Page MenuHomePhabricator
Create Task
Maniphest T180888

All permission checks should be able to return a custom error message
Open, Needs TriagePublic
Actions

Description

Many permission checks only return a boolean (like User::isAllowed) or the permission error they return is hard to customize (like Title::getPermissionError which will just tell which user groups would have the required permission). This is inadequate in scenarios where permissions are restricted unexpectedly (e.g. because the user is blocked, because their account security is wanting, because the system detected something suspicious...).

All permission checks should be able to return a Message. All hooks that interfere with perimission checks (UserGetRights etc) should be able to manipulate that message. All callers to those methods should display those messages if they receive them.

Related Objects
Search...

StatusSubtypeAssignedTask
 OpenNoneT180888 All permission checks should be able to return a custom error message
 OpenNoneT231930 Introduce Authority objects to represent the user performing a given action
 Resolved PcheloloT261963 Spike to explore Authority concept, implementation, and migration
 Resolved PcheloloT271458 RevisionRecord should use Authority for permission checks
 Resolved PcheloloT271300 Stop using the global service locator in RevisionRecord::userCanBitfield
 Resolved PcheloloT271459 User should implement Authority
 Resolved PcheloloT271460 Authority should be available via IContextSource
 ResolvedCCicalese_WMFT271462 Experiment with converting action API modules to Authority
 OpenNoneT271854 Convert Action API tests in core to use authority directly
 OpenNoneT271463 Refactor PermissionManager into Authority [hard]
 OpenNoneT261744 Introduce ThrottleStore
 OpenNoneT271464 Change the mechanism used to establish which permissions are exempt from user block
 DuplicateNoneT271465 Use Authority in EditPage
 OpenNoneT271466 Authority and JSON serialization
 Resolved PcheloloT271494 Expose information about user blocks via Authority and PermissionStatus
 ResolvedCCicalese_WMFT271504 PermissionsError should be instantiatable with PermissionStatus returned by Authority
 OpenNoneT271837 Convert PreferencesFactory to Authority [hard]
 OpenNoneT271975 Convert EditPage to Authority
 ResolvedNoneT271977 Convert EditConstraint system to use Authority
 ResolveddanielT272039 Convert BlockPermissionChecker and BlockPermissionCheckerFactory to use Authority
 OpenNoneT272519 Implement private wiki read permission in a way that works with Authority
 Resolved PcheloloT274947 Rename Authority::getActor to Authority::getPerformer
 Resolved PcheloloT275504 Convert MovePage to Authority
 ResolvedNoneT275507 Convert ChangeTags to Authority
 OpenNoneT275508 Convert ApiCheckCanExecute hook to Authority
 ResolvedCCicalese_WMFT275768 Mark Authority as stable
 OpendanielT310476 Add rate limiting to Authority

Event Timeline

Tgr created this task.Nov 18 2017, 11:30 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 18 2017, 11:30 PM
Tgr mentioned this in T150562: Be able to force OATHAuth for certain user groups.Nov 18 2017, 11:31 PM
Agabi10 added a subscriber: Agabi10.Nov 19 2017, 7:54 PM
Tgr mentioned this in T202989: Administrators can no longer view deleted history of js/css pages.Aug 28 2018, 1:58 PM
Tgr mentioned this in T208768: Create a PermissionManager service.Nov 19 2018, 10:38 PM
Tgr mentioned this in T197136: Tie certain user rights to elevated security.Dec 5 2018, 11:22 PM
Tgr mentioned this in T212311: Blocks should be an implementation detail of an abstract authorization system.Dec 22 2018, 7:40 PM
Tgr added a comment.Dec 22 2018, 7:44 PM

Somewhat related: T203083: "Administrator" is hardcoded in various permission error messages

Tgr mentioned this in T212639: Separate could do / can do / is doing permission checks in MediaWiki.Dec 27 2018, 8:09 AM
Tgr mentioned this in T220779: Add test to check existence of action- messages.Apr 13 2019, 9:54 PM
Tgr mentioned this in T227975: Grant permission errors where the user has the right but the app does not have the grant are unclear.Jul 14 2019, 2:19 PM
Tgr mentioned this in T218215: SO878 Step 4: Bind permissions to 2FA.Jul 14 2019, 6:13 PM
MGChecker added a subscriber: MGChecker.Nov 11 2019, 11:35 AM
RhinosF1 added a subscriber: RhinosF1.Feb 20 2021, 6:28 PM
daniel added a subtask: T231930: Introduce Authority objects to represent the user performing a given action.Feb 22 2021, 7:51 PM
daniel added a subscriber: daniel.

The new Authority interface allows messages to be returned from all methods that check permissions. That resolves half of this task - the other half would be to use this information in more places.

TheresNoTime removed a subscriber: RhinosF1.Dec 15 2022, 11:36 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL