Page MenuHomePhabricator

Access to deployment-prep for sau226
Closed, DeclinedPublic

Description

Would it be possible for me to be added to the project deployment-prep? I'm mainly seeking ssh access so I can try and extract spammer IPs if possible and to run https://www.mediawiki.org/wiki/Manual:CleanupSpam.php or spot spam pages in the db so I can nuke them more easily? Is this ok with the people of the project or project admins and if so may I please be added?

Event Timeline

Sau226 created this task.Sep 19 2017, 1:47 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 19 2017, 1:47 PM

I don't think this should be done. The user just arrived 9 days ago and has self-assigned each and every flag on the wikis he's got access to for no real reason (T175555 · CA).

Sau226 triaged this task as Normal priority.Sep 19 2017, 2:15 PM

Fair enough although a second opinion can't hurt.

Sau226 added a comment.EditedSep 19 2017, 2:21 PM

As you have suggested I have too many user rights on wikis for no real reason, I have stripped my rights from wikis where I don't need these rights in the forseeable future. I will however retain my rights on en.wikipedia (see log: https://en.wikipedia.beta.wmflabs.org/wiki/Special:Log/Sau226 ), the deployment wiki (see log here: https://deployment.wikimedia.beta.wmflabs.org/w/index.php?title=Special:Log&offset=&limit=500&type=&user=Sau226&page=&tagfilter=&hide_thanks_log=1&hide_patrol_log=1&hide_tag_log=1 ) and wikinews (see log here: https://en.wikinews.beta.wmflabs.org/wiki/Special:Log/Sau226 ) due to spamming issues. I am also formally disclosing my bot account Sau226BOT (centralauth: https://deployment.wikimedia.beta.wmflabs.org/w/index.php?title=Special%3ACentralAuth&target=Sau226BOT ) which I have used to help me delete some but not all spam. If anyone else has any comments please feel free to speak out and tell us.

I don't think this should be done. The user just arrived 9 days ago and has self-assigned each and every flag on the wikis he's got access to for no real reason (T175555 · CA).

I fully agree with Marco. Don't think this is a good idea (see https://commons.wikimedia.org/wiki/Special:CentralAuth/Sau226).

Sau226 closed this task as Declined.EditedSep 19 2017, 2:33 PM

Community consensus is clear. I accept that I have not had much experience on the live server and hope to try again when I get some. I therefore see no reason to pursue this matter further (for the time being).

Legoktm added a subscriber: Legoktm.EditedSep 19 2017, 5:19 PM

@Sau226 I think you currently don't understand what beta cluster is even for. From a quick glance at deletion logs, pages you're deleting and then salting as spam are most definitely not. I've currently revoked all of your rights.

Sau226 added a comment.EditedSep 20 2017, 8:16 AM

I understand that the beta cluster is for developers to test their code? Do correct me if I'm wrong but I believe that if a user repeatedly creates a page with a nonsense title and nonsense words with a certain link always on there it would be considered spam. Sure these users use different IPs and distribute their spam (I deleted loads of pages with nonsense titles/words on wikinews beta from 2013 with only around 7-8 spam edits per user). These people make many socks using different addresses/proxies. I may have incorrectly tagged multiple deletions as spam when they should have been tagged as advertising. Spammers usually work like this: make account using proxy/vpn, make page with nonsense link, get blocked or continue on for a while then get blocked and then repeat. Advertising and spam can be interlinked and usually do happen when a user makes multiple sock accounts to go and spam a link to their own site or malware. I believe stewards should always take responsibility for their actions and deal with spam/advertising/self-promotion as it comes in. Therefore, I am requesting a review of the pages I deleted (not quick scan of deletion logs, preferably opening a couple at random to get context) to determine if the deletions were advertising, spam, other appropriate reason or a total abuse of rights. I'd expect that at least 1 person can stand up and deal with this problem. If I am not guilty of rights abuse and if stewards are fine with it I'd like at least global-ish bureaucrat/oversight enabled (deployment wiki at least please) or my original rights reinstated. Also no offense or any similar feelings intended towards any user but please don't just think that if a user does not have many important edits/user rights on the live server that every single change made on a beta cluster is bad by default until proven otherwise. It should be the other way around. Sorry in advance if this comment has had a negative impact on you but that is how I honestly feel.

Feel free to look here: https://en.wikipedia.org/wiki/Wikipedia:What_Wikipedia_is_not#Wikipedia_is_not_a_soapbox_or_means_of_promotion for an official enwiki policy barring promotion (advertising) on wiki. Also see point 4 under here: https://en.wikipedia.org/wiki/Wikipedia:Deletion_policy#Reasons_for_deletion . I therefore ask that my page deletions be considered speedy deletions if they are determined by a uninvolved user to have been advertising/ spam or a reason very similar to the above.

@Legoktm @MarcoAurelio @Steinsplitter @Trijnstel Pinging you for your comments on my statement/response

Thanks. Would it be possible for me to have even a subset of my old rights back or is it not possible?

Based on https://en.wikipedia.beta.wmflabs.org/w/index.php?title=Special:Log/block&page=User%3ASelenium+user I think it's clear you don't understand one of the main purposes of the beta cluster. Selenium user is used for our browser test infrastructure (https://www.mediawiki.org/wiki/Browser_testing). Blocking it would cause our browser tests to fail.

While I appreciate your willingness to help, at this time I'm not going to re-grant your rights. If you're interested in getting involved Wikimedia development, I'm sure there are plenty of other ways to contribute.

I understand I did something wrong but on the other hand there is no evidence that is reasonably accessible on wiki that declares the user as a user for testing. I understand the purpose of the cluster is for developers to test code but again if you have a bot or botlike user that runs to test code in browsers the fact that it runs to test code in browsers should be prominently displayed on its userpage or another reasonably accessible and visible/declared place if it isn't technically feasible to prevent problems in the future. A simple page that is linked to from the wiki main page might suffice. I accept the fact that I won't be getting my rights back any time soon but I would like to point out that a ' quick glance at deletion logs' is not a (usually) accepted way of removing rights. Even if it were justified I (and potentially more users) frown upon using the database to strip rights unless its urgent as it doesn't leave an easily and publicly accessible audit trail of what a user did since these changes may be (potentially) controversial. Also on a first rule violation I'm sure most users would try and leave a simple warning first unless it were urgent/ bad to the server instead of stripping rights full on. While I'm planning to reform/adjust my view to the beta cluster I would also like to tell some users that they may need to change a little bit to serve the community better and that they should do so with haste if it were possible. I am merely pointing out possible lines/ways that we all can improve and I expect that if I do my part (which I will almost always certainly do) others should do theirs.

greg added a subscriber: greg.Sep 21 2017, 4:06 PM

Just to be clear, right now is your bot not running on the Beta Cluster, @Sau226 ? I don't see any recent edits or deletions from it, but I don't want it to start again.

greg added a comment.Sep 21 2017, 4:16 PM

And for the record, a page that you deleted (that then broke browser tests for developers, see T176290) had the text "Test is used by Selenium web driver".

I would expect you to read and understand those words, including looking up the ones you don't understand, before deleting and protecting the page. Given this is a test environment, used for testing, that text should have been clear that it is actively used (which could be confirmed by looking at the edit history).

https://en.wikipedia.beta.wmflabs.org/wiki/Selenium_talk_test

This is my last response on this ticket.

I understand I did something wrong but on the other hand there is no evidence that is reasonably accessible on wiki that declares the user as a user for testing.

Literally the entire wiki is for testing. The account is marked as an administrator, and oversighter. I can't imagine any other situation where it's OK to unilaterally remove all rights and block and account in the fashion you did.

I understand the purpose of the cluster is for developers to test code but again if you have a bot or botlike user that runs to test code in browsers the fact that it runs to test code in browsers should be prominently displayed on its userpage or another reasonably accessible and visible/declared place if it isn't technically feasible to prevent problems in the future. A simple page that is linked to from the wiki main page might suffice.

Sure, this is a reasonable suggestion.

I accept the fact that I won't be getting my rights back any time soon but I would like to point out that a ' quick glance at deletion logs' is not a (usually) accepted way of removing rights. Even if it were justified I (and potentially more users) frown upon using the database to strip rights unless its urgent as it doesn't leave an easily and publicly accessible audit trail of what a user did since these changes may be (potentially) controversial.

It was justified, and I didn't use the database.

Also on a first rule violation I'm sure most users would try and leave a simple warning first unless it were urgent/ bad to the server instead of stripping rights full on.

So far your actions caused T176290: Minerva automated browser tests failing due to page being protected to prevent editing or other actions, T176316: Automated browser tests cannot create pages on the Beta Cluster, T176222: MobileFrontend automated browser tests failing due to user being blocked from editing. There are probably more failures that weren't reported. Browser tests failing are generally considered High or UBN priority.

Matiia added a subscriber: Matiia.Sep 21 2017, 11:58 PM

@greg The bot is set up so I need to program it and then manually trigger it in order for it to run. Check the enwiki test server to find out an example of the (lots of disused) pages that the selenium user made. I also suggest deleting the pages (that are not necessary to the operation of the testing user) created by the bot after tests to reduce clutter and server load if possible. Thank you

greg added a comment.Sep 22 2017, 6:42 AM

@greg The bot is set up so I need to program it and then manually trigger it in order for it to run.

Just to be clear: Do NOT enable or use that bot on the Beta Cluster without first getting explicit approval from me.

I also suggest deleting the pages (that are not necessary to the operation of the testing user) created by the bot after tests to reduce clutter and server load if possible. Thank you

There is no point in doing so. There is no increased load due to those pages.

Let this be the last comment on this task.