Page MenuHomePhabricator
Create Task
Maniphest T150807

Add 'interface-editors' to the list of users who can enable OATHAuth on WMF wikis
Closed, ResolvedPublic
Actions

Description

Those holding 'interface-editor' rights have access to the sensitive 'editinterface' permission among others which allows to edit the site MediaWiki files. They should be allowed to turn on OATHAuth.

Details

Related Gerrit Patches:
operations/mediawiki-config : masterAllow 'interface-editor' & 'engineer' users to use OATHAuth

Related Objects

Event Timeline

Restricted Application added subscribers: JEumerus, Matanya, Aklapper. · View Herald TranscriptNov 15 2016, 10:05 PM
gerritbot added a subscriber: gerritbot.Nov 15 2016, 10:20 PM

Change 321797 had a related patch set uploaded (by MarcoAurelio):
Allow 'interface-editor' users to use OATHAuth

https://gerrit.wikimedia.org/r/321797

MarcoAurelio triaged this task as Lowest priority.Nov 15 2016, 10:29 PM
MarcoAurelio raised the priority of this task from Lowest to Needs Triage.
MarcoAurelio moved this task from Backlog / Other to Patch pending review on the Security board.
MarcoAurelio moved this task from Backlog to Working on on the Wikimedia-Site-requests board.
MarcoAurelio removed MarcoAurelio as the assignee of this task.Nov 15 2016, 10:32 PM

Not much avalaible these days for SWAT windows.

Legoktm triaged this task as High priority.Nov 15 2016, 10:33 PM
Restricted Application added a subscriber: Dereckson. · View Herald TranscriptNov 15 2016, 10:33 PM
Dereckson claimed this task.Nov 15 2016, 10:41 PM

I'll take care to schedule this at the next SWAT window.

MarcoAurelio added a comment.Nov 15 2016, 10:51 PM

Thank you @Dereckson but I think I'll be able to do the next SWAT window in an hour or so. I'll try, at least. If I'm not around, I ask to deploy the change nonetheless.

gerritbot added a comment.Nov 16 2016, 12:08 AM

Change 321797 merged by jenkins-bot:
Allow 'interface-editor' & 'engineer' users to use OATHAuth

https://gerrit.wikimedia.org/r/321797

Stashbot added a subscriber: Stashbot.Nov 16 2016, 12:25 AM

Mentioned in SAL (#wikimedia-operations) [2016-11-16T00:25:05Z] <dereckson@tin> Synchronized wmf-config/CommonSettings.php: Allow interface-editor & engineer users to use OATHAuth (T150807) (duration: 00m 59s)

Arseny1992 closed this task as Resolved.Nov 16 2016, 3:39 PM
Arseny1992 moved this task from To deploy to Done on the Wikimedia-Site-requests board.
sbassett moved this task from Incoming to Done on the Security-Team board.Jun 11 2019, 6:34 PM
Restricted Application added a project: User-MarcoAurelio. · View Herald TranscriptJun 11 2019, 6:34 PM
MarcoAurelio moved this task from cabinet to ready on the User-MarcoAurelio board.Jul 4 2019, 11:02 PM
MarcoAurelio moved this task from ready to cabinet on the User-MarcoAurelio board.
MarcoAurelio removed a project: Patch-For-Review.
sbassett moved this task from Patch pending review to Done on the Security board.Sep 26 2019, 2:43 PM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL