Page MenuHomePhabricator
Create Task
Maniphest T146425

If Flow is replacing an existing page, Special:EnableFlow does not attribute the creation
Closed, ResolvedPublic
Actions

Description

If you create a Flow board at an unused location, Special:EnableFlow attributes it as you'd expect (the board is created by creating a description, that description is attributed to the real user).

However, if you create it where a page already exists:

  1. The page is archived.
  2. It is converted from the archived location to the Flow board (using the Converter infrastructure).
  3. It is attributed to 'Flow talk page manager'.

It should be possible to attribute it to the real user. The only groups FTPM has are 'bot' (not really relevant, since this doesn't need to be marked as a bot edit) and 'flow-bot) (which by default only has 'flow-create-board'). To use Special:EnableFlow, you need to have 'flow-create-board' anyway, so it should work out.

This will require refactoring Converter somewhat.

People have been intentionally exploiting this in production, including on high-impact pages.

Details

SubjectRepoBranchLines +/-
SECURITY: Attribute Special:EnableFlow to initiating usermediawiki/extensions/FlowREL1_27+70 -19
SECURITY: Attribute Special:EnableFlow to initiating usermediawiki/extensions/FlowREL1_28+70 -19
SECURITY: Attribute Special:EnableFlow to initiating usermediawiki/extensions/FlowREL1_26+70 -19
SECURITY: Attribute Special:EnableFlow to initiating usermediawiki/extensions/Flowmaster+70 -19
Customize query in gerrit

Related Objects

Event Timeline

Mattflaschen-WMF created this task.Sep 22 2016, 9:39 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 22 2016, 9:39 PM
Mattflaschen-WMF added a project: StructuredDiscussions.Sep 22 2016, 9:40 PM
Mattflaschen-WMF updated the task description. (Show Details)
Mattflaschen-WMF added subscribers: Quiddity, Catrope, Jdforrester-WMF, Legoktm.
Restricted Application added a project: Collaboration-Team-Triage. · View Herald TranscriptSep 22 2016, 9:40 PM
Mattflaschen-WMF added subscribers: SBisson, Mooeypoo, Etonkovidova.Sep 22 2016, 9:42 PM
Mattflaschen-WMF claimed this task.Sep 22 2016, 10:49 PM
Mattflaschen-WMF edited projects, added Collab-Team-Q1-July-Sep-2016; removed Collaboration-Team-Triage.
Mattflaschen-WMF updated the task description. (Show Details)Sep 23 2016, 12:23 AM
Mattflaschen-WMF added a subscriber: greg.Sep 23 2016, 12:27 AM
Mattflaschen-WMF added a comment.Sep 23 2016, 1:23 AM

T146425.patch13 KBDownload

Mattflaschen-WMF triaged this task as High priority.Sep 23 2016, 1:23 AM
Mattflaschen-WMF moved this task from Untriaged to Needs Review on the Collab-Team-Q1-July-Sep-2016 board.
Mattflaschen-WMF added a comment.Sep 23 2016, 1:28 AM

The patch is ready. To test, you can create a normal wikitext talk page, then use Special:EnableFlow to convert it. Both the Flow history and the wikitext history will show the actual initiating user.

Catrope added a comment.Sep 23 2016, 1:36 AM
In T146425#2661136, @Mattflaschen-WMF wrote:

T146425.patch13 KBDownload

Looks good to me. One thing worth testing is if the opt-in beta feature still works for users who don't have move rights.

Mattflaschen-WMF added a comment.Sep 23 2016, 1:48 AM
In T146425#2661161, @Catrope wrote:
In T146425#2661136, @Mattflaschen-WMF wrote:

T146425.patch13 KBDownload

Looks good to me. One thing worth testing is if the opt-in beta feature still works for users who don't have move rights.

Confirmed that it does.

Mattflaschen-WMF added a comment.Sep 23 2016, 1:49 AM

Sorry, there's a minor typo in that patch. PHPLint caught it earlier, and I test the script after I fixed it, but I forgot to commit the fix. Added _v2 to clarify.

T146425_v2.patch13 KBDownload

Anomie awarded a token.Sep 23 2016, 1:40 PM
Mattflaschen-WMF added a comment.Sep 23 2016, 10:05 PM

Deployed

Mattflaschen-WMF added a comment.Sep 23 2016, 10:13 PM

Verified in production.

Mattflaschen-WMF added a comment.Sep 23 2016, 10:25 PM

Are we still posting Flow security patches to Gerrit immediately after deploying?

Catrope added a subscriber: demon.Sep 23 2016, 11:07 PM
In T146425#2663559, @Mattflaschen-WMF wrote:

Are we still posting Flow security patches to Gerrit immediately after deploying?

Not sure if we post immediately or coordinate with security releases. @demon ?

Mattflaschen-WMF mentioned this in T105655: Special:EnableFlow should log usage to Special:Log/contentmodel.Sep 26 2016, 9:46 PM
demon added a comment.Oct 25 2016, 5:48 PM
In T146425#2663657, @Catrope wrote:
In T146425#2663559, @Mattflaschen-WMF wrote:

Are we still posting Flow security patches to Gerrit immediately after deploying?

Not sure if we post immediately or coordinate with security releases. @demon ?

Non-bundled extensions can be announced and released immediately. Go ahead. (sorry I missed this update)

Mattflaschen-WMF added a comment.Jan 20 2017, 10:04 PM

https://gerrit.wikimedia.org/r/#/c/333301/

demon closed this task as Resolved.Jan 20 2017, 10:41 PM
demon changed the visibility from "Custom Policy" to "Public (No Login Required)".
gerritbot subscribed.Jan 23 2017, 12:10 PM

Change 333301 merged by jenkins-bot:
SECURITY: Attribute Special:EnableFlow to initiating user

https://gerrit.wikimedia.org/r/333301

ReleaseTaggerBot added a project: MW-1.29-release (WMF-deploy-2017-01-24_(1.29.0-wmf.9)).Jan 23 2017, 1:00 PM
gerritbot added a comment.Jan 28 2017, 2:38 AM

Change 334744 had a related patch set uploaded (by Mattflaschen):
SECURITY: Attribute Special:EnableFlow to initiating user

https://gerrit.wikimedia.org/r/334744

gerritbot added a project: Patch-For-Review.Jan 28 2017, 2:38 AM
gerritbot added a comment.Jan 28 2017, 2:59 AM

Change 334747 had a related patch set uploaded (by Mattflaschen):
SECURITY: Attribute Special:EnableFlow to initiating user

https://gerrit.wikimedia.org/r/334747

gerritbot added a comment.Jan 28 2017, 3:00 AM

Change 334748 had a related patch set uploaded (by Mattflaschen):
SECURITY: Attribute Special:EnableFlow to initiating user

https://gerrit.wikimedia.org/r/334748

gerritbot added a comment.Feb 6 2017, 7:29 PM

Change 334744 merged by jenkins-bot:
SECURITY: Attribute Special:EnableFlow to initiating user

https://gerrit.wikimedia.org/r/334744

gerritbot added a comment.Feb 6 2017, 7:33 PM

Change 334748 merged by jenkins-bot:
SECURITY: Attribute Special:EnableFlow to initiating user

https://gerrit.wikimedia.org/r/334748

gerritbot added a comment.Feb 17 2017, 10:55 PM

Change 334747 merged by Mattflaschen:
SECURITY: Attribute Special:EnableFlow to initiating user

https://gerrit.wikimedia.org/r/334747

chasemp added a project: Security.Feb 10 2020, 10:55 PM
chasemp removed a project: acl*security.Feb 20 2020, 8:15 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL