As the title says, the testing interface (/tools and /test) can only be accessed by people with abusefilter-modify right. The question is: why? This should also be available with abusefilter-view-private right, if not with abusefilter-view: that page is like a sandbox, whatever the user will do it won't bring any change to existing filters.
|mediawiki/extensions/AbuseFilter||master||+38 -22||Allow users with abusefilter-view-private to use testing interface|
|Open||None||T193902 Re-assign functionality to user rights and clearly determine what filter information should be private|
|Resolved||Daimona||T193903 The testing interface can only be used with abusefilter-modify right|
May be better to extend to abusefilter-private instead of abusefilter-view, would like a clearer explanation of what may be able to be accessed from here that needed it to be restricted in the first place.
@Huji This is true, but what would they test? Without seeing the rule which is blocking them (thing that should happen), there's not much they could do. As for what a filter can do, I think docs on mediawiki provide lots of info. Anyway, for the moment I'm writing this to restrict to users with view-private right.
In looking how it is out there on various projects, targeting this as an "(abusefilter-view-private) or (abusefilter-modify)" gate should be done, as the ..view-private is not always explicitly assigned.
@Xaosflux that is how I implemented it: abusefilter-modify OR abusefilter-view-private. Probably the best we can do if we don't want to make controversial changes. I need to make sure my patch works (although, as usual, I already tested it while coding) and it should be ready tomorrow morning.