Page MenuHomePhabricator
Authored By
phuedx
Sep 20 2021, 12:46 PM
Size
2 KB
Referenced Files
None
Subscribers
None

T290808.patch

From fe34083c8a620664e86b80f44ef4e610a5cc9363 Mon Sep 17 00:00:00 2001
From: Sam Smith <phuedx@wikimedia.org>
Date: Mon, 20 Sep 2021 13:23:00 +0100
Subject: [PATCH] SECURITY: Require securepoll-view-voter-pii right to view
voter's PII
Extract PII fields from ListPager::$adminFields to
ListPager::$piiFields. Only include those fields if:
1. In the electionadmin group;
2. An admin of the election; and
3. Has the securepoll-view-voter-pii right
Bug: T290808
Change-Id: Ic7510be487a1bf9215de9ae6cf4a26fad96384c9
---
includes/Pages/ListPager.php | 34 +++++++++++++++++++++++++++++-----
1 file changed, 29 insertions(+), 5 deletions(-)
diff --git a/includes/Pages/ListPager.php b/includes/Pages/ListPager.php
index f85b44f..82f6893 100644
--- a/includes/Pages/ListPager.php
+++ b/includes/Pages/ListPager.php
@@ -4,14 +4,15 @@ namespace MediaWiki\Extensions\SecurePoll\Pages;
use MediaWiki\Extensions\SecurePoll\Entities\Election;
use MediaWiki\Extensions\SecurePoll\User\Voter;
+use MediaWiki\MediaWikiServices;
use TablePager;
use Wikimedia\IPUtils;
use Xml;
/**
* A TablePager for showing a list of votes in a given election.
- * Shows much more information, and a strike/unstrike interface, if the user
- * is an admin.
+ * Shows much more information, including voter's Personally Identifiable Information, and a strike/unstrike interface,
+ * if the global user is an admin.
*/
class ListPager extends TablePager {
/** @var ListPage */
@@ -35,17 +36,36 @@ class ListPager extends TablePager {
'vote_timestamp' => 'securepoll-header-timestamp',
'vote_voter_name' => 'securepoll-header-voter-name',
'vote_voter_domain' => 'securepoll-header-voter-domain',
+ 'vote_token_match' => 'securepoll-header-token-match',
+ 'vote_cookie_dup' => 'securepoll-header-cookie-dup',
+ ];
+
+ /** @var string[] */
+ public static $piiFields = [
'vote_ip' => 'securepoll-header-ip',
'vote_xff' => 'securepoll-header-xff',
'vote_ua' => 'securepoll-header-ua',
- 'vote_token_match' => 'securepoll-header-token-match',
- 'vote_cookie_dup' => 'securepoll-header-cookie-dup',
];
+ /**
+ * Whether to include voter's Personally Identifiable Information.
+ *
+ * @var bool
+ */
+ private $includeVoterPii;
+
public function __construct( $listPage ) {
$this->listPage = $listPage;
$this->election = $listPage->election;
- $this->isAdmin = $this->election->isAdmin( $this->getUser() );
+
+ $user = $this->getUser();
+
+ $this->isAdmin = $this->election->isAdmin( $user );
+
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ $this->includeVoterPii =
+ $this->isAdmin && $permissionManager->userHasRight( $user, 'securepoll-view-voter-pii' );
+
parent::__construct();
}
@@ -180,6 +200,10 @@ class ListPager extends TablePager {
$names = [];
if ( $this->isAdmin ) {
$fields = self::$adminFields;
+
+ if ( $this->includeVoterPii ) {
+ $fields += self::$piiFields;
+ }
} else {
$fields = self::$publicFields;
}
--
2.32.0

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
9185235
Default Alt Text
T290808.patch (2 KB)