| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Bug: T353458
Change-Id: Id3ca24e22877e544b707a8a527a58e00cc1bc247
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
- PermissionManager::getUserPermissions() checks whether the user is
blocked if $wgBlockDisablesLogin = true, so that it can then limit
user's permissions to the set of permissions assigned to unregistered
users if so.
- This causes the GetUserBlock hook to run, which may itself check
permissions on the user (e.g. in the GlobalBlocking extension),
causing an infinite loop.
- Since the decision whether the user is blocked isn't yet final by the
time GetUserBlock runs, any permission checks triggered by
GetUserBlock handlers should see the user's full set of permissions.
What:
- Stash the user's permissions in PermissionManager's in-memory cache
before running block checks if BlockDisablesLogin = true.
- Add tests.
Bug: T384197
Change-Id: I3e3804fe518627e9edc2b574cce88f533fd93fe4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's about 100 callers of the DatabaseBlock constructor in core
tests, most of them passing an address parameter which needs access to
the global service container to parse.
Many are passing the constructed object straight to
DatabaseBlockStore::insertBlock(). So add insertWithParams() for their
convenience, which has some handy shortcut parameters, has service
access, and throws on failure. The calling code tends to be shorter
than before.
For unit tests trying to construct DatabaseBlock objects without a
service container, direct construction of BlockTarget subclasses is
warranted. Add a default to the $wikiId parameters for their
convenience.
MockBlockManager had its own 'target' parameter, mixed in with block
options, carrying its own special idea of a target, which conflicted
with DatabaseBlock's new 'target' parameter. Harmonise the parameters
and fix the callers.
Bug: T382106
Bug: T385966
Change-Id: I78b45a6003b62962211379c36da5587081f90f00
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
content and file pages
This patch reworks RestrictionStore::getCascadeProtectionSourcesInternal
to return a third and fourth array:
* One for cascading restrictions originating from templatelinks
* Another for those originating from imagelinks
They are used in PermissionManager::checkCascadingSourcesRestrictions
to differentiate cascading protection of file content and file page,
but could also be used in the future by action=info and other callers.
Bug: T24521
Bug: T62109
Bug: T140010
Change-Id: Ia5863f418538106f4fd657c672298ff6ac835805
|
| |
|
|
| |
Change-Id: I23ce3b4d26bbe58257b449993a54c45093007a3e
|
| |
|
|
|
| |
Bug: T373758
Change-Id: I4ec90f33f87a585f8b2a4f55485e235b49225829
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
PermissionManager::missingPermissionError is using
RequestContext::getMain(),
unit tests should not depend on global state,
move the test to the integration tests
Change-Id: I76a676143ef6c42eaf54067b169559de7c2af4ea
|
| |/
|
|
|
|
|
| |
setGroupPermissions() calls overrideConfigValue() for each config,
that is not needed and can be combined into one call
Change-Id: I5156b10c9df14773eaaf488d5bacfacd8846a80e
|
| |
|
|
|
|
|
|
|
|
|
| |
Implicitly marking parameter $... as nullable is deprecated in php8.4,
the explicit nullable type must be used instead
Created with autofix from Ide15839e98a6229c22584d1c1c88c690982e1d7a
Break one long line in SpecialPage.php
Bug: T376276
Change-Id: I807257b2ba1ab2744ab74d9572c9c3d3ac2a968e
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I3ea6b08c5018ba03ba45c5766e1f46e12f6b8597
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mostly used find-and-replace:
Find:
/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?)[\s\*]+/\s*(private|protected|public) (\$[a-z]\w+;\n)((?=\s*/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?))\n|)
Replace with:
\3 \1 \4
More could be done, but to keep this patch reasonably sized, I only
changed the most obvious and unambiguously correct cases.
In some cases, I also removed redundant doc comments on the
constructor, and re-ordered the properties to match the constructor.
Change-Id: I3f8427ae4f5d55177ae18986ef15d84d0e7bf6f4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
getPermissionErrors() uses a weird format for its return value that
is slightly different from the usual "legacy error array", and legacy
errors arrays are already icky. Deprecate it without changing this
format, and introduce getPermissionStatus() to replace it. Document
the return format more precisely.
Refactor PermissionManager to use PermissionStatus objects internally,
and only convert to the weird format in the deprecated method.
However, fix a scenario where the error array could directly contain
MessageSpecifier objects or strings instead of nested arrays,
as the documentation said that was not possible. Fix a test case
demonstrating this incorrect behavior.
Change-Id: I6670a58fe1fcb4e1ae87351277e5ddf29c548183
|
| |
|
|
|
|
| |
Bug: T362536
Follow-Up: I61ec3f8e1fe84927a6c987f387cbba349ec4a357
Change-Id: I2c65f5452b09fcc32ef93af6f090b285113427c8
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* The default value of wgAutoCreateTempUser has not changed since
the decision to use a different prefix for temporary accounts
(T332805).
* The default needs to be updated to reduce the number of overrides
in operations/mediawiki-config and also to make the development
experience more consistent with what is happening on WMF
production.
What:
* Update the wgAutoCreateTempUser default in the following ways:
** Set expireAfterDays as 365
** Set notifyBeforeExpirationDays as 10
** Set genPattern and reservedPattern to '~$1'
** Set matchPattern to null, which will mean that the genPattern
is used as the value.
* Update RealTempUserConfig::getPlaceholderName to add the year to
the placeholder name so that if the match pattern includes the
first digit of the year, then the placeholder name still is
considered a valid temporary account username.
* Replace modifications of the wgAutoCreateTempUser config in
integration tests with a use of the TempUserTestTrait to make
the code cleaner and make it easier to find tests that relies on
the values in wgAutoCreateTempUser.
* Update multiple tests to handle the new defaults for the config.
Bug: T359335
Change-Id: Ifa5a0123cd915bdb7c87e473c51fb93321622f12
|
| |
|
|
| |
Change-Id: I849268172751d50292e93aa75abe8094873f56bc
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I088cbc53fbcdb974e5b05b45a62e91709dacc024
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I4dbef138fd0110c14c70214282519189d70c94fb
|
| |
|
|
|
|
|
|
|
|
|
| |
In DatabaseBlockTest changed from addDBDataOnce() to addDBData() as
ChangedTablesTracker cannot reset tables changed by addDBDataOnce()
between each test run.
Remove also User::clearInstanceCache done together with the deletion as
the TestUser class is calling this already between tests.
Change-Id: Ibd5e544138a2a9b554abc2dea54a5db38f9a828f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
Temporary accounts (introduced as part of IP Masking)
are supposed to expire 1 year after their registration.
Automatic account expiration can be done via a maintenance
script, which would be periodically executed via cron / systemd.
Make it possible for extensions to provide their own logic
for generating a list of temporary accounts to invalidate.
This is used in CentralAuth to base registration timestamp
on the global registration timestamp.
The default behavior is "temporary accounts do not expire",
given the feature requires a maintenance script to run
periodically, which will not be the case on third party
instances.
What:
* Add `expireAfterDays` to $wgAutoCreateTempUser, controlling
how many days temporary accounts have.
* Add UserSelectQueryBuilder::whereRegisteredTimestamp(),
filtering accounts based on user_registration.
* Add ExpireTemporaryAccounts maintenance script, which is
@stable to extend.
Bug: T344695
Change-Id: If17bf84ee6620c8eb784b7d835682ad5e7afdfcc
|
| |
|
|
|
|
|
|
|
|
| |
Implicit rights represent actions granted to all users.
They can be rate limited, but not revoked.
Bug: T350202
Bug: T350117
Bug: T350347
Change-Id: I22bf5e60c38900f881d43577351761827066a25c
|
| |
|
|
|
|
|
|
| |
This trait provides a robust way for tests to simulate user blocks.
Developed as an alternative approach to I7fc457eff88.
Change-Id: Ia5d813fcbdd77b94dbbc730ca4639d6efd2148a8
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Functional changes:
* On account creation, if both a user block and an IP block apply,
return a CompositeBlock instead of picking a winner.
* On other actions, instead of returning the whole CompositeBlock if
some part of it matches the specified page and action, filter the
individual parts of the CompositeBlock by whether or not they match.
Refactoring:
* Add BlockManager::getBlock(), which is the same as getUserBlock()
except that it expects the caller to do IP exemption checking.
Deprecate getUserBlock().
* Migrate some callers of User::getBlock() to use BlockManager.
* Have PermissionManager use BlockManager instead of
User::getBlock().
* Add $request parameter to PermissionManager::getApplicableBlock(),
to fix the weird bundling of the request with the User.
