Page MenuHomePhabricator

New user permission abusefilter-view-private
Closed, ResolvedPublic

Description

Author: haza.wiki

Description:
abusefilter-view-private user right

There is currently a discussion on enwiki about how to distribute abuse filter rights between different user groups. One proposal is to separate the right to view private filter details and the right to edit filters, and assign these to different user groups. Currently, these rights are both granted by abusefilter-modify (Views/AbuseFilterViewEdit.php, lines 222-225).

The attached patch allows the optional allocation of a new user right, abusefilter-view-private, which allows usergroups without abusefilter-modify but with abusefilter-view-private to view hidden filters. Users in such a usergroup who view the hidden abuse page should see all the Big Red Buttons and text fields grayed through $readOnlyAttrib, and aren't assigned edit tokens either. (I haven't tested the patch, though, so someone'll need to give it a test-drive.)

Users with abusefilter-modify automatically have the ability to view the hidden filters, so there's no need to give those users abusefilter-view-private on top.

Even if this functionality is not exploited on enwiki, I am sure that there will be other wikis, WMF or otherwise, which will find it useful.

Details

Reference
bz19362

Event Timeline

bzimport raised the priority of this task from to Normal.Nov 21 2014, 10:40 PM
bzimport added a project: AbuseFilter.
bzimport set Reference to bz19362.

haza.wiki wrote:

Comment on attachment 6254
abusefilter-view-private user right

Index: AbuseFilter/AbuseFilter.php

  • AbuseFilter/AbuseFilter.php (revision 52305)

+++ AbuseFilter/AbuseFilter.php (working copy)
@@ -78,6 +78,7 @@
$wgAvailableRights[] = 'abusefilter-private';
$wgAvailableRights[] = 'abusefilter-modify-restricted';
$wgAvailableRights[] = 'abusefilter-revert';
+$wgAvailableRights[] = 'abusefilter-view-private';

$wgLogTypes[] = 'abusefilter';
$wgLogNames['abusefilter'] = 'abusefilter-log-name';

Index: AbuseFilter/Views/AbuseFilterViewEdit.php

  • AbuseFilter/Views/AbuseFilterViewEdit.php (revision 52305)

+++ AbuseFilter/Views/AbuseFilterViewEdit.php (working copy)
@@ -220,7 +220,7 @@

		$wgOut->setSubtitle( wfMsg( 'abusefilter-edit-subtitle', $filter, $history_id ) );

		// Hide hidden filters.
  • if (isset($row->af_hidden) && $row->af_hidden && !$this->canEdit()) {

+ if (isset($row->af_hidden) && $row->af_hidden && !($this->canEdit() || $wgUser->isAllowed( 'abusefilter-view-private' ))) {

			return wfMsg( 'abusefilter-edit-denied' );
		}

Index: AbuseFilter/AbuseFilter.i18n.php

  • AbuseFilter/AbuseFilter.i18n.php (revision 52305)

+++ AbuseFilter/AbuseFilter.i18n.php (working copy)
@@ -61,6 +61,7 @@

	'right-abusefilter-private' => 'View private data in the abuse log',
	'right-abusefilter-modify-restricted' => 'Modify abuse filters with restricted actions',
	'right-abusefilter-revert' => 'Revert all changes by a given abuