| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Bug: T353458
Change-Id: Ibe1810f1c71316a9124e1dc6ae405097dafd5267
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's about 100 callers of the DatabaseBlock constructor in core
tests, most of them passing an address parameter which needs access to
the global service container to parse.
Many are passing the constructed object straight to
DatabaseBlockStore::insertBlock(). So add insertWithParams() for their
convenience, which has some handy shortcut parameters, has service
access, and throws on failure. The calling code tends to be shorter
than before.
For unit tests trying to construct DatabaseBlock objects without a
service container, direct construction of BlockTarget subclasses is
warranted. Add a default to the $wikiId parameters for their
convenience.
MockBlockManager had its own 'target' parameter, mixed in with block
options, carrying its own special idea of a target, which conflicted
with DatabaseBlock's new 'target' parameter. Harmonise the parameters
and fix the callers.
Bug: T382106
Bug: T385966
Change-Id: I78b45a6003b62962211379c36da5587081f90f00
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
- The config variable $wgAutopromoteOnceLogInRC controls whether
autopromotions show up in recent changes, but offers no granular
controls beyond that.
- In T377829, stewards have expressed interest in excluding certain
spammy autopromote groups from recent changes.
What:
- Introduce and use a new config variable
$wgAutopromoteOnceRCExcludedGroups that can be used to define
a denylist of groups. Autopromotions into these groups will never
result in an RC entry, as long as they were the only new groups
the user was autopromoted into.
Bug: T377829
Change-Id: Ia4942b09a5162749f24c8f674429fbf3f0459a0b
|
| |
|
|
| |
Change-Id: I27b9a19ab952ede1267921bd042af0fe1c89e228
|
| |
|
|
|
|
|
|
|
|
|
| |
Implicitly marking parameter $... as nullable is deprecated in php8.4,
the explicit nullable type must be used instead
Created with autofix from Ide15839e98a6229c22584d1c1c88c690982e1d7a
Break one long line in SpecialPage.php
Bug: T376276
Change-Id: I807257b2ba1ab2744ab74d9572c9c3d3ac2a968e
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is to prevent infinite recursion when checking APCOND_BLOCKED due
to potentially repeated calls to user->getBlock.
UserGroupManager::checkCondition now throws a LogicException when
recursive behavior is detected during the APCOND_BLOCKED check.
Bug: T349608
Change-Id: Ia55a4d27be0f583c3bc826661579cbb4e7c47881
|
| |/
|
|
|
| |
Bug: T353458
Change-Id: I23cf7991f8792d4d000d1780463d8ce76dc0aee0
|
| |
|
|
|
|
|
| |
I believe this makes the code less brittle, and also makes it a bit
more obvious what these strings are meant to represent.
Change-Id: Ia39b5c80af4b495931d0a68fd091b783645dd709
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* When temporary accounts were first implemented, temporary users were
added to the 'user' group, and named users were added to a 'named'
user group, to differentiate them from temporary users.
* Since T340457, temporary users were no longer added to the 'user'
group. This means that the 'named' group is no longer needed.
What:
* Stop adding users to a 'named' user group in UserGroupManager.
* Remove special handling for the 'named' group in PermissionManager
and tests.
Bug: T355741
Change-Id: I06bd5d7150203bbcb0806868fe829a438af486ba
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is inconsistent with the access pattern of other constants in
MediaWiki. it's also confusing (e.g. it's unclear to a newcomer why
UserFactory is implementing IDBAccessObject) and it's prone to clashes
(e.g. BagOStuff class has a clashing constant).
It has been already announced: https://w.wiki/9DAX
Bug: T354194
Change-Id: Ic2357634b8385d65b55db2b557191419b06c40e0
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I4dbef138fd0110c14c70214282519189d70c94fb
|
| |
|
|
|
| |
Bug: T342301
Change-Id: I5ea01f7ee103570165261bde0965c5b65e04c369
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
Temporary accounts (introduced as part of IP Masking)
are supposed to expire 1 year after their registration.
Automatic account expiration can be done via a maintenance
script, which would be periodically executed via cron / systemd.
Make it possible for extensions to provide their own logic
for generating a list of temporary accounts to invalidate.
This is used in CentralAuth to base registration timestamp
on the global registration timestamp.
The default behavior is "temporary accounts do not expire",
given the feature requires a maintenance script to run
periodically, which will not be the case on third party
instances.
What:
* Add `expireAfterDays` to $wgAutoCreateTempUser, controlling
how many days temporary accounts have.
* Add UserSelectQueryBuilder::whereRegisteredTimestamp(),
filtering accounts based on user_registration.
* Add ExpireTemporaryAccounts maintenance script, which is
@stable to extend.
Bug: T344695
Change-Id: If17bf84ee6620c8eb784b7d835682ad5e7afdfcc
|
| |
|
|
|
| |
Bug: T166010
Change-Id: I7257302b485588af31384d4f7fc8e30551f161f1
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, we have two services: ReadOnlyMode and
ConfiguredReadOnlyMode. The former takes the latter and can easily
support every functionality of CRO. I added methods to support that
functionality (the current class is quite small so it's not adding a lot
more to a monster class) and basically fully deprecate the service
itself to improve developer experience.
It is only called in two extensions in production with straightforward
fix so I directly went with hard-deprecation.
Bug: T343917
Depends-On: Icec0ad3f30c471b428efe80dfb9129f55a351194
Change-Id: I421fd5c8fee7af41c059419c2bbc85b8dccc04ed
|
| | |
| |
| |
| |
| |
| |
| | |
This has been approved as part of RFC T166010
Bug: T321882
Change-Id: I6bbdbbe6ea48cc1f50bc568bb8780fc7c5361a6f
|
| |/
|
|
|
|
|
|
|
|
| |
And namespace it to MediaWiki\Config
This should be eventually deprecated and removed but this has been
blocking the reorg for long enough.
Bug: T321882
Change-Id: I7a1a073495469623f6f77e6f74b23b7b4c18033a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
That would remove the need for passing around LB.
ReadOnlyMode code needs a lot of clean up. In follow up patches, I want
to inject WAN and possibly APCu to this and remove that from LB itself
to decouple LB/LBF from BagOStuff.
In even later patches, I want LB/LBF to set the ReadOnly in the service
instead and reverse the coupling.
Bug: T343917
Change-Id: Ibe7f80292d911fc8953e59f74264c499ab1700d0
|
| |
|
|
|
|
|
|
|
| |
This moves the core part of wfGetPrivilegedGroups() out of Wikimedia
config and makes it possible to move functionality built on it into
core.
Bug: T208477
Change-Id: I6536ef2909caeed047447e8b6a25831d6f00d827
|
| |
|
|
|
| |
Bug: T321882
Change-Id: I48c10343295c4eb3d9ef8037343b0070e928f040
|
| |
|
|
|
|
|
|
|
|
| |
There are several user groups-related hooks that can interfere with this
test. For instance, if AbuseFilter is installed, some tests will fail
because AF hooks call some methods on a no-op User mock. This class is
already making sure that the needed hooks it wants to test are set, so
there's no need to run any other hooks.
Change-Id: Iff184b5de1b150fd8043af13f16f8e1c870eb3fe
|
| |\ |
|
| | |
| |
| |
| | |
Change-Id: I4407a1732e76f35a54813edbb5eb7d8c7c0777b4
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
* PageEditStash and UserGroupManager: remove the isRegistered
check, which isn't necessary since UserEditTracker will just
return null for users not in the `user` table. Instead handle
a possible null return value.
* LogFormatter: keep the check, to avoid instantiating the
UserEditTracker if not necessary, but check getId instead of
isRegistered, since the check is really for whether the user
is in the `user` table, regardless of their registered status
(e.g. they may be a temporary user).
Change-Id: I62faf9d042a9297bcd662f7908d73d8469b26c98
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Assert the wiki id of the identity passed to the manager to avoid mixing
up database changes which does not belong to the user id given to the
manager
This removes comments added by first step a3f3e3c
This reintroduce b565ab8
Bug: T337590
Depends-On: Ic449aa0d6b874ac5a2b8bf652c2637188aa0edb6
Depends-On: I2dffe8b633cff182866803ce5cb693f31364f178
Change-Id: Icd2d4efdb84ae085402c9ca59ced7e14be511aa0
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When we first deploy temporary account autocreation, we want temporary
users to resemble anon users more than registered users, for minimal
community impact.
If we add them to the 'user' group, then they will automatically get
whatever rights a wiki currently assigns to registered users. If we
don't, they will only get rights that are currently given to everyone
(same as anons).
Therefore stop adding them to the 'user' group, and instead add them
to a new 'temp' group, in case site admins want to give them extra
rights.
Bug: T340457
Depends-On: I6333fa2289f3142d1b5cedf2cc910ced3ba5019e
Change-Id: Idb46252fe6533ab0a5410bdb3093043cb359c206
|
| |\ \ \
| |_|/
|/| | |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add MediaWikiIntegrationTestCase::newSelectQueryBuilder(), which
creates a subclass of SelectQueryBuilder with assert methods.
* Migrate most callers of assertSelect() to this new query builder
interface.
Bug: T311866
Change-Id: I7392b37988067020d5f684276320dae0a474631a
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Autopromotion was disabled for temporary users in
d6a3b6cfa8f563dc769dbb1a33fe1431b2e4b88e. In that commit,
PermissionManager::getUserImplicitGroups, no longer checks autopromote
groups for temporary users, so PermissionManager::getUserPermissions
no longer finds autopromote groups for temporary users.
In this commit, UserGroupManager::getUserAutopromoteGroups no longer
finds autopromote groups for temporary users.
Bug: T340462
Change-Id: I189391bd9a41718648d198b83736d837c76ead52
|
| |/
|
|
| |
Change-Id: I59bb85bdae91ee595e19aee30f204f33d4ad1efc
|
| |
|
|
|
|
|
|
| |
This reverts commit b565ab8404325ea31301c79d82883f58f781bcd6.
Reason for revert: CentralAuth not ready for this assertion
Change-Id: Ic59efaf8ea0e2807fef7ead58f27c6e03ab8913c
|
| |
|
|
|
|
|
|
|
|
|
|
| |
For interwiki userright changes a UserRightsProxy instance is passed to
UserGroupManager. UserRightsProxy does not implement a check for wikiId
in getId().
Without the check for the wikiId and the extra argument to getId() it is
not possible to pass non-local instances of UserIdentityValue to
UserGroupManager.
Bug: T255309
Change-Id: Ice67ff4337165c0f022267186c88332e0e574869
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Just methods where adding "static" to the declaration was enough, I
didn't do anything with providers that used $this.
Initially by search and replace. There were many mistakes which I
found mostly by running the PHPStorm inspection which searches for
$this usage in a static method. Later I used the PHPStorm "make static"
action which avoids the more obvious mistakes.
Bug: T332865
Change-Id: I47ed6692945607dfa5c139d42edbd934fa4f3a36
|
| |
|
|
|
|
|
| |
assertSame avoids use of loose comparisons and
allows to check the expected type
Change-Id: If821d1be2bc1ff9f8b70968a339f33c7a8e8880a
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 2bdc0b2b7209441a42a784157633a8a01b321922.
Reason for revert: T166010#8349431
Bug: T166010
Change-Id: Idcd3025647aec99532f5d69b9c1718c531761283
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Moving:
- DerivativeRequest
- FauxRequest
- FauxRequestUpload
- PathRouter
- WebRequest
- WebRequestUpload
Bug: T166010
Change-Id: I5ea70120d745f2876ae31d039f3f8a51e49e9ad8
|
| |
|
|
| |
Change-Id: I1b0e8e2cf4d85ae5ce8ad090cfc47f5086350702
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Allow EditPage to create a user on page save. This has to be enabled
in config and then activated by the UI/API caller.
* Add an autocreate source for temporary users.
* Allow editing by anonymous users via automatic account creation when
$wgGroupPermisions['*']['edit'] = false. On an edit GET request, use
an unsaved placeholder user to stand in for post-create permissions.
* On preview or aborted save, the username to be created is stashed in a
session and restored on subsequent requests.
* On a (likely) successful page save, create the account.
* Put regular non-temporary users in a "named" group so that they can be
given additional permissions.
* Use a different "~~~" signature for temporary users
* Show account creation warnings on edit and preview.
Change-Id: I67b23abf73cc371280bfb2b6c43b3ce0e077bfe5
|
| |
|
|
|
|
|
| |
If we want to convert DefaultSettings to a schema, we can't use variable
references.
Change-Id: Ia53cf45f7f029e1ba4191324005fef25055d5296
|
| |\ |
|
| | |
| |
| |
| | |
Change-Id: Icdb301d352d302f70fefba9b40df2368cb217fd2
|
| |/
|
|
| |
Change-Id: I38299cb65eeaadfdc0eb05db4e8c0b0119cfb37d
|
| |
|
|
|
|
|
| |
Still some more to go...
Bug: T254646
Change-Id: Ia117f01e443c35b4765f3275cab4f2707e1be96f
|
| |
|
|
|
| |
Bug: T287247
Change-Id: I40f560a2143a2c0fda8cb7233d9954dc645749a3
|
| |
|
|
|
|
|
|
| |
UserGroupManagerFactory takes care of getting the
correct JobQueueGroup for the domain.
Bug: T287808
Change-Id: I548f0c52b298bfcae386ca1a427521c81dc802fe
|
