Page MenuHomePhabricator
Create Task
Maniphest T212311

Blocks should be an implementation detail of an abstract authorization system
Open, Needs TriagePublic
Actions

Description

Blocks currently exist as an integral part of the authorization system of MediaWiki. Unfortunately, code (core, extensions, etc.) must be aware of what blocks are and how they work. This has forced code to ask questions like

  • Is the user blocked?
  • Does the user have more than one block?
  • Are they sitewide blocked?
  • Are they blocked from this page?
  • Are they blocked from this namespace?
  • Is the account locked? (i.e. cannot login)

The question code should be asking is:

  • Can the user perform X action?
  • If not, why not?

In this way, Blocks are an implementation detail in an authorization system.

An extension should always be able to hook into the authorization system and make it's own assessment, or change the assessment of other systems.

Related Objects

Event Timeline

dbarratt created this task.Dec 19 2018, 4:07 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 19 2018, 4:07 PM
dbarratt updated the task description. (Show Details)Dec 19 2018, 4:11 PM
dbarratt added subscribers: aezell, dmaza, Tchanders, Mooeypoo.Dec 19 2018, 4:51 PM
dbarratt added a project: MediaWiki-General.Dec 19 2018, 9:12 PM
Tgr subscribed.Dec 22 2018, 7:40 PM

See T212341#4841566 on why this is not that easy without major changes to the authorization system.
The lack of support for "why not?" questions in many places is T180888: All permission checks should be able to return a custom error message.

Tgr mentioned this in T208768: Create a PermissionManager service.Dec 22 2018, 7:43 PM
Tgr mentioned this in T212639: Separate could do / can do / is doing permission checks in MediaWiki.Dec 27 2018, 8:09 AM
dbarratt added a comment.Jan 2 2019, 2:46 PM
In T212311#4842122, @Tgr wrote:

See T212341#4841566 on why this is not that easy without major changes to the authorization system.

Yes. I assumed as much when looking at the code.

Izno updated the task description. (Show Details)May 5 2019, 5:34 PM
DannyS712 edited projects, added MediaWiki-Blocks; removed MediaWiki-General.Jul 5 2021, 4:27 PM
dbarratt unsubscribed.Jul 5 2021, 5:19 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL