Page MenuHomePhabricator

Don't make edits if a logged in user gets logged out
Closed, ResolvedPublic5 Story Points

Description

User Report

I was editing https://www.wikidata.org/wiki/Q18028483 . Top right is showing that I was logged in, but turns out that some of my edits were done logged out. This should have never happened. This is a privacy issue.

As a logged in user I don't ever want to silently have edits happening when I get logged out. The interface should give a warning.

All the Wikidata interface logic uses the API. The API offers "assert" to make sure someone is a member of a group ("user" in this case). This could probably be used to solve this.

Acceptance criteria

  • All editing api actions made by the UI should use the assert parameter as described in T124451#2216703 when the page indicates that the user is logged in.
  • If the user gets logged out and the page still shows the user being logged in the user should be displayed the error message returned from the API. This is currently "Assertion that the user is \"$1\" failed."

Notes on assert param:

assert
Verify the user is logged in if set to user, or has the bot user right if bot.

One of the following values: user, bot

assertuser
Verify the current user is the named user.

Type: user name

Details

Related Gerrit Patches:
mediawiki/extensions/Wikibase : masterUpdated wikibase-api JS lib to 3.1.0
mediawiki/extensions/Wikibase : masterUpdated wikibase-api JS lib to 3.0.2

Event Timeline

Multichill raised the priority of this task from to High.
Multichill updated the task description. (Show Details)
Multichill added a subscriber: Multichill.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 22 2016, 6:38 PM
hoo added a subscriber: hoo.Jan 22 2016, 6:39 PM

Related bug (but not the same): T50657

Caused by T124440: Invalidate all users sessions probably, but yeah, adding &assert=user for logged in users sounds like a good idea in general.

Restricted Application added a subscriber: JEumerus. · View Herald TranscriptApr 18 2016, 5:53 PM
ZhouZ moved this task from Backlog to Assigned on the WMF-Legal board.Apr 18 2016, 7:01 PM
ZhouZ added a subscriber: ZhouZ.

@Multichill, is this still an on-going issue?

Krinkle added a subscriber: Krinkle.EditedApr 18 2016, 11:28 PM

The API has an assert parameter that may be useful here. https://www.mediawiki.org/w/api.php / https://www.mediawiki.org/wiki/API:Assert

jayvdb added a subscriber: jayvdb.

@Multichill, is this still an on-going issue?

Ongoing - probably not.

Can occur again - yes.

In the incident that caused this task, wmf ran a script that fixed a security problem, but caused a minor privacy problem in the JavaScript to be a major problem.

I think this should be solved down at the mw.api level , so that every gadget doesnt need to write code to prevent this privacy problem.

Should mw.Api always set assert=user if !mw.user.isAnon()?

Should mw.Api always set assert=user if !mw.user.isAnon()?

I'm missing a bit of context here. All the editing on Wikidata is done with javascript that talks with the api. Somewhere between me (the user clicking around) and the api assert should be set so if I get logged out for some reason, it doesn't edit, but return a warning. @Lydia_Pintscher can you put this in the right wikibase-* queue?

Restricted Application added a subscriber: TerraCodes. · View Herald TranscriptApr 19 2016, 2:27 PM
Krinkle removed a subscriber: Krinkle.Apr 21 2016, 8:53 PM
Addshore added a subscriber: Addshore.

Should mw.Api always set assert=user if !mw.user.isAnon()?

That sounds like a good idea.....

Addshore renamed this task from Don't add claims if a logged in user gets logged out to Don't make edits if a logged in user gets logged out.Nov 3 2018, 2:37 PM
Addshore updated the task description. (Show Details)
Addshore moved this task from incoming to consider for next sprint on the Wikidata board.
Addshore moved this task from Incoming to Ready to estimate on the Wikidata-Campsite board.
Addshore updated the task description. (Show Details)Nov 6 2018, 2:09 PM
Addshore updated the task description. (Show Details)
Addshore updated the task description. (Show Details)
Addshore updated the task description. (Show Details)Nov 6 2018, 2:11 PM

Should mw.Api always set assert=user if !mw.user.isAnon()?

Or even assertuser=${mw.user.getName()} in that case.

Change 472399 had a related patch set uploaded (by Tarrow; owner: Tarrow):
[wikibase/javascript-api@master] Assert user is still logged in when doing api post

https://gerrit.wikimedia.org/r/472399

Looks like changes to just javascript API's post weren't sufficient to catch some edits made to Lexemes:

e.g. Adding a representation to a form

Oh, yeah, looks like in WikibaseLexeme we use mw.Api directly, not Wikibase’ wrapper :/

Change 472440 had a related patch set uploaded (by WMDE-leszek; owner: WMDE-leszek):
[mediawiki/extensions/Wikibase@master] Updated wikibase-api JS lib to 3.0.2

https://gerrit.wikimedia.org/r/472440

Change 472440 merged by jenkins-bot:
[mediawiki/extensions/Wikibase@master] Updated wikibase-api JS lib to 3.0.2

https://gerrit.wikimedia.org/r/472440

Change 473169 had a related patch set uploaded (by Tarrow; owner: Tarrow):
[mediawiki/extensions/Wikibase@master] Updated wikibase-api JS lib to 3.1.0

https://gerrit.wikimedia.org/r/473169

Change 473169 merged by jenkins-bot:
[mediawiki/extensions/Wikibase@master] Updated wikibase-api JS lib to 3.1.0

https://gerrit.wikimedia.org/r/473169

Addshore closed this task as Resolved.Nov 14 2018, 4:22 PM

Screenshot of what it looks like:

I checked:

item terms
item statement
item sitelink
lexeme lemma
lexeme statement
form
sense

I checked MediaInfo too, and this is not done there, but I will file a ticket for that

sbassett moved this task from Backlog to Done on the Privacy board.Wed, Oct 16, 5:41 PM