Page MenuHomePhabricator
Create Task
Maniphest T181687

Give RESTBase / MCS requests the apihighlimits right
Open, Needs TriagePublic
Actions

Description

apihighlimits allows more efficient batching (500 titles instead of 50 in a single query; larger continuations, typically 5000 instead of 500; no ping limiter, although that probably does not affect RESTBase/MCS). It might improve performance (although not sure; large batches are faster but small batches are parallelized - it would definitely decrease API load though). There are various ways (some) RESTBase requests could have that right:

  • create a RESTBase system user (as in User::newSystemUser), and authenticate via OAuth.
  • create a RESTBase system user, create a new session provider that authenticates requests coming from RESTBase based on IP (and maybe some kind of header mechanism to allow RESTBase to select which requests this should happen for).
  • add the permission via UserGetRights (I think that would work for anonymous users, although not 100% sure)

The drawback is that it introduces a new failure point: if you set 500 titles but don't get the permission for some reason (e.g. IP changesdand someone forgot to update the config), the query will error out.

Related Objects

Event Timeline

Tgr created this task.Nov 29 2017, 11:30 PM
Restricted Application added a project: Product-Infrastructure-Team-Backlog-Deprecated. · View Herald TranscriptNov 29 2017, 11:30 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Mholloway subscribed.Nov 29 2017, 11:38 PM
mobrovac subscribed.Nov 30 2017, 9:47 AM

I'm not sure I understand which use case is targeted here?

mobrovac added a project: Services (watching).Nov 30 2017, 9:47 AM
Tgr added a comment.Nov 30 2017, 10:23 AM

Specifically it came up in the discussion of this changeset.

Mholloway added a comment.EditedNov 30 2017, 2:43 PM
In T181687#3799119, @mobrovac wrote:

I'm not sure I understand which use case is targeted here?

For one example, the media endpoint we're developing works by scraping media file page names from the Parsoid HTML and submitting those to the MW API imageinfo module in a follow-up query for additional metadata. There are frequently more than 50 such files. The changeset @Tgr linked adds batching for submitting them 50 at a time, but it would be nicer to be able to submit them all in one shot.

Pchelolo subscribed.Dec 4 2017, 8:07 PM

Having a system user with special/elevated rights will allow us to finally enable the whole RESTBase/ChangeProp system on private wikis T88016, but for that the system user will need to have even more elevated rights

Fjalapeno moved this task from Needs triage to Tracking on the Product-Infrastructure-Team-Backlog-Deprecated board.Mar 19 2018, 4:08 PM
mobrovac added a project: Platform Team Legacy (Watching / External).Dec 20 2018, 12:01 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits