Page MenuHomePhabricator

AbuseFilter should use the same account name on all WMF projects
Open, Needs TriagePublic

Description

Currently the account name that the AbuseFilter operates between the projects is defined at int:abusefilter-blocker and varies from project to project. This is a bit of a nightmare to track and as far as I know there are no precedents that a system account uses a different name on each project. For example: global rename uses "Global rename script", translation notifications use "Translation notification bot", massmessage use "MediaWiki message delivery", and so on.

However, AbuseFilter on English wikis use the "Abuse filter" name, on Spanish wikis "Filtro antiabusos" and so on. Moreover, it seems that if locals do modify "MediaWiki:Abusefilter-blocker" they can change the account name and have the extension operate under a different username.

Wouldn't it be more transparent and easy to have just one account name that the AbuseFilter extension used to perform its restricted actions on wikis where this is allowed? Wouldn't it be more transparent and easier to manage, instead of having to look at dozens of localized usernames?

Hence, I propose that rEABF uses "Abuse filter" as username irrespective of the project language as it happens with every other system account/maintenance script.

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 16 2017, 5:24 PM

I think this could be slightly different from other maintenance accounts: AF account can perform lots of action: for instance block, unblock, degroup, re-group, blockautopromote and unblockautopromote (although these last two aren't logged). This means that, on wikis where local config allows such actions, the account can often be found in several logs, and it's nicer for it to have a localised name.

Xiplus added a subscriber: Xiplus.Dec 19 2018, 7:08 AM
Meno25 added a subscriber: Meno25.Dec 26 2018, 6:22 AM

Change 481549 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/extensions/AbuseFilter@master] Move the AbuseFilter user name to a global, improve it

https://gerrit.wikimedia.org/r/481549

Daimona claimed this task.Dec 29 2018, 6:05 PM
Jony added a subscriber: Jony.Jan 1 2019, 2:37 PM
Vermont added a subscriber: Vermont.Jan 3 2019, 3:07 PM
Marc added a subscriber: Marc.EditedJan 7 2019, 6:41 PM

Imho, it's not "nicer for it to have a localised name", it's highly obfuscating.

There is a sysop named "Filter" on nl.wiki now. I tried to figure out why it even exists; not attached to the global account "Filter" (a Hebrew speaking person), nothing to do with (for SUL reasons!) renamed accounts. And trying to figure out why it has a sysop flag; nobody granted the flag (not locally, not on meta), so it may be a bug? or maybe worse, a hack? No, it turns out to be a design decision...

I see the need for this kind of scripts to "have an account", as they perform actions usually performed by a user or bot (ranging from message delivery to blocking users), and those actions should be visible and trackable as easily as any user's actions. But I don't get why these "accounts" should be dressed up like they are actual accounts. On the contrary: any "account" used by a script that is embedded in the WM software or an extension should have an internationally recognizable name, and automatically be flagged as an embedded script (on the user-end maybe even having a prefix like "WMScript:" or "Extension account:" instead of "User:"), to distinguish them from actual users and bots (operating from the outside!). For anyone targeted by a script, certainly in case it affects their account like renames and blocks, it should be immediately clear that it was performed by a mechanism embedded in the site's software, by technical design. Any "nice" dress-up making it appear like a human (or a human-driven bot) puts unnecessary strain on the community, having to defend itself against those actions. The increasing use of common resources (Wikidata) also increases the need for a single name internationally.

With kind regards, Mar(c).

P.S. If a localised name is desired by some communities (I imagine languages using non-latin scripts), the int:abusefilter-blocker value can be used to be put in the logs as an alias/redirect to the actual "account".

@Marc In fact, there's a patch under review to use the same account on every wiki. These accounts look like normal accounts because we don't have a proper way to distinguish them. For this, there's T212720, which in turn has a patch under review which adds a "system user" group to help identifying such users both front-end and back-end. IMHO this should be enough to distinguish them from normal user. After all, there aren't many system user.

Marc added a comment.Jan 7 2019, 10:28 PM

Okay, that sounds good. I read a few tickets but apparently missed the latest developments. Thanks!

Change 481549 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/extensions/AbuseFilter@master] Move the AbuseFilter user name to a global, improve it

https://gerrit.wikimedia.org/r/481549