At the moment we support a maximum of 10 tokens per user for subscribing
to push notifications, stored as a basic list that runs out when the
limit is reached. There may, however, be some edge cases where an app
registers a token and then forgets to unregister it (and repeats this 10
times), after which time it will be unable to register any new token.
This changes the token list to behave more like a circular buffer, by
simply deleting the oldest token before inserting the new one. This way
an app could register a new token even in the rare case of forgetting
the previous ten.
Change-Id: I387de63460882e4e56d1aa6db1f78d73a0495208
The old ApiTestCase::getTokenList relied on CSRF
token API deprecated in 1.26. Many years have passed,
it's time to swtich to new mechanisms.
Needed-By: I58aedec6942ac5d3c21574cb0072f00ef365098c
Change-Id: Iafe7a48eb0cdf8c2f1ec7fdee232c3f394fa15a3
Creates a new push-subscription-manager group and an associated
right, manage-all-push-subscriptions. The purpose of this is to
allow privileged accounts to purge expired subscriptions from the
database on behalf of other users. A user with this right will be
permitted to delete any subscription from the DB based on the token
alone. For all other users, deletion requests will be limited to
those associated with the requesting user's central ID.
This right will be granted to a bot account on Metawiki associated
with the Wikimedia push notifications service, and the push
notifications service account will make push subscription delete
requests to the API for subscriptions for which vendor APIs return bad
subscription responses.
Additionally, the providertoken parameter to ApiPushSubscriptionDelete
is updated to allow multiple providertoken values.
Bug: T259148
Change-Id: Ia6c17588ee94e6be74e5e3a75eb33e38f172fc93
1) send apns topic when present in subscription metadata
2) check if subscription metadata is a valid JSON string
3) make epp_id column at echo_push_provider table auto_increment,
otherwise it will fail when trying to add a second row in the table
Bug: T259394
Change-Id: I785435e9f2d4ba9c14977d431d271f0fa2d0c795
Creates a EchoPushMaxSubscriptionsPerUser config setting (default: 0)
that controls the maximum number of subscriptions a user may associate
with the user's central user ID.
The setting is enforced in EchoPush\SubscriptionManager::create().
To allow creating push subscriptions for development, set
$wgEchoPushMaxSubscriptionsPerUser to a positive integer value in
LocalSettings.php:
$wgEchoPushMaxSubscriptionsPerUser = 10;
Bug: T259150
Change-Id: Ib97b6b6cbb8161dd75dad92c54b4fe4fff80c421
Adds DB tables for storing push subscriptions, some DB interaction code
for retrieving them within MediaWiki, and a set of API modules for
managing them from the outside world.
When testing this patch, be sure to run maintenance/update.php to create
the new tables, and set $wgEchoEnablePush = true in LocalSettings.php
to enable the API new API module.
N.B. The current DB schema is centered on app push subscriptions. Web
push subscriptions require slightly different handling, since they are
provided by browsers as a JSON blob rather than a token string. How to
handle web push subscriptions is a question we can defer until the time
comes to add web push support.
Subscription data is stored in the echo_push_subscription table, with
provider names normalized into the echo_push_provider table. We expect to
be looking up subscriptions by central user ID, so that column is indexed.
The subscription data also includes a column to store SHA256 digests of
the subscriber tokens. This is for use as a unique key constraint, since
we expect every push token to be univerally unique, and the token values
themselves may be too large to reasonably index in MySQL.
Bug: T252899
Change-Id: I3928761b3fba12e54ff4850e9a05c68ec7772f62
Not all tools require these to be absolute, full qualified class
names. But some do. This does make the code more compatible with all
kinds of tools.
Change-Id: Ie7f9d9469b7a48b2fe908d3428fca9ec0120f855
This gets the database reset upon completion, which is needed for some reason I
can't quite locate. I17ef1f51 passes with this change.
Change-Id: I12759772001048a3be69a80adbb2572b7d9f0397
It's (mostly) unused, and it would become problematic once we have
notifications from multiple places (where those ids could conflict)
Change-Id: Ib3bb5ae1e5689037b38290c9ce3d8691f52582b0