Maniphest T208398

Fatal error on testwiki on viewing talk pages when blocked and logged in, and on editing pages when blocked
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Urbanecm
	Oct 31 2018, 1:04 PM

Description

I noticed I cannot view Talk:Main Page on testwiki (currently 1.33.0-wmf.2 aka rMWf6c4f5ff0906) when blocked.

Steps to reproduce (requires sysop privileges)

Block your current IP range and prevent logged in users from editing
Login using non-sysop/non-IPBE user
Go to https://test.wikipedia.org/wiki/Talk:Main_Page?action=edit

I tried this logged out, it works normally. It also works when logging in using blocked user.

Backtrace is shown, quoting

[W9mnSQpAADsAAHwkSE8AAAAL] /wiki/Talk:Main_Page BadMethodCallException from line 1810 of /srv/mediawiki/php-1.33.0-wmf.2/includes/Block.php: Call to a member function getTalkPage() on a non-object (string)

Backtrace:

#0 /srv/mediawiki/php-1.33.0-wmf.2/includes/user/User.php(2307): Block->preventsEdit(Title)
#1 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/Model/Workflow.php(382): User->isBlockedFrom(Title, boolean)
#2 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/Formatter/RevisionFormatter.php(494): Flow\Model\Workflow->userCan(string, User)
#3 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/Formatter/RevisionFormatter.php(238): Flow\Formatter\RevisionFormatter->buildActions(Flow\Formatter\FormatterRow)
#4 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/Block/Header.php(326): Flow\Formatter\RevisionFormatter->formatApi(Flow\Formatter\FormatterRow, Flow\View)
#5 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/Block/Header.php(206): Flow\Block\HeaderBlock->renderRevisionApi(string)
#6 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/View.php(233): Flow\Block\HeaderBlock->renderApi(array)
#7 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/View.php(71): Flow\View->buildApiResponse(Flow\WorkflowLoader, array, string, array)
#8 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/Actions/Action.php(112): Flow\View->show(Flow\WorkflowLoader, string)
#9 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/Actions/ViewAction.php(20): Flow\Actions\FlowAction->showForAction(string, OutputPage)
#10 /srv/mediawiki/php-1.33.0-wmf.2/extensions/Flow/includes/Actions/Action.php(50): Flow\Actions\ViewAction->showForAction(string)
#11 /srv/mediawiki/php-1.33.0-wmf.2/includes/MediaWiki.php(501): Flow\Actions\FlowAction->show()
#12 /srv/mediawiki/php-1.33.0-wmf.2/includes/MediaWiki.php(294): MediaWiki->performAction(Article, Title)
#13 /srv/mediawiki/php-1.33.0-wmf.2/includes/MediaWiki.php(862): MediaWiki->performRequest()
#14 /srv/mediawiki/php-1.33.0-wmf.2/includes/MediaWiki.php(517): MediaWiki->main()
#15 /srv/mediawiki/php-1.33.0-wmf.2/index.php(42): MediaWiki->run()
#16 /srv/mediawiki/w/index.php(3): include(string)
#17 {main}

I'm boldly triaging this as UBN.

Details

Related Changes in Gerrit:

Subject	Repo	Branch	Lines +/-
Block: Clean up handling of non-User targets	mediawiki/core	master	+123 -101
Follow-up d67121f6d: Blocks can apply to non-User objects too	mediawiki/core	wmf/1.33.0-wmf.2	+10 -1
Follow-up d67121f6d: Blocks can apply to non-User objects too	mediawiki/core	master	+10 -1

Customize query in gerrit

Related Objects
Search...

Status	Subtype	Assigned	Task
Resolved	Release	thcipriani	T206656 1.33.0-wmf.2 deployment blockers
Resolved		dmaza	T208398 Fatal error on testwiki on viewing talk pages when blocked and logged in, and on editing pages when blocked
Resolved		dmaza	T203821 After QA, enable Partial Blocks MVP on test.wikipedia.org and test.wikidata.org

Event Timeline

Urbanecm created this task.Oct 31 2018, 1:04 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 31 2018, 1:04 PM

See task's description

Restricted Application added subscribers: Liuxinyu970226, TerraCodes. · View Herald TranscriptOct 31 2018, 1:04 PM

Probably isn't related to StructuredDiscussions , https://test.wikipedia.org/w/index.php?title=Talk:Templete:TestOS&action=edit doesn't work either (under same conditions as described in task's description). Ending with tests for now, I'm in rush and noticed it when looking for something entriely different.

Viewing another exisitng talkpage doesn't work as well: https://test.wikipedia.org/wiki/Talk:Tto_page_536 .

Urbanecm renamed this task from Fatal error on testwiki on viewing Talk:Main Page when blocked and logged in to Fatal error on testwiki on viewing talk pages when blocked and logged in.Oct 31 2018, 1:08 PM

I also get this on https://www.mediawiki.org/wiki/Wikimedia_Audiences?action=edit incognito in the office (where the IP is blocked to remind us to log in). Possibly related to the recent Partial Blocks work?

I think this is a train blocker.

Restricted Application added a subscriber: MGChecker. · View Herald TranscriptOct 31 2018, 3:23 PM

Jdforrester-WMF added a parent task: T206656: 1.33.0-wmf.2 deployment blockers.Oct 31 2018, 3:23 PM

Krenair subscribed.Oct 31 2018, 3:32 PM

d67121f6d3961bb7dfc44f71e8b5a4b8b9279eef touched the User::isBlockedFrom code specifically:

- public function isBlockedFrom( $title, $bFromSlave = false ) {
+       public function isBlockedFrom( $title, $fromSlave = false ) {
-         global $wgBlockAllowsUTEdit;
+               $blocked = $this->isHidden();

-         $blocked = $this->isBlocked( $bFromSlave );
-         $allowUsertalk = ( $wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false );
-         // If a user's name is suppressed, they cannot make edits anywhere
-         if ( !$this->mHideName && $allowUsertalk && $title->getText() === $this->getName()
-                 && $title->getNamespace() == NS_USER_TALK ) {
-                 $blocked = false;
-                 wfDebug( __METHOD__ . ": self-talk page, ignoring any blocks\n" );
+               if ( !$blocked ) {
+                       $block = $this->getBlock( $fromSlave );
+                       if ( $block ) {
+                               $blocked = $block->preventsEdit( $title );
+                       }
                }

+               // only for the purpose of the hook. We really don't need this here.
+               $allowUsertalk = $this->mAllowUsertalk;
+
                Hooks::run( 'UserIsBlockedFrom', [ $this, $title, &$blocked, &$allowUsertalk ] );

Jdforrester-WMF renamed this task from Fatal error on testwiki on viewing talk pages when blocked and logged in to Fatal error on testwiki on viewing talk pages when blocked and logged in, and on editing pages when blocked.Oct 31 2018, 3:34 PM

Jdforrester-WMF edited projects, added MediaWiki-User-management; removed MediaWiki-General.

Thanks for all the info. We are looking into this right now.

• aezell edited projects, added Anti-Harassment-Team (AHT Sprint 32); removed Anti-Harassment-Team.Oct 31 2018, 3:44 PM

dmaza claimed this task.Oct 31 2018, 3:45 PM

dmaza moved this task from Ready to In progress on the Anti-Harassment-Team (AHT Sprint 32) board.

Change 470856 had a related patch set uploaded (by Jforrester; owner: Jforrester):
[mediawiki/core@master] Follow-up d67121f6d: Blocks can apply to non-User objects too

https://gerrit.wikimedia.org/r/470856

gerritbot added a project: Patch-For-Review.Oct 31 2018, 3:53 PM

Thank you @Jdforrester-WMF

Change 470856 merged by jenkins-bot:
[mediawiki/core@master] Follow-up d67121f6d: Blocks can apply to non-User objects too

https://gerrit.wikimedia.org/r/470856

User::newFromName can return false with an IP address or IP/range (anything passed in other than a valid username. However, the code will throw the same fatal error with this patch since $user will be false

Change 470867 had a related patch set uploaded (by Jforrester; owner: Jforrester):
[mediawiki/core@wmf/1.33.0-wmf.2] Follow-up d67121f6d: Blocks can apply to non-User objects too

https://gerrit.wikimedia.org/r/470867

(From gerrit.) @dbarratt: $validate is set to false, so this will always return a user, whether valid or not.

Change 470867 merged by jenkins-bot:
[mediawiki/core@wmf/1.33.0-wmf.2] Follow-up d67121f6d: Blocks can apply to non-User objects too

https://gerrit.wikimedia.org/r/470867

ReleaseTaggerBot added a project: MW-1.33-notes (1.33.0-wmf.3; 2018-11-06).Oct 31 2018, 5:00 PM

Mentioned in SAL (#wikimedia-operations) [2018-10-31T17:04:25Z] <jforrester@deploy1001> Synchronized php-1.33.0-wmf.2/includes/Block.php: Hot-deploy train blocker T208398 with rMW3a1f95d4d74c (duration: 00m 56s)

OK, this is fixed for the repro steps I had (both viewing https://test.wikipedia.org/wiki/Talk:Main_Page or https://www.mediawiki.org/wiki/Wikimedia_Audiences?action=edit from an IP that's individually blocked no longer throws a PHP fatal but work as expected).

Some concern about IP range-blocks and how they work, will check now.

Works for me (tested from hardblocked /24 range), thank you.

Provisionally, we think this is fixed. Will help do some follow-ups in this area to make this code better tested.

Thanks James!

Just tested on production testwiki: https://test.wikipedia.org/wiki/Talk:Main_Page

Screen Shot 2018-10-31 at 10.41.58 AM.png (943×1 px, 344 KB)

Appears to be working as expected. I can view the page while logged-out, logged-in as an admin, and logged-in as a non-admin. I cannot edit the page (which has Flow) as either logged-in or logged-out.

dbarratt updated the task description. (Show Details)Oct 31 2018, 10:33 PM

Catrope mentioned this in T208472: Block::getTarget() can return a User object or a string that is an invalid user name.Oct 31 2018, 10:41 PM

ping @Anomie, since this appears to be an interaction between the Actor refactoring and the new "partial block" code. The concept of a "block target" doesn't seem to properly align with the concept of actors.

In T208398#4711975, @daniel wrote:

ping @Anomie, since this appears to be an interaction between the Actor refactoring and the new "partial block" code. The concept of a "block target" doesn't seem to properly align with the concept of actors.

Yes, only blocks with TYPE_USER or TYPE_IP are actors. TYPE_RANGE and TYPE_AUTO are not, because a range or an auto-block can't "act" in the sense of creating a log entry, a revision, or the like.

Change 471018 had a related patch set uploaded (by Anomie; owner: Anomie):
[mediawiki/core@master] Block: Clean up handling of non-User targets

https://gerrit.wikimedia.org/r/471018

Liuxinyu970226 unsubscribed.Nov 2 2018, 5:04 AM

• TBolliger moved this task from In progress to Done on the Anti-Harassment-Team (AHT Sprint 32) board.Nov 2 2018, 4:45 PM

• TBolliger added a parent task: T203821: After QA, enable Partial Blocks MVP on test.wikipedia.org and test.wikidata.org.Nov 2 2018, 4:47 PM

dbarratt removed a parent task: T203821: After QA, enable Partial Blocks MVP on test.wikipedia.org and test.wikidata.org.Nov 2 2018, 5:21 PM

dbarratt added a subtask: T203821: After QA, enable Partial Blocks MVP on test.wikipedia.org and test.wikidata.org.Nov 2 2018, 5:24 PM

• TBolliger reopened subtask T203821: After QA, enable Partial Blocks MVP on test.wikipedia.org and test.wikidata.org as Open.Nov 19 2018, 9:50 PM

• TBolliger closed subtask T203821: After QA, enable Partial Blocks MVP on test.wikipedia.org and test.wikidata.org as Resolved.Nov 19 2018, 10:00 PM

Change 471018 merged by jenkins-bot:
[mediawiki/core@master] Block: Clean up handling of non-User targets

https://gerrit.wikimedia.org/r/471018

Ladsgroup removed a project: Patch-For-Review.May 21 2019, 9:28 PM

Aklapper removed subscribers: Anomie, • TBolliger.Oct 16 2020, 5:38 PM

	F27001792: Screen Shot 2018-10-31 at 10.41.58 AM.png
	Oct 31 2018, 5:45 PM

Fatal error on testwiki on viewing talk pages when blocked and logged in, and on editing pages when blockedClosed, ResolvedPublicActions