Page MenuHomePhabricator
Create Task
Maniphest T132834

[Content Service] Semi-protected page cannot be edited in Wikipedia App ("you don't have permissions to edit" popup)
Closed, ResolvedPublic3 Estimated Story Points
Actions

Assigned To
bearND
Authored By
Ibrahim.ID
Apr 16 2016, 1:45 AM
Tags
Referenced Files
F4601925: 2.4.158-alpha-2016-10-13 on Samsung Galaxy SIII (Android 4.4.2).png
Oct 14 2016, 2:30 AM
Subscribers
Aklapper
alaa
Amire80
Dbrant
Deskana
ElComandante
Florian
View All 24 Subscribers
Tokens
"Cookie" token, awarded by RandomDSdevel.

Description

if any page semi-protected (for confirm users), autopatrolled or editors users can't edit page. popup message say (you don't have permissions to edit this page), please solve it.

Details

SubjectRepoBranchLines +/-
Check user group memberships on protected pagesapps/android/wikipediamaster+15 -1
Retrieve group membership info when logging inapps/android/wikipediamaster+253 -22
Retrofit LoginTaskapps/android/wikipediamaster+316 -161
Hygiene: Decouple user mgmt from app and storageapps/android/wikipediamaster+122 -50
Customize query in gerrit

Related Objects

Event Timeline

Ibrahim.ID created this task.Apr 16 2016, 1:45 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 16 2016, 1:45 AM
Ibrahim.ID triaged this task as High priority.Apr 16 2016, 1:46 AM
Krenair subscribed.Apr 16 2016, 2:27 AM
Aklapper renamed this task from protected pages issue in Wikipedia App to Semi-protected page cannot be edited in Wikipedia App ("you don't have permissions to edit" popup).Apr 16 2016, 3:49 PM
Dbrant moved this task from Needs Triage to Bug Backlog on the Wikipedia-Android-App-Backlog board.Apr 20 2016, 7:42 PM
Urbanecm mentioned this in T123767: System do not notice user that he is trying to edit semiprotected page.Apr 26 2016, 6:53 PM
Urbanecm subscribed.
Urbanecm added a comment.Apr 26 2016, 6:55 PM

I confirm this issue on lastest version at cswiki. I tried to edit semiprotected page with sysop account, it wasn't possible. Please fix it soon.

Dbrant added a project: Mobile-Content-Service.May 13 2016, 6:29 PM
MBinder_WMF set the point value for this task to 1.May 18 2016, 7:21 PM
Niedzielski subscribed.May 19 2016, 4:06 PM
Niedzielski renamed this task from Semi-protected page cannot be edited in Wikipedia App ("you don't have permissions to edit" popup) to [Content Service] Semi-protected page cannot be edited in Wikipedia App ("you don't have permissions to edit" popup).May 19 2016, 4:09 PM

I think this is Content Service specific so I updated the title.

bearND moved this task from Incoming to Backlog on the Mobile-Content-Service board.Jul 1 2016, 7:53 PM
bearND added a project: Mobile-App-Android-Sprint-90-Thorium.Aug 19 2016, 6:31 PM
bearND claimed this task.Aug 31 2016, 6:40 AM
bearND moved this task from To Do to Doing on the Mobile-App-Android-Sprint-90-Thorium board.
bearND changed the point value for this task from 1 to 3.Sep 2 2016, 5:26 PM
Dbrant added a project: Mobile-App-Android-Sprint-91-Protactinium.Sep 12 2016, 3:19 PM
Dbrant moved this task from To Do to Doing on the Mobile-App-Android-Sprint-91-Protactinium board.Sep 12 2016, 3:19 PM
Dbrant merged a task: T127043: Can't edit a page in frwiki (whilte it's possible on desktop).Sep 12 2016, 11:39 PM
Dbrant added subscribers: Florian, Dbrant, ElComandante, StudiesWorld.
MBinder_WMF added a project: Mobile-App-Android-Sprint-92-Uranium.Sep 23 2016, 6:07 PM
bearND moved this task from To Do to Doing on the Mobile-App-Android-Sprint-92-Uranium board.Sep 23 2016, 6:14 PM
gerritbot subscribed.Sep 27 2016, 4:06 PM

Change 313032 had a related patch set uploaded (by BearND):
Check user group memberships on protected pages

https://gerrit.wikimedia.org/r/313032

gerritbot added a project: Patch-For-Review.Sep 27 2016, 4:06 PM
bearND moved this task from Doing to Code Review on the Mobile-App-Android-Sprint-92-Uranium board.Sep 27 2016, 4:38 PM
Mholloway subscribed.Sep 29 2016, 4:09 PM

@bearND Could you please add a little discussion here about what's actually going wrong (e.g., is this indeed specific to MCS, and if so, how?) and the approach you've taken to fix it? It's hard to evaluate https://gerrit.wikimedia.org/r/#/c/313031 and https://gerrit.wikimedia.org/r/#/c/313032 without a little more background. (For instance, why would the protection/editable metadata from the Action API be good enough for one loading strategy but not the other?)

bearND added a project: Regression.Sep 30 2016, 5:30 PM

Marked it with Regression tag to better track changes other clients of MCS need to be aware of when transitioning from mobileview action to MCS.

bearND added a comment.Sep 30 2016, 5:36 PM

@Mholloway The problem is that with the highly cached responses we get from RESTBase the app doesn't get any user specific responses anymore. In the case of a semi-protected page, it would return false, no matter as what user one is logged in when the page is requested because it retrieves and stores the content in RB without any user logged in.
Instead of taking that as the truth we could consider the value of "editable" in the lead response to be "editable for anonymous users". To be able to do that we need to retrieve the group membership information for a logged in user first. Then for pages which have editable set to false we can check group memberships to see if any group a user belongs to is allowed to edit that page.

(In contrast to that, the action=mobileview api response is specific to a user. So, the editable field there would be true if the user has permission to edit the page.)

Mholloway added a comment.Oct 3 2016, 2:21 PM

@bearND Thanks, that makes sense. Looking again at the patches now.

gerritbot added a comment.Oct 3 2016, 4:09 PM

Change 311182 had a related patch set uploaded (by BearND):
Retrofit LoginTask

https://gerrit.wikimedia.org/r/311182

gerritbot added a comment.Oct 3 2016, 4:09 PM

Change 310220 had a related patch set uploaded (by BearND):
Hygiene: Decouple user mgmt from app and storage

https://gerrit.wikimedia.org/r/310220

gerritbot added a comment.Oct 3 2016, 4:09 PM

Change 313031 had a related patch set uploaded (by BearND):
Retrieve group membership info when logging in

https://gerrit.wikimedia.org/r/313031

gerritbot added a comment.Oct 3 2016, 4:17 PM

Change 310220 merged by jenkins-bot:
Hygiene: Decouple user mgmt from app and storage

https://gerrit.wikimedia.org/r/310220

gerritbot added a comment.Oct 3 2016, 4:17 PM

Change 311182 merged by jenkins-bot:
Retrofit LoginTask

https://gerrit.wikimedia.org/r/311182

bearND moved this task from Backlog to Tracking on the Mobile-Content-Service board.Oct 3 2016, 9:00 PM
Mholloway merged a task: T85528: autoconfirmed users unable to edit semiprotected page via mobile.Oct 5 2016, 2:51 PM
Mholloway added subscribers: jeremyb-phone, TerraCodes, Luke081515 and 7 others.
MBinder_WMF added a project: Android-app-Bugs.Oct 6 2016, 11:20 PM
Dbrant added a project: Mobile-App-Android-Sprint-93-Neptunium.Oct 11 2016, 2:14 PM
Dbrant moved this task from To Do to Code Review on the Mobile-App-Android-Sprint-93-Neptunium board.Oct 11 2016, 2:15 PM
gerritbot added a comment.Oct 12 2016, 10:45 PM

Change 313031 merged by jenkins-bot:
Retrieve group membership info when logging in

https://gerrit.wikimedia.org/r/313031

gerritbot added a comment.Oct 12 2016, 10:46 PM

Change 313032 merged by jenkins-bot:
Check user group memberships on protected pages

https://gerrit.wikimedia.org/r/313032

Mholloway moved this task from Code Review to QA Signoff on the Mobile-App-Android-Sprint-93-Neptunium board.Oct 13 2016, 2:03 PM
Matanya added a project: User-notice.Oct 13 2016, 9:49 PM
Nicholas.tsg subscribed.EditedOct 14 2016, 2:30 AM

Testing on Wikipedia build 2.4.158-alpha-2016-10-13 on Samsung Galaxy SIII (Android 4.4.2). I attached below what I see when I'm not allowed to edit a page. If there's any further testing I should do such as checking another article please let me know. It looks fixed to me.

2.4.158-alpha-2016-10-13 on Samsung Galaxy SIII (Android 4.4.2).png (1×720 px, 407 KB)

Nicholas.tsg moved this task from QA Signoff to Ready for Signoff on the Mobile-App-Android-Sprint-93-Neptunium board.Oct 14 2016, 2:32 AM
Mholloway added a comment.Oct 14 2016, 1:24 PM

Hi @Nicholas.tsg. Do you or someone there have a Wikipedia user account that has made five or more edits and has been around at least a couple of weeks?

The issue in this task is that users with accounts that meet minimum criteria should be able to edit "semi-protected" pages. Barack Obama on English Wikipedia is one example.

Before this patch, the app was not allowing logged in users with such accounts to edit semi-protected pages. This patch is to ensure they have the correct editing rights.

So, steps to QA:

  1. Log in with a well-established account (feel free to ask here or on IRC if you're not sure if the account you use meets the minimums)
  2. Go to the Barack Obama article on English Wikipedia
  3. Ensure the following:
    • The edit pencil buttons do not show a lock symbol
    • When you click an edit button, the editing activity is launched rather than the "This page is protected" dialog

Sorry this wasn't clear before. Please recheck this one and update here. Thank you!

Mholloway moved this task from Ready for Signoff to QA Signoff on the Mobile-App-Android-Sprint-93-Neptunium board.Oct 14 2016, 1:25 PM
Johan subscribed.EditedOct 14 2016, 4:40 PM

It's working for me in 2.4.158-beta-2016-10-13 for Android where I could open the edit view for w:en:Barack Obama (as opposed to earlier, when I couldn't even edit a semi-protected page on a language version where I'm an admin). Also tested saving an edit on a semi-protected page (w:sv:Barack Obama) which worked fine.

Johan moved this task from To Triage to In current Tech/News draft on the User-notice board.Oct 14 2016, 5:15 PM
Liuxinyu970226 subscribed.Oct 14 2016, 10:35 PM
Mholloway added a comment.Oct 17 2016, 3:24 PM

This has been well tested by the dev team and others (thanks for the report, @Johan!) so let's consider it ready for signoff.

Mholloway moved this task from QA Signoff to Ready for Signoff on the Mobile-App-Android-Sprint-93-Neptunium board.Oct 17 2016, 3:25 PM
Dbrant moved this task from Ready for Signoff to Done on the Mobile-App-Android-Sprint-93-Neptunium board.Oct 17 2016, 6:07 PM
RandomDSdevel awarded a token.Oct 20 2016, 12:52 AM
Johan moved this task from In current Tech/News draft to Recently announced in Tech/News on the User-notice board.Oct 20 2016, 12:21 PM
Dbrant closed this task as Resolved.Oct 20 2016, 7:34 PM
Liuxinyu970226 unsubscribed.Oct 22 2016, 12:25 AM
Johan moved this task from Recently announced in Tech/News to Already announced/Archive on the User-notice board.Nov 10 2016, 9:17 AM
Urbanecm added a comment.Nov 10 2016, 9:48 AM

Thanks a lot! When it'll be merged to non-beta version?

Urbanecm added a comment.Nov 10 2016, 9:49 AM

Ignore my question, it already was merged. So thanks anyway!

Ladsgroup edited projects, added User-notice-archive; removed User-notice.Aug 13 2022, 1:53 PM
Restricted Application added a project: Product-Infrastructure-Team-Backlog-Deprecated. · View Herald TranscriptAug 13 2022, 1:53 PM
Restricted Application added a subscriber: alaa. · View Herald Transcript
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL