Extensions should be able to declare how blocks should handle their rights
Open, LowPublic

Description

Problem
When an extension declares a right in extension.json there is no way to specify how a block should interact with that right. Should this right be blocked when they are sitewide blocked? When they are upload blocked? email blocked? namespace blocked? etc.

Extensions typically get around this by doing something like this:

$user->isAllowed( 'custom-right' ) && $user->isBlocked()

but this doesn't work in the world of partial blocks. And the current solutions require knowing a lot about Blocks that extension developers shouldn't have to know.

Solution
Give extensions a mechanism by which (by specifying in extension.json?) blocks can deal with the rights they have declared. Then they should be able to call a single method (either User::isAllowed() or a new method) that determine if the user has access (accounting for the block, or any other sanctions the user might have from other extensions). The method should have a sensible default (i.e. the user is blocked if the user has a sitewide block, etc.)

dbarratt created this task.Nov 7 2018, 9:52 PM
Restricted Application added subscribers: MGChecker, Aklapper. · View Herald TranscriptNov 7 2018, 9:52 PM
dbarratt updated the task description. (Show Details)
dbarratt updated the task description. (Show Details)
TBolliger moved this task from Untriaged to Backlog on the Anti-Harassment board.Nov 7 2018, 10:12 PM

David, is this aspirational or a technical requirement for extension support?

David, is this aspirational or a technical requirement for extension support?

Aspirational, or rather, perhaps the way extensions ought to be able to handle blocks.

TBolliger triaged this task as Low priority.

OK Thank you. I don't think we can invest any time in this unless we find we need to do a refactor of blocks.