Maniphest T205578

Admins cannot view revision-deleted revisions
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Anomie
	Sep 26 2018, 8:23 PM

Description

See https://en.wikipedia.org/wiki/Wikipedia:Village_pump_(technical)#Revision_deleted_history_of_article

PermaLink: https://en.wikipedia.org/w/index.php?title=Wikipedia:Village_pump_(technical)&oldid=861409505#Revision_deleted_history_of_article

rMW4835a75ec564: Use RevisionRenderer for rendering ParserOutput caused PoolWorkArticleView to start checking revdel where it was not checked previously, leading to the article not being displayed as it should be when an admin clicks the "view" link.

Possible fixes include setting $audience = RevisionRecord::RAW at line 158 (to match the previous behavior where a $content was passed) or having the caller pass a constructor parameter to explicitly bypass the audience check.

Details

	Subject	Repo	Branch	Lines +/-
	Add audience parameter to PoolWorkArticleView	mediawiki/core	master	+43 -4

Customize query in gerrit

Related Objects

Mentioned In: T212316: Diffing a deleted revision shows only the header with no content
Mentioned Here: rMW4835a75ec564: Use RevisionRenderer for rendering ParserOutput

Event Timeline

Anomie created this task.Sep 26 2018, 8:23 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 26 2018, 8:23 PM

Xaosflux updated the task description. (Show Details)Sep 27 2018, 2:29 PM

Xaosflux subscribed.

Example on testwiki: (testwiki admin access required to follow)

https://test.wikipedia.org/w/index.php?title=T205578_example&oldid=362683
SHOULD work when following https://test.wikipedia.org/w/index.php?title=T205578_example&oldid=362683&unhide=1 but fails

Works in DIFF view: https://test.wikipedia.org/w/index.php?title=T205578_example&type=revision&diff=362683&oldid=362682
When following https://test.wikipedia.org/w/index.php?title=T205578_example&type=revision&diff=362683&oldid=362682&unhide=1

Xaosflux added a subscriber: Spinningspark.Sep 27 2018, 2:36 PM

Daimona merged a task: T205875: Page text isn't shown for deleted revisions.Oct 1 2018, 6:28 PM

Daimona added subscribers: Daimona, Tgr, TerraCodes.

Possible fixes include setting $audience = RevisionRecord::RAW at line 158 (to match the previous behavior where a $content was passed) or having the caller pass a constructor parameter to explicitly bypass the audience check.

I'm confused - if the user has the appropriate permissions, we should it be necessary to bypass the audience check? Am I missing something?

daniel triaged this task as High priority.Oct 1 2018, 8:54 PM

PoolWorkArticleView doesn't use per-user audience checks, it either does RAW or FOR_PUBLIC.

or having the caller pass a constructor parameter to explicitly bypass the audience check.

That would be nicer than using the content override option to signal whether an audience check should be done, which is the old behavior.

I'm a bit confused about pool counter key handling - audience does not seem to be factor in at all. Doesn't that mean that deleted content could be exposed to normal users if the timing is unfortunate enough so that one PoolWorkArticleView falls back to the result of another? Also, output for a non-private audience should not be written into parser cache but I don't see how that's guaranteed, either.

To answer my own question, fallback happens via looking up the other worker's result in the parser cache, so as long as the parser cache is used correctly, it's fine. And the parser cache is only used for current revisions and there the audience does not really matter. What's still confusing is that fallback()/getCachedWork() don't check the revision ID. I guess that's just a bug that has little impact because old revisions rarely get stampeded...

Change 463922 had a related patch set uploaded (by Gergő Tisza; owner: Gergő Tisza):
[mediawiki/core@master] Add audience parameter to PoolWorkArticleView

https://gerrit.wikimedia.org/r/463922

gerritbot added a project: Patch-For-Review.Oct 2 2018, 10:01 AM

Change 463922 merged by jenkins-bot:
[mediawiki/core@master] Add audience parameter to PoolWorkArticleView

https://gerrit.wikimedia.org/r/463922

It looks like we got this fixed in time for 1.32.0-wmf.24. See https://www.mediawiki.org/wiki/MediaWiki_1.32/Roadmap for a schedule for deployment to Wikimedia wikis.

ReleaseTaggerBot added a project: MW-1.32-notes (WMF-deploy-2018-10-02 (1.32.0-wmf.24)).Oct 2 2018, 4:01 PM

CCicalese_WMF moved this task from Inbox to Done on the Multi-Content-Revisions board.Oct 3 2018, 2:42 PM

Thank you, looks good - tested on Group2 projects.

Spinningspark unsubscribed.Oct 4 2018, 10:50 PM

While the original fix works fine, the problem is not totallly gone: for diff views, the text page isn't shown, while it previously was (example). I guess this isn't intended behaviour.

@Daimona - worked for me (example here: https://test.wikipedia.org/w/index.php?title=T205578_example&oldid=362683&unhide=1 on testwiki) - goes right to the deleted text.

@Xaosflux Yes, because that's a single-revision view, but my comment was about diffs.

Diff: https://test.wikipedia.org/w/index.php?title=T205578_example&diff=next&oldid=362682&unhide=1 works for me as well.

For me, it doesn't:

I forgot to change language to english before taking the screenshot, but I guess it's still clear.

CCicalese_WMF moved this task from Done to Tech Debt on the Multi-Content-Revisions board.Oct 15 2018, 3:14 PM

CCicalese_WMF edited projects, added Multi-Content-Revisions (Tech Debt); removed Multi-Content-Revisions.

CCicalese_WMF moved this task from Tech Debt to Reactive on the Multi-Content-Revisions board.

CCicalese_WMF edited projects, added Multi-Content-Revisions (Reactive); removed Multi-Content-Revisions (Tech Debt).

CCicalese_WMF added projects: Platform Engineering (MCR), Platform Team Workboards.

This seems like it should be filed as a new task to me. As far as I can tell the diff issue doesn't seem to have been caused by the same change.

That's possible. I noticed them both at the same time, but tomorrow I'll do a git bisect to see if they share the same cause.

OK I'm following you now, you expect to see the before and after diff, plus the revision compiled text below. I don't see that either, but I can't recall if I used to see it in this view.

@Xaosflux indeed. I'm almost sure the content was shown, but anyway it doesn't make sense to show the header with the time without any content below.

Unless this is completely different from the issue I remember and I'm confused, this indeed used to show content - the wrong content. The page's current content, to be exact. And nobody apparently noticed for a decade or so :)

Amorymeltzer subscribed.Oct 16 2018, 8:52 AM

CCicalese_WMF lowered the priority of this task from High to Medium.Nov 5 2018, 3:41 PM

CCicalese_WMF removed a project: Patch-For-Review.

CCicalese_WMF closed this task as Resolved.Dec 18 2018, 3:46 PM

I guess it's not necessary to show the right content, but shouldn't at least the header be removed? I mean the "Revision as of 14:04, 29 July 2018" from the example above.

Probably best to file a separate task about that.

Daimona mentioned this in T212316: Diffing a deleted revision shows only the header with no content.Dec 19 2018, 5:22 PM

CCicalese_WMF moved this task from Not a real column to Done with CPT on the Platform Team Workboards board.Jan 17 2019, 5:43 PM

CCicalese_WMF edited projects, added Platform Team Workboards (Done with CPT); removed Platform Team Workboards.

CCicalese_WMF moved this task from Reactive to Done on the Multi-Content-Revisions board.Apr 1 2019, 1:16 PM

CCicalese_WMF edited projects, added Multi-Content-Revisions; removed Multi-Content-Revisions (Reactive).

CCicalese_WMF edited projects, added Core Platform Team Initiatives (MCR); removed Platform Engineering (MCR).Jul 30 2019, 7:46 PM

Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:41 PM