTestTrait.php | ||
| DegroupTest.php | ||
| LazyVariableComputerDBTest.php | ||
| RCVariableGeneratorTest.php | ||
| SchemaChangesHandlerTest.php | ||