Why:
* Because of schema changes being made in CheckUser, the cu_changes
table will soon only contain rows for edit-like actions. Log
events, including successful login attempts, will be stored to
the cu_log_event and cu_private_event tables.
* As the integration with CheckUser is being removed, it does not
make sense to add support to read data from these tables.
Furthermore, the schema changes should not break LoginNotify
which means that no changes are needed to prevent server errors.
* As such, making wikis use the loginnotify_seen_net table by
default should mean that only third-party wikis which understand
the deprecation would still continue to use the CheckUser
integration.
What:
* Set wgLoginNotifyUseSeenTable as true and
wgLoginNotifyUseCheckUser as false in extension.json
Bug: T362321
Change-Id: Ic1e81c547b6e7e3d012aa91c6bcd2e4b4d0913b5
Add a table which stores a summary of each user's IP address subnet in
each time bucket, defaulting to 15 days. On edit (and other changes
causing a recentchanges row) and successful login update the table.
On attempted login, check whether the subnet is in the table in any
time bucket back to the expiry time.
Add a job and a maintenance script for purging expired rows.
Disabled by default for now. The idea is to enable it by default after
we have some experience with using it in WMF production.
If CheckUser integration is disabled (the future intended state), the
cache and LoginNotifyChecks job are suppressed since they are
unnecessary.
Details:
* Rename setCurrentAddressAsKnown() to recordKnownWithCookie() and
split off recordKnown() which does the same thing except without
sending the cookie. We use recordKnown() to store the IP address
without sending the cookie, on non-login changes.
* Reorganise isKnownSystemFast() for clarity, and return emphatic
USER_NOT_KNOWN if the user is not in the table, cache or cookie
and CheckUser integration is disabled.
* Replace time() calls with a mockable method.
Bug: T345052
Change-Id: Iea716e660353f16c47f873fe42edc2aeec1b4346
* Make LoginNotify into a service. Use a static getInstance() method
instead of a services container class, since there is only one
service.
* Removed references to $wgLoginNotifyEnableForPriv. The feature was
removed in I888c6009fffad1712.
Change-Id: I9120b470d27a0d09e508bd4e12eb2bde2f38d34d
The use of "HookHandlers" attribute in extension.json makes it possible
to inject services into hook handler classes in a future patch.
Bug: T344297
Change-Id: Icfa49dc56848c9b375f09d67ed839d0e10f57bfb
Not used and introduces serious compexity, likely causing
the bug with users receiving notifications they've opted out of.
Bug: T174220
Change-Id: I888c6009fffad17121765678387022ed7d454cb0
Instead of checking, if an internal class exists, it's more
accurate to require an extension and Extensionregistry will
check, if the requirements are fulfilled. If not, it will throw
and exception.
Depends-On: I2bde10ed08048bc0164446dd59d0d4575870fa54
Change-Id: I85a84988c75290d7df63dec27b69b250e305c896
