Page MenuHomePhabricator

Move "privileged account' concept into MediaWiki core
Open, Needs TriagePublic

Description

IMO the kind of authentication logging we are doing is expected from any decent application by default and should live in core. (Also, for obvious reasons the config files are a poor place for business logic.) The only reason this is not trivial to do is the wfGetPrivilegedGroups method which is used to enrich the logs and is somewhat WMF-specific. We should probably move it (and the whole logging) to core.

We could have a static User::getPrivilegedGroups() method, a $wgPrivilegedGroups config settings which defaults to admin/bureaucrat/interface-admin and a GetPrivilegedGroups hook for CentralAuth and similar extensions to tie into.

Event Timeline

Tgr created this task.Nov 1 2018, 4:02 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 1 2018, 4:02 AM
Risker added a subscriber: Risker.Dec 21 2018, 5:15 AM

Change 482589 had a related patch set uploaded (by Gergő Tisza; owner: Gergő Tisza):
[mediawiki/core@master] Add User::getPrivilegedGroups()

https://gerrit.wikimedia.org/r/482589