* Move the createaccount block database fetch from PermissionManager to
BlockManager, where it can easily be cached.
* Fix code duplication between PermissionManager::isBlockedFrom() and
PermissionManager::getApplicableBlock() by having the former call the
latter.
* In CheckBlocksSecondaryAuthenticationProvider, use
AuthManager::getRequest(). Previously it used the global request and
also User::getRequest() via User::getBlock().
Bug: T345683
Change-Id: Icd75025665282a34d8854bda267a0eb3d759719c
|
| |
|
|
|
|
|
|
| |
constants public+internal
Also don't use @var for constants, that breaks Doxygen.
Change-Id: Ifb92406c3c5ad6f5bd0b35d07c8106cfa18a99e4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ActionFactory (and by extension, PermissionManager) should behave
gracefully when asked to determine whether an action requires the user
to be unblocked on a special page.
Actions are not defined for special pages, but we should not fail hard
when encountering a special page as context. This is particularly
important since getActionInfo will fall back to Title::newMainPage whn
no context is provided, and some wikis (e.g. Meta) use a special page as
their main page.
This should be considered a workaround until we have resolved T346036.
Bug: T348451
Followup-To: Ic30c36f82ab142130b5f4167c13284aeed899231
Change-Id: Ia301ac1f2e3fd812fd63aea83098cbc0270b80cc
|
| |
|
|
|
|
|
| |
1.34/1.36
Bug: T325680
Change-Id: Id427453a0664bcfc072e0274a893841a0445421e
|
| |
|
|
|
|
|
|
| |
Determining the effective user block can be complex. Expose the logic
that is presently implemented in PermissionManager so UserAuthority
can use it.
Change-Id: I22049215f72a24ceea876b5bebde8b9e383d3fab
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new method encapsulates the fact that we currently have to
instantiate action objects to determine which permission the action
requires. This encapsulation reduces coupling in PermissionManager
and allows us to easily change to a better way to create ActionInfo
later.
Eventually, ActionInfo should be constructed based on the action's
object spec. This requires us to include the relevant information in all
specs, in core and extensions.
Change-Id: I707a165c41403ebd4a3edfc66c1595e1bd3a4087
|
| |
|
|
|
| |
Bug: T166010
Change-Id: I7257302b485588af31384d4f7fc8e30551f161f1
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In order to check all existing rate limits through Authority, the limit
keys must function as user rights. However, we do not want them to be
"normal" permissions, since they cannot sensibly be revoked, and they
should not clutter the user interface.
To solve this, we introduce the concept of "implicit rights", which are
always granted, but limitable.
Change-Id: I0ea6f29130da1d68d022d47d9221fe878bc9beae
|
| |
|
|
|
|
| |
According to InteliJ, these are not used anywhere.
Change-Id: Id493b76547c959f2d16a3e11fa8236b36c790921
|
| |
|
|
|
|
|
|
|
|
| |
Same as I7a82951.
overrideConfigValue() and overrideConfigValues() both call
setMwGlobals(), which calls resetServices(). This is surprisingly
expensive. It's much better to call it once with an array.
Change-Id: I4ff2f6b902b1a1e0b554ce6fc76f3b612f703fae
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we first deploy temporary account autocreation, we want temporary
users to resemble anon users more than registered users, for minimal
community impact.
If we add them to the 'user' group, then they will automatically get
whatever rights a wiki currently assigns to registered users. If we
don't, they will only get rights that are currently given to everyone
(same as anons).
Therefore stop adding them to the 'user' group, and instead add them
to a new 'temp' group, in case site admins want to give them extra
rights.
Bug: T340457
Depends-On: I6333fa2289f3142d1b5cedf2cc910ced3ba5019e
Change-Id: Idb46252fe6533ab0a5410bdb3093043cb359c206
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Just methods where adding "static" to the declaration was enough, I
didn't do anything with providers that used $this.
Initially by search and replace. There were many mistakes which I
found mostly by running the PHPStorm inspection which searches for
$this usage in a static method. Later I used the PHPStorm "make static"
action which avoids the more obvious mistakes.
Bug: T332865
Change-Id: I47ed6692945607dfa5c139d42edbd934fa4f3a36
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is moderately messy.
Process was principally:
* xargs rg --files-with-matches '^use Title;' | grep 'php$' | \
xargs -P 1 -n 1 sed -i -z 's/use Title;/use MediaWiki\\Title\\Title;/1'
* rg --files-without-match 'MediaWiki\\Title\\Title;' . | grep 'php$' | \
xargs rg --files-with-matches 'Title\b' | \
xargs -P 1 -n 1 sed -i -z 's/\nuse /\nuse MediaWiki\\Title\\Title;\nuse /1'
* composer fix
Then manual fix-ups for a few files that don't have any use statements.
Bug: T166010
Follows-Up: Ia5d8cb759dc3bc9e9bbe217d0fb109e2f8c4101a
Change-Id: If8fc9d0d95fc1a114021e282a706fc3e7da3524b
|
| |
|
|
|
|
|
|
| |
No need to ask the database for special pages
Set valid title in tests to pass canExists check
Change-Id: Ic6db74cf671484db475a0a646b372c814ea41918
|
| |
|
|
|
|
| |
Makes it clear what about the value is (slot role name)
Change-Id: I0dc195aa24c0e699a32d3b07e62d58e90cfac84d
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- User::getGroupPermissions
- User::getGroupsWithPermission
- User::groupHasPermission
- PermissionManager::getGroupPermissions
- PermissionManager::getGroupsWithPermission
- PermissionManager::groupHasPermission
Bug: T325680
Change-Id: If9ae610037f049050c21ad0eab7bcb4d6e596f29
|
| |
|
|
|
|
|
| |
assertSame avoids use of loose comparisons and
allows to check the expected type
Change-Id: If821d1be2bc1ff9f8b70968a339f33c7a8e8880a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Redoing I5ea70120d74 but without moving WebRequest that caused issues
with phan-taint-plugin.
Moving:
- DerivativeRequest
- FauxRequest
- FauxRequestUpload
- PathRouter
- WebRequestUpload
Bug: T321882
Change-Id: I832b133aaf61ee9f6190b0227d2f3de99bd1717b
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 2bdc0b2b7209441a42a784157633a8a01b321922.
Reason for revert: T166010#8349431
Bug: T166010
Change-Id: Idcd3025647aec99532f5d69b9c1718c531761283
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Moving:
- DerivativeRequest
- FauxRequest
- FauxRequestUpload
- PathRouter
- WebRequest
- WebRequestUpload
Bug: T166010
Change-Id: I5ea70120d745f2876ae31d039f3f8a51e49e9ad8
|
| |
|
|
|
|
| |
overrideConfigValues is documented to reset services as well
Change-Id: Ie13a699f6cd912b912d34adb97704bab3cbdff2d
|
| |
|
|
|
|
|
|
|
| |
If $ignoredErrors isn’t empty, the process of filtering out ignored
errors may have left holes in the array. This isn’t desirable; in
particular, PermissionsError expects the first element ($errors[0]) to
exist. Let’s reindex the array sequentially to avoid problems.
Change-Id: I023d83bf7f29117da9d5a9062c9edb8c60a7e547
|
| |
|
|
|
|
|
|
|
|
|
| |
createMock() does the same, but is much easier to read.
A small difference is that some of the replacements made in this
patch didn't use disableOriginalConstructor() before. In case this
was relevant we should see the respective test fail. If not we can
save some CPU cycles and skip these constructors.
Change-Id: Ib98fb06e0fe753b7a53cb087a47e1159515a8ad5
|
| |
|
|
| |
Change-Id: Ieeefb88daf55a976883f6e20ef6881c89a7f7630
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As we slowly move away from using globals, overrideConfigValue()
and overrideConfigValues() were introduced as a way to override
test configs between tests.
Under the hood, it just calls setMwGlobals() which resets services,
so take note.
Part 1: Directories covered are: languages/, maintenance/, tests/,
structure/ and includes/Permissions/.
Depends-On: I618b16c6d99c94eb2e7edcf05e888a65f7156754
Change-Id: If56f7d10d79f3a9824a52091a2b544d8653dd7b6
|
| |
|
|
| |
Change-Id: Ifcd15ecc4212d4ebfc26b2e18d6f1da47abf2a86
|
| |
|
|
|
|
| |
Also remove an unused variable, and convert one provider to generator.
Change-Id: I63e506f30ae334ceff9658c595e64a7e9ada5bbd
|
| |
|
|
|
|
| |
Avoid parsing known titles in tests to improve performance
Change-Id: Ibfccfe696f0b8bfda0b99abae324e60bbecef7d8
|
