Page MenuHomePhabricator
Create Task
Maniphest T154615

Protection does not function on newsletters
Closed, ResolvedPublic
Actions

Description

If a newsletter is protected, and someone who has the ability to manage newsletters but cannot edit through the protection tries edit it, they can still make changes, which are then sumbitted without creating a new revision in the history.

Details

SubjectRepoBranchLines +/-
Fix error handling and abuse filter integration during editmediawiki/extensions/Newslettermaster+77 -68
Fix error handling and abuse filter integration during editmediawiki/extensions/Newslettermaster+42 -48
Customize query in gerrit

Event Timeline

Pppery created this task.Jan 4 2017, 9:39 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 4 2017, 9:39 PM
Pppery added a parent task: T138462: Convert Newsletter to use ContentHandler.Jan 4 2017, 10:11 PM
QuimGil triaged this task as Low priority.Sep 7 2017, 7:47 PM
QuimGil moved this task from Backlog to Needs discussion on the MediaWiki-extensions-Newsletter board.
QuimGil subscribed.

I wonder whether this problem can still be reproduced.

About the use case itself, the basic way to protect a user from making changes to a newsletter is not to allow them to have the publisher role. Trying to protect a newsletter from their publishers seems a wrong approach by design.

Or am I misunderstanding something?

Pppery added a comment.Sep 9 2017, 10:40 PM

The solution in that case is to make it impossible to protect newsletters in the first place, whereas it currently is possible to protect them, without effect.

Pppery removed a parent task: T138462: Convert Newsletter to use ContentHandler.Jul 19 2018, 1:22 PM
gerritbot subscribed.Sep 19 2018, 2:54 PM

Change 371743 had a related patch set uploaded (by Pppery; owner: Brian Wolff):
[mediawiki/extensions/Newsletter@master] Fix error handling and abuse filter integration during edit

https://gerrit.wikimedia.org/r/371743

gerritbot added a project: Patch-For-Review.Sep 19 2018, 2:54 PM
Pppery edited projects, added Patch-Needs-Improvement; removed Patch-For-Review.Mar 23 2023, 12:46 AM

Still an issue, and still plan to work on this someday if no one else does so.

gerritbot added a comment.Mar 25 2023, 9:24 PM

Change 446642 had a related patch set uploaded (by Pppery; author: Pppery):

[mediawiki/extensions/Newsletter@master] Fix error handling and abuse filter integration during edit

https://gerrit.wikimedia.org/r/446642

gerritbot added a project: Patch-For-Review.Mar 25 2023, 9:24 PM
Restricted Application removed a project: Patch-Needs-Improvement. · View Herald TranscriptMar 25 2023, 9:24 PM
Pppery claimed this task.Mar 25 2023, 9:27 PM
gerritbot added a comment.Jun 24 2023, 5:58 PM

Change 446642 merged by jenkins-bot:

[mediawiki/extensions/Newsletter@master] Fix error handling and abuse filter integration during edit

https://gerrit.wikimedia.org/r/446642

Pppery closed this task as Resolved.Jun 24 2023, 6:18 PM
gerritbot added a comment.Jun 24 2023, 7:00 PM

Change 371743 abandoned by Majavah:

[mediawiki/extensions/Newsletter@master] Fix error handling and abuse filter integration during edit

Reason:

https://gerrit.wikimedia.org/r/371743

Pppery removed a project: Patch-For-Review.Jun 24 2023, 7:01 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL