Page MenuHomePhabricator
Create Task
Maniphest T170823

Create a Web interface to drop a dataset
Closed, ResolvedPublic
Actions

Description

It should perform the following steps:

  1. show the list of datasets that can be dropped by the current data provider (through the user name), see T170819;
  2. fire the appropriate deletion request, see T170684.

Related Objects
Search...

Event Timeline

Hjfocs created this task.Jul 17 2017, 2:20 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 17 2017, 2:20 PM
Hjfocs added a parent task: T170821: Create a Web interface for data providers.Jul 17 2017, 2:20 PM
Lydia_Pintscher added a project: Wikidata.Aug 25 2017, 11:56 AM
Restricted Application added a subscriber: jeblad. · View Herald TranscriptAug 25 2017, 11:56 AM
jeblad unsubscribed.Aug 25 2017, 9:33 PM
Lydia_Pintscher moved this task from incoming to monitoring on the Wikidata board.Dec 22 2017, 3:40 PM
Kiailandi claimed this task.Mar 13 2018, 2:43 PM
Kiailandi moved this task from To do to Doing on the Wikidata-primary-sources board.
Kiailandi added a comment.EditedMar 13 2018, 4:36 PM

Right now the CREATE, UPDATE and DELETE endpoints do not have user authentication and the only "layer of security" is client side.

This means that by following the standard user workflow only logged in users can access data manipulation pages and can edit their datasets or update new ones, but technically anyone can access any dataset by doing requests directly to the endpoints.

Considering that creating new datasets is possible for any user anyway and that to update a dataset you need to provide well structured and valid data we can accept that, but given the far worse consequences of an ill intentioned DELETE we will close the DELETE endpoint for the time being, until a proper server-side authentication system will be implemented.

Kiailandi moved this task from Doing to Done on the Wikidata-primary-sources board.Mar 13 2018, 4:39 PM
Kiailandi closed this task as Resolved.Mar 20 2018, 2:33 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL