Page MenuHomePhabricator
Create Task
Maniphest T124451

Don't make edits if a logged in user gets logged out
Closed, ResolvedPublic5 Estimated Story Points
Actions

Description

User Report

I was editing https://www.wikidata.org/wiki/Q18028483 . Top right is showing that I was logged in, but turns out that some of my edits were done logged out. This should have never happened. This is a privacy issue.

As a logged in user I don't ever want to silently have edits happening when I get logged out. The interface should give a warning.

All the Wikidata interface logic uses the API. The API offers "assert" to make sure someone is a member of a group ("user" in this case). This could probably be used to solve this.

Acceptance criteria

  • All editing api actions made by the UI should use the assert parameter as described in T124451#2216703 when the page indicates that the user is logged in.
  • If the user gets logged out and the page still shows the user being logged in the user should be displayed the error message returned from the API. This is currently "Assertion that the user is \"$1\" failed."

Notes on assert param:

assert
Verify the user is logged in if set to user, or has the bot user right if bot.

One of the following values: user, bot

assertuser
Verify the current user is the named user.

Type: user name

Details

SubjectRepoBranchLines +/-
Updated wikibase-api JS lib to 3.1.0mediawiki/extensions/Wikibasemaster+1 -1
Updated wikibase-api JS lib to 3.0.2mediawiki/extensions/Wikibasemaster+1 -1
Customize query in gerrit

Related Objects
Search...

Event Timeline

Multichill created this task.Jan 22 2016, 6:38 PM
Multichill raised the priority of this task from to High.
Multichill updated the task description. (Show Details)
Multichill added projects: Wikidata, Privacy, MediaWiki-Core-AuthManager.
Multichill subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 22 2016, 6:38 PM
hoo subscribed.Jan 22 2016, 6:39 PM
Multichill added a comment.Jan 22 2016, 6:42 PM

Related bug (but not the same): T50657

Legoktm subscribed.Jan 22 2016, 6:44 PM

Caused by T124440: Invalidate all users sessions probably, but yeah, adding &assert=user for logged in users sounds like a good idea in general.

Multichill added a comment.Jan 23 2016, 10:03 AM

We're getting complaints at the Administrators' noticeboard, see https://www.wikidata.org/w/index.php?title=Wikidata:Administrators%27_noticeboard&oldid=294817392#Please_hide_my_IP

HakanIST subscribed.Jan 23 2016, 12:18 PM
ZhouZ added a project: WMF-Legal.Apr 18 2016, 5:53 PM
Restricted Application added a subscriber: JEumerus. · View Herald TranscriptApr 18 2016, 5:53 PM
ZhouZ moved this task from Backlog to Assigned on the WMF-Legal board.Apr 18 2016, 7:01 PM
ZhouZ subscribed.
ZhouZ added a comment.Apr 18 2016, 11:25 PM

@Multichill, is this still an on-going issue?

Krinkle subscribed.EditedApr 18 2016, 11:28 PM

The API has an assert parameter that may be useful here. https://www.mediawiki.org/w/api.php / https://www.mediawiki.org/wiki/API:Assert

jayvdb added a project: JavaScript.Apr 19 2016, 2:30 AM
jayvdb subscribed.
In T124451#2216249, @ZhouZ wrote:

@Multichill, is this still an on-going issue?

Ongoing - probably not.

Can occur again - yes.

In the incident that caused this task, wmf ran a script that fixed a security problem, but caused a minor privacy problem in the JavaScript to be a major problem.

I think this should be solved down at the mw.api level , so that every gadget doesnt need to write code to prevent this privacy problem.

Krenair subscribed.Apr 19 2016, 2:57 AM

Should mw.Api always set assert=user if !mw.user.isAnon()?

Multichill added a subscriber: Lydia_Pintscher.Apr 19 2016, 9:46 AM
In T124451#2216703, @Krenair wrote:

Should mw.Api always set assert=user if !mw.user.isAnon()?

I'm missing a bit of context here. All the editing on Wikidata is done with javascript that talks with the api. Somewhere between me (the user clicking around) and the api assert should be set so if I get logged out for some reason, it doesn't edit, but return a warning. @Lydia_Pintscher can you put this in the right wikibase-* queue?

Lydia_Pintscher added a subscriber: adrianheine.Apr 19 2016, 2:27 PM

@adrianheine Could you have a look?

Restricted Application added a subscriber: TerraCodes. · View Herald TranscriptApr 19 2016, 2:27 PM
Krinkle unsubscribed.Apr 21 2016, 8:53 PM
adrianheine added a project: MediaWiki-extensions-WikibaseRepository.Jul 28 2016, 8:12 AM
adrianheine added a subscriber: thiemowmde.
Addshore added a project: Wikidata-Campsite.Nov 3 2018, 2:36 PM
Addshore subscribed.
In T124451#2216703, @Krenair wrote:

Should mw.Api always set assert=user if !mw.user.isAnon()?

That sounds like a good idea.....

Addshore renamed this task from Don't add claims if a logged in user gets logged out to Don't make edits if a logged in user gets logged out.Nov 3 2018, 2:37 PM
Addshore updated the task description. (Show Details)
Addshore moved this task from incoming to consider for next sprint on the Wikidata board.
Addshore moved this task from Incoming to Ready to estimate on the Wikidata-Campsite board.
Addshore updated the task description. (Show Details)Nov 6 2018, 2:09 PM
Addshore updated the task description. (Show Details)
Addshore updated the task description. (Show Details)
Addshore updated the task description. (Show Details)Nov 6 2018, 2:11 PM
Addshore set the point value for this task to 5.Nov 6 2018, 2:14 PM
Addshore moved this task from Ready to estimate to Wikidata-Campsite-Iteration-∞ (On Hold) on the Wikidata-Campsite board.
Addshore edited projects, added Wikidata-Campsite (Wikidata-Campsite-Iteration-∞ (On Hold)); removed Wikidata-Campsite.
Tarrow claimed this task.Nov 6 2018, 5:20 PM
Tarrow moved this task from To Do (prioritised from top to bottom) to Doing on the Wikidata-Campsite (Wikidata-Campsite-Iteration-∞ (On Hold)) board.
Lucas_Werkmeister_WMDE subscribed.Nov 6 2018, 5:39 PM
In T124451#2216703, @Krenair wrote:

Should mw.Api always set assert=user if !mw.user.isAnon()?

Or even assertuser=${mw.user.getName()} in that case.

gerritbot subscribed.Nov 8 2018, 10:06 AM

Change 472399 had a related patch set uploaded (by Tarrow; owner: Tarrow):
[wikibase/javascript-api@master] Assert user is still logged in when doing api post

https://gerrit.wikimedia.org/r/472399

gerritbot added a project: Patch-For-Review.Nov 8 2018, 10:06 AM
Tarrow added a comment.Nov 8 2018, 11:36 AM

Looks like changes to just javascript API's post weren't sufficient to catch some edits made to Lexemes:

e.g. Adding a representation to a form

Lucas_Werkmeister_WMDE added a comment.Nov 8 2018, 12:09 PM

Oh, yeah, looks like in WikibaseLexeme we use mw.Api directly, not Wikibase’ wrapper :/

gerritbot added a comment.Nov 8 2018, 1:15 PM

Change 472440 had a related patch set uploaded (by WMDE-leszek; owner: WMDE-leszek):
[mediawiki/extensions/Wikibase@master] Updated wikibase-api JS lib to 3.0.2

https://gerrit.wikimedia.org/r/472440

gerritbot added a comment.Nov 8 2018, 2:44 PM

Change 472440 merged by jenkins-bot:
[mediawiki/extensions/Wikibase@master] Updated wikibase-api JS lib to 3.0.2

https://gerrit.wikimedia.org/r/472440

ReleaseTaggerBot added a project: MW-1.33-notes (1.33.0-wmf.4; 2018-11-13).Nov 8 2018, 3:00 PM
Lydia_Pintscher closed subtask T209040: Make needed changes to javascript-api to assert user on edit as Resolved.Nov 9 2018, 2:11 PM
gerritbot added a comment.Nov 13 2018, 9:47 AM

Change 473169 had a related patch set uploaded (by Tarrow; owner: Tarrow):
[mediawiki/extensions/Wikibase@master] Updated wikibase-api JS lib to 3.1.0

https://gerrit.wikimedia.org/r/473169

Tarrow moved this task from Doing to Peer Review on the Wikidata-Campsite (Wikidata-Campsite-Iteration-∞ (On Hold)) board.Nov 13 2018, 9:49 AM
gerritbot added a comment.Nov 13 2018, 11:12 AM

Change 473169 merged by jenkins-bot:
[mediawiki/extensions/Wikibase@master] Updated wikibase-api JS lib to 3.1.0

https://gerrit.wikimedia.org/r/473169

Addshore moved this task from consider for next sprint to in progress on the Wikidata board.Nov 13 2018, 3:32 PM
Addshore closed subtask T209039: Update Wikibase Submodule to Include the required javascript api changes as Resolved.Nov 14 2018, 12:14 PM
Lucas_Werkmeister_WMDE moved this task from Peer Review to Test (Verification) on the Wikidata-Campsite (Wikidata-Campsite-Iteration-∞ (On Hold)) board.Nov 14 2018, 1:35 PM
Addshore closed this task as Resolved.Nov 14 2018, 4:22 PM
Addshore moved this task from Test (Verification) to Done on the Wikidata-Campsite (Wikidata-Campsite-Iteration-∞ (On Hold)) board.

Screenshot of what it looks like:

image.png (372×1 px, 63 KB)

I checked:

item terms
item statement
item sitelink
lexeme lemma
lexeme statement
form
sense

I checked MediaInfo too, and this is not done there, but I will file a ticket for that

Addshore mentioned this in T209043: Make changes to Lexeme to not make edits if a logged in user gets logged out.Nov 14 2018, 4:22 PM
Addshore closed subtask T209043: Make changes to Lexeme to not make edits if a logged in user gets logged out as Resolved.
Addshore mentioned this in T209501: MediaInfo extension should not allow edits if user gets logged out whilst editing the page.
Lucas_Werkmeister_WMDE mentioned this in T217774: Structured Discussions exposes user’s IP address if logged out in other browser window/tab.Mar 6 2019, 2:57 PM
sbassett moved this task from Intake to Done on the Privacy board.Oct 16 2019, 5:41 PM
sbassett removed a project: Patch-For-Review.Oct 16 2019, 5:44 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL