In 2014 year users, who had account on WM Labs/Toolforge, could get information about specific user's skin from DB replica, user_properties table, "skin" property. Later 4 properties was hidden from public view due to "privacy reasons", this properties is skin, timecorrection, variant and language. I think, skin is not privacy-sensitive property and propose to return it to public view. In 2014 or 2015 I created statistics about skins used by ruwiki users, now I want to update it with cutting off inactive users.
Description
Description
Event Timeline
Comment Actions
The table user_properties is available on the labs replicas.
There is also a view available which might or might not do what you need:
mysql:root@localhost [enwiki_p]> show create table user_properties\G
*************************** 1. row ***************************
View: user_properties
Create View: CREATE ALGORITHM=UNDEFINED DEFINER=`viewmaster`@`%` SQL SECURITY DEFINER VIEW `user_properties` AS select `enwiki`.`user_properties`.`up_user` AS `up_user`,`enwiki`.`user_properties`.`up_property` AS `up_property`,`enwiki`.`user_properties`.`up_value` AS `up_value` from `enwiki`.`user_properties` where (`enwiki`.`user_properties`.`up_property` in ('disablemail','fancysig','gender','nickname'))
character_set_client: utf8
collation_connection: utf8_general_ci
1 row in set (0.00 sec)As per the last security audit by @Bawolff (T103011#3536648) the table user_properties:
user_properties (Must use a whitelist of properties. Many properties can help to personally identify a user)
I suggest this is discussed with Security and if there is something that needs to be changed on the view level, ping cloud-services-team
Comment Actions
While skin is not super sensitive, it is still something that MW keeps secret, and hence something I don't think we should show.
However broad statistics are fine. Is your use case covered by the user_properties_anon view? Its defined as:
CREATE ALGORITHM=UNDEFINED DEFINER=`viewmaster`@`%` SQL SECURITY DEFINER VIEW `user_properties_anon` AS select cast(((extract(year_month from `enwiki`.`user`.`user_touched`) * 100) + 1) as date) AS `upa_touched`,`enwiki`.`user_properties`.`up_property` AS `up_property`,`enwiki`.`user_properties`.`up_value` AS `up_value` from ((`enwiki`.`user_properties` join `enwiki`.`user`) join `meta_p`.`properties_anon_whitelist`) where ((`enwiki`.`user`.`user_id` = `enwiki`.`user_properties`.`up_user`) and (`enwiki`.`user_properties`.`up_property` like `meta_p`.`properties_anon_whitelist`.`pw_property`))
If that view doesn't meet your needs, I'd be interested in knowing how we could improve it to do so.
Anyways, I'm opposed to having per-user skin info available. However I'm open to exposing statistics about the skin preference, provided they don't uniquely identify the user.
Comment Actions
Thanks, user_properties_anon is good, I just doesn't know about it, because it doesn't listed on https://www.mediawiki.org/wiki/Manual:Database_layout/ru. Is upa_touched a date of last skin change? And why upa table doesn't contain timecorrection property? I created a statistics from this property too, in what regions live most of ruwiki users. (And what means "variant" property?)
Comment Actions
It's not a MediaWiki core table. It's just a filtered database view that exists on labs
Comment Actions
variant is sort of like a sublanguage. Its only used in certain languages such as serbian or chinese, usually when there are multiple writing systems (e.g. latin vs cyrillic for serbian, traditional vs simple for chinese).
upa_touched is the month and year part of user_touched field in the user table. It gets updated on pref changes and some other events like group autopromotions
Comment Actions
If that view doesn't meet your needs, I'd be interested in knowing how we could improve it to do so.
@Bawolff I want to get statistics about active users. I propose to create a boolean field named "active" on user_properties_anon view, that will be true if this user do any actions in last 6 months.