| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* The TempUserConfig::getMatchPattern method was deprecated in
7f588780a048594d142e16e3a9df4c140a6779fc with a replacement of
TempUserConfig::getMatchPatterns.
* All existing usages on WMF deployed extensions have been replaced
so a call to wfDeprecated can be added.
What:
* Add a wfDeprecated call in RealTempUserConfig::getMatchPattern.
The other implementation of this method calls this method, so
this is the only call needed.
* Update the tests to expect the deprecation of ::getMatchPattern.
Depends-On: I122f001ab24e879a573b19468d642b8f579d1024
Bug: T354619
Change-Id: I74ea85429d083737c325c978e1cad04beb6a9325
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* There is a need to update the generation and match pattern on
WMF wikis to a new format that includes the year and starts with
`~`. As such, the 'matchPattern' key needs to be updated.
* Removing the old 'matchPattern' from the wgAutoCreateTempUser
config currently leaves existing temporary accounts as no longer
recongnised as temporary accounts.
* Instead, the 'matchPattern' needs to be able to take an array of
string patterns so that old patterns can still be used for matching.
What:
* Update the MainConfigSchama to indicate that 'matchPattern' in the
wgAutoCreateTempUser config can be an array of strings.
* Add TempUserConfig::getMatchPatterns and deprecate TempUserConfig::
getMatchPattern. This is needed because ::getMatchPattern was typed
to only ever return one Pattern, which is no longer the case with this
config change.
* Update the RealTempUserConfig to support multiple patterns defined in
the 'matchPattern' key. The RealTempUserConfig::getMatchPattern method
returns the pattern or first pattern if multiple are defined to allow
time for existing usages of this deprecated method to be updated.
* Update the RealTempUserConfig to rely on other methods instead of checking
object property values where possible (e.g. use ::isEnabled instead of
checking $this->enabled) to allow easier unit testing.
* Update UserSelectQueryBuilder and ChangesListSpecialPage to use TempUserConfig
::getMatchPatterns instead of ::getMatchPattern.
* Update mediawiki.util/util.js to be able to parse the 'matchPattern' value
when it is an array of strings.
* Update maintenance/userOptions.php to use ::getMatchPatterns instead of
::getMatchPattern.
* Add and update unit and integration tests for the new code, as well as
expanding coverage over existing code that was indirectly affected.
Bug: T354619
Change-Id: I3763daefe4dc7c76370bd934fb20452591c9c762
|
| |
|
|
|
|
|
|
|
| |
- Avoid defining abstract test classes (ending in "Test")
- Avoid withConsecutive()
- Avoid getMockClass()
Bug: T342110
Change-Id: I131e0d85bd14e75aaebd6f212b2e64a45d4c73a2
|
| |\
| |
| |
| | |
a null"
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, UserOptionsManager:.isValueEqual considered null to be
equal to certain non-null values (such as an empty string). This
resulted in UserOptionsManager::saveOptionsInternal ignoring
any attempts to set any option to an empty string when
there was no pre-existing user_properties row.
Bug: T355086
Change-Id: Ib145efbd337b7f09eed86d2873228a1b503d02f3
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* The temporary account configuration settings, which are
controlled via wgAutoCreateTempUser have many options
and so defining the config for a test is difficult without
keeping a private array for the default array value.
* Providing methods to easily disable and enable temporary account
creation in a one-line call is useful to fix existing tests
for temporary account creation.
What:
* Add the trait named TempUserTestTrait which provides two methods
that disable and enable temporary account autocreation.
* This trait is designed for use in integration tests as it modifies
configuration values.
* The ::enableAutoCreateTempUser method optionally takes an array
that can be used to override the default wgAutoCreateTempUser
configuration.
* The ::disableAutoCreateTempUser method optionally takes a value
for the reservedPattern key as this is still used if the 'enabled'
key is set to false.
Bug: T352693
Change-Id: I21c5c7d61370b9ce96059341e0744abc61545e09
|
| |
|
|
|
|
|
|
| |
* ImportableOldRevisionImporterTest
* ActorStoreTest
Bug: T354968
Change-Id: Iac20a48df28b3cc1d6afed1b78e43cc1c3cd7da7
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Why:
Sometimes, it is necessary to have different behavior
for newly registered and existing users. For example,
this happens in the Echo or GrowthExperiments extensions.
As of now, this behavior is implemented by inserting
user_properties rows in onLocalUserCreated.
Over time, this results in a singificant amount of rows
inserted, which contributes to the user_properties table bloat,
which is already overly large (cf. T54777). This patch makes it
possible to remove such rows by supporting conditional defaults
for user properties.
What:
Add support for conditional defaults of user properties. This can be
configured via `ConditionalUserOptions` config option.
Bug: T321527
Change-Id: I1549c3137e66801c85e03e46427e27da333d68e2
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* Part of a temporary user name is generated from an index that
increments, which is stored in the database.
* As specified in T345855, the index will be restarted each year.
* Also specified in T345855, the year will be included in
generated temporary user names.
What:
* Since the year must be included in the name in order to avoid
naming conflicts if the index is restarted each year, both are
implemented together and controlled by a single config.
* Add a new config option that, when true, restarts the name
generation index at the start of each year and add the year into
the user name: $wgAutoCreateTempUser['serialProvider']['useYear']
* Add a uas_year column to the user_autocreate_serial table, which
is unique in combination with uas_shard, so the index can be
stored for each shard/year combination.
* The year is added into the username just after the prefix, as
specified in T345855. This is based on research that having the
year near the start of the name aids understanding that the
names are not IP addresses. The position of the year within the
name is therefore not configurable (though whether to include
it is). See T345855 for the research.
Bug: T349494
Bug: T349501
Depends-On: I6b3c640a4e74f52fd4a4f46de5a2cbe80fe3b665
Change-Id: If51acb3f4efa361ce36d919c862a52501a5a7d24
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
* When using the TempUserCreator::create or ::acquireAndStashName to
get temporary account when the chosen username already existed, that
temporary account is treated as if it doesn't exist. This causes
confusing "userexists" errors and also causes the user to be logged
into an already existing temporary account.
* Furthermore, because the user existence check in AuthManager::auto
CreateUser only checks the local wiki, if an existing temporary
account exists globally but not on the local wiki then the code
sign a new user into an existing temporary account.
* This is very bad behaviour, though shouldn't happen unless the
serialMapping configuration uses a SerialMapping class that could
provide duplicates and/or the configuration has been changed to
use a different SerialMapping class.
* There is a need to change the SerialMapping class in use to a
different class, which means that the code will attempt to use
temporary account usernames which already exist.
* As such, the code that is generating the temporary account usernames
based on the SerialMapping and SerialProvider should be aware that
it may produce an already existing temporary account username, even
if the SerialMapping class being used is asserted to never provide
duplicates.
* Therefore, the code that generates temporary account usernames
should always attempt to verify that a automatically generated
temporary account name does not already exist on the wiki.
What:
* Update TempUserCreator::acquireName to check to see if the username
it generates already exists centrally using the CentralIdLookup.
If it does, then the method returns null. Otherwise, the username
that hasn't been used yet is returned.
* Create the private method TempUserCreator::attemptAutoCreate that
attempts an autocreate for a temporary account name, and optionally
logs the account in.
* Update TempUserCreator::create to use ::attemptAutoCreate to
first to check if the account can be created and then again once
the account is created to actually login to that temporary account.
This is done to prevent logins to existing temporary accounts on
the local wiki. The second call to actually perform the login is
necessary as there is no other way to login to a temporary account.
* Update TempUserCreator::acquireAndStashName to respond to the changes
to ::acquireName, such that it returns null if ::acquireName returns
null and also does not modify the session.
* Update EditPage::maybeActivateTempUserCreate to return a Status and
return a good status in all cases except when a temporary account
name could not be acquired.
* Add IEditObject::AS_UNABLE_TO_ACQUIRE_TEMP_ACCOUNT, and use it as
the value of the fatal status returned by EditPage
::internalAttemptSave if a temporary account name could not be
acquired. This will cause the display of a useful error to the
user on edit.
* Update ApiEditPage and ApiAcquireTempUserName to die with an error
if a temporary account username was unable to be acquired.
* Provide tests for the untested ApiAcquireTempUserName.php file
including testing the new behaviour.
* Add and update tests for TempUserCreator.php
Bug: T353390
Change-Id: Id3a316ea0eba544d51d4ffcdfb03e35f4b3c54cc
|
| |
|
|
|
|
|
| |
Changes to the use statements done automatically via script
Addition of missing use statements and changes to docs done manually
Change-Id: Ib326ae1e5c8409a98398c721e8b8ce42c73bd012
|
| |\ |
|
| | |
| |
| |
| |
| | |
Bug: T345578
Change-Id: I1b9a1fc2571adc45e9d0c8d93bd4322fe1790722
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There are a couple of user options related classes already,
and the T321527 work on dynamic defaults is going to add
even more. Let's move them into a separate namespace
to make core a bit more organized.
Old name is kept as an alias for compatibility purposes.
Bug: T321527
Bug: T352284
Change-Id: I9822eb1553870b876d0b8a927e4e86c27d83bd52
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support migration stages when reading and writing blocks.
I tried to set it up for an easy next stage, in which support for the
old schema is removed. I tried to avoid factoring out of shared code
between the two schemas, so that the old schema cases can simply be
deleted without the need to revert unnecessary abstractions.
However, I added HideUserUtils to factor out ipb_deleted queries. Code
review showed that this was already quite complex, with multiple
approaches to the problem, so it benefits from refactoring even without
the schema abstraction.
HideUserUtils is a service rather than a standalone class to support
unit tests, since unit tests do not allow global config access. When
the migration stage config is removed, it will be a service with no
constructor parameters -- an unnecessary abstraction which should
ideally be resolved at that time.
When interpreting result rows, it is possible to share code by using
field aliases. But when constructing WHERE conditions, the actual field
names need to be used, so the migration is more intrusive in
ApiQueryBlocks and SpecialBlockList, where complex conditions are used.
Bug: T346293
Bug: T51504
Bug: T349883
Change-Id: I408acf7a57b0100fe18c455fc13141277a598925
|
| |
|
|
|
| |
Bug: T342301
Change-Id: I5ea01f7ee103570165261bde0965c5b65e04c369
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
Temporary accounts (introduced as part of IP Masking)
are supposed to expire 1 year after their registration.
Automatic account expiration can be done via a maintenance
script, which would be periodically executed via cron / systemd.
Make it possible for extensions to provide their own logic
for generating a list of temporary accounts to invalidate.
This is used in CentralAuth to base registration timestamp
on the global registration timestamp.
The default behavior is "temporary accounts do not expire",
given the feature requires a maintenance script to run
periodically, which will not be the case on third party
instances.
What:
* Add `expireAfterDays` to $wgAutoCreateTempUser, controlling
how many days temporary accounts have.
* Add UserSelectQueryBuilder::whereRegisteredTimestamp(),
filtering accounts based on user_registration.
* Add ExpireTemporaryAccounts maintenance script, which is
@stable to extend.
Bug: T344695
Change-Id: If17bf84ee6620c8eb784b7d835682ad5e7afdfcc
|
| |
|
|
|
|
|
|
|
|
|
| |
This was done automatically using the
`Universal.WhiteSpace.CommaSpacing` sniff, which will be included in the
next release of the MW PHPCS config.
Some of these have been adjusted manually where the autofix broke
vertical alignment.
Change-Id: I54a4668d8a2759b9d7de47742c943a535a04e211
|
| |
|
|
|
|
|
|
|
|
|
|
| |
And have UserGroupManagerFactory cache instances, per the TODO.
I'm doing this because SpecialUserRightsTest was flaky when there are
two local instances of UserGroupManager floating around. Resolving the
todo is the simplest way to ensure there is only a single
UserGroupManager. There are no remaining usages of UserRightsProxy in
codesearch.
Change-Id: Icb3395dfc53a4441b667f001ac1227f36d1f2e8d
|
| |
|
|
|
|
| |
Most noisily, this enables MediaWiki.Arrays.OneSpaceInlineArray.
Change-Id: I8ab11399c67ce7e3ab1b6249b591452774393428
|
| |
|
|
|
| |
Bug: T166010
Change-Id: I4066885a7ea071d22497abcdb3f95e73e154d08c
|
| |
|
|
|
| |
Bug: T166010
Change-Id: Ibda1e8be0f23c6262a32b607f8260cad36f188fc
|
| |
|
|
|
| |
Bug: T166010
Change-Id: I7257302b485588af31384d4f7fc8e30551f161f1
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
Temporary accounts introduced as part of IP Masking are supposed
to expire 1 year after their registration. Accounts can have
multiple registration timestamps when in a wiki-farm setup,
depending on which wiki we consult.
To implement the account expiration logic, we need to know the global
(first) registration timestamp.
Similar to CentralIdLookup, a concept of a registration date
provider is introduced. Unlike IDs, users can have multiple
kinds of registration dates (Wikimedia recognizes local and global,
but third parties can have different needs). For that reason,
any number of registration providers can be registered at any
given time; caller determines which one is requested. The default
is `local`, which is the only provider that is guaranteed to exist.
What:
* Add UserRegistrationLookup
* Add UserRegistrationProviders config variable
Bug: T344694
Change-Id: If9fa12a392064dd504590a861a175e3604a34fab
|
| |
|
|
|
|
|
|
|
|
| |
And namespace it to MediaWiki\Config
This should be eventually deprecated and removed but this has been
blocking the reorg for long enough.
Bug: T321882
Change-Id: I7a1a073495469623f6f77e6f74b23b7b4c18033a
|
| |
|
|
|
|
|
| |
To replace IDatabase::replace()
Bug: T335377
Change-Id: I446f7a09cfc0ee37c2e016052d452751f7333e27
|
| |
|
|
|
|
|
|
| |
Use private function to avoid the deprecation notice for called function
from a deprecated function.
Bug: T255309
Change-Id: I96fcb75f7dff4993079fb81ba498787d27fddc0f
|
| |
|
|
| |
Change-Id: Iefe896769359f0d32e52bf20aa03e1c3715d5074
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
There are extensions that need to check a handful of
users for temp-ness at once (such as GrowthExperiments).
This is not really possible as of now (it would be necessary
to call UserIdentityUtils::isTemp several times, which can get
slow for large bulks of users).
What:
Add TempUserConfig::getMatchPattern() that can be used
to generate a LIKE database condition.
While at it, this patch also adds named() and temp() to
UserSelectQueryBuilder.
Bug: T341389
Change-Id: I90b5c59462c5c98bf5dcf9fa15d20553ef6599a5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
WANObjectCache has already been injected, just use it instead via the
member variable. Also, make use of a proper config system like
GlobalVarConfig for accessing global variables and MainConfigNames
to pass in JobClasses setting.
Centralize checking for job beings added to the queue if they can't
be run because they're not on the correct wiki. Let the factory
deal with this and avoid the JQG to know about it. Also, centralize
logic for getting cached job classes in the factory.
NOTE: private constant CACHE_VERSION is not used within the class,
so removed it. It's private so easy to remove directly.
Change-Id: Ia61e00d6dc98c206509724413cf641a225649dbd
|
| |
|
|
|
|
|
|
|
| |
Using a php parser written on top of ANTLR4, done semi-automatically.
I checked everything and made adjustments.
Bug: T311866
Change-Id: I6150c6909bce8f3dbd745a26380cc0af9d9c547f
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The hardcoded value doesn't work in all MW installs, because it depends
on the configured URL scheme. For instance, the test fails with the
default MediaWiki-Docker setup.
This test actually doesn't need URLs at all, so avoid unnecessary URL
conversion and config mocks, and just assert that the page title is the
one we expect.
Change-Id: If7ed01f7c2404bbd8a2751131647960816828949
|
| |
|
|
|
| |
Bug: T274179
Change-Id: Ibc5bd56cd41153591b0ee701cc1f92608e7c188c
|
| |
|
|
|
|
|
|
|
| |
Initally used a new sniff with autofix (T333745),
but some provide are defined non-static in TestBase class
and need more work to make them static in a compatible way
Bug: T332865
Change-Id: I889d33424f0c01fb26f2d86f8d4fc3de3e568843
|
| |
|
|
|
|
| |
Factor out common concept originating in EditPage but since duplicated.
Change-Id: I5f5b75a7da9a40a6cc3041d3d6192d2d747b9f57
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To remove the use of UserRightsProxy from Special:UserRights the touch
update happen in UserRightsProxy::invalidateCache needs a new location,
before a cross-wiki aware UserIdentityLookup can be used.
Move it to the UserFactory service which is the storage layer for the
user table to handle user_touched database field for cross-wiki user
right changes.
For compatibility call the User::invalidateCache for local identities
Bug: T255309
Bug: T307301
Depends-On: I60a665de6aa8550d9bc0f5c78d54b8894ea5913e
Change-Id: I0c3d36a05abaa3548e554acf8d34e8e959c26776
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Just methods where adding "static" to the declaration was enough, I
didn't do anything with providers that used $this.
Initially by search and replace. There were many mistakes which I
found mostly by running the PHPStorm inspection which searches for
$this usage in a static method. Later I used the PHPStorm "make static"
action which avoids the more obvious mistakes.
Bug: T332865
Change-Id: I47ed6692945607dfa5c139d42edbd934fa4f3a36
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Split concepts of "match pattern" and "reserved pattern". Add config
"reservedPattern" which specifies a username pattern to be denied for
creation, but unlike matchPattern, it does not immediately flag all
accounts with such names as temp accounts. This can be used before
migration or after rollback to safely prevent creation of conflicting
accounts.
* Add TempUserConfig::isTempName(), which does what isReservedName()
previously did, i.e. determines if a name is a temp username.
* Make TempUserConfig::isReservedName() return true if the name matches
either the match pattern or the reserved pattern.
* UserNameUtils::isTemp() continues to determine whether a username is
actually a temp username.
* Add UserNameUtils::isTempReserved() as a proxy for
TempUserConfig::isReservedName()
Bug: T307064
Change-Id: I26755731fad89530a06824181106cd7b4e077d9e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Notable changes:
* In SqlBagOStuff::getConnectionFromServerInfo, only two loggers were
injected. The rest implicitly got a NullLogger due to being absent.
These are now effectively unsilenced.
* Database::__construct() required almost all parameters, even the
loggers. I've wanted to move some of DatabaseFactory into the ctor
here for a while. In order to make this change not a breaking
change, the new 'logger' parameter is optional with NullLogger as
default. This allowed some of the test cases, which were simply
passing NullLogger, to be fixed by passing nothing instead of
passing the new option name.
The Database class is behind a dozen layers of indirection for
real use, so this will still be injected just fine (DBF, LB, LBF,
MWLBF, etc.).
* In LegacyLogger, the handling for $wgDBerrorLog was previously
limited to DBConnection and DBQuery. This now includes errors
from other (generally, newer) parts of Rdbms as well, which were
previously missing.
This only affects sites (typically CI and dev setup) where
$wgDBerrorLog is used, as opposed to the more common
$wgDebugLogGroups by-channel configuration.
* TransactionProfiler gets its logger injected in a rather odd way,
via entrypoints (MediaWiki.php, ApiMain.php, and MaintenanceRunner)
as opposed to service wiring. This is kept as-is for now.
* In LBFactoryTest, in particular testInvalidSelectDBIndependent2,
there are cases that intentionally produce failures of which
the result is then observed. In CI we assert that dberror.log is
empty so instead of adding the missing logger fields to that
LBFactory instance, the only one set (replLogger) is removed.
The alternative is to set 'logger' now, which would naturally
cause CI failures due to unexpected entries coming through to
non-mocked error log.
Bug: T320873
Change-Id: I7ca996618e41b93f488cb5c4de82000bb36e0dd3
|
| |
|
|
|
|
|
|
| |
This continues the work in the child patch to replace callers
of setMwGlobals() with the appropriate method. Directory this
patch covers is `tests/phpunit/integration/`.
Change-Id: I0a9abf0d2a43587f2ffa029b68024a1ba5165fc7
|
| |
|
|
|
| |
Bug: T300129
Change-Id: I1e83a0dde6235bed91d28d7d43691c6a5d979f2f
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add services and utilities for automatic creation of temporary user
accounts on page save, in order to avoid exposing the user's IP
address.
* Add $wgAutoCreateTempUser, for configuring the system
* Add TempUserConfig service, which interprets the config.
* Add TempUserCreator service, which creates users during page save as
requested by EditPage. With proxy methods to TempUserConfig for
convenience.
* Add table user_autocreate_serial. Table creation is necessary before
the feature is enabled but is not necessary before deployment of this
commit.
Bug: T300263
Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
|
| |/
|
|
|
|
|
|
|
|
| |
We really don't need this complexity and it prevents us from improving
connection management.
MaintainableDatabase should stay but the connection ref shouldn't.
Bug: T255493
Change-Id: I867301dc7fa07cac298f8faba9cf82ca4617f50e
|
| |
|
|
|
|
|
|
|
|
|
| |
When newAnonymous() was called with a specified IP address, it called
newFromName(), leading to a DB query on User::load() as if the IP
address could be in the database.
Instead, use User::setName() which is documented to work for this
purpose and indeed appears to do so.
Change-Id: I8e8be719c89b1d1e4ae2cf9063db68b929bb3651
|
| |
|
|
|
| |
Bug: T291966
Change-Id: If22d5db53e71bb7a49a71a8d00be42ccc3b158c3
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 73a25838b461a952914190cb48eaaefee11d7659.
Reason for revert: T296508
Bug: T296508
Change-Id: I8af37665eeb284b85157a72459d43261ec4829ed
|
| |
|
|
| |
Change-Id: I953fcc66b5cde1ef481178b08e16c50b8a118702
|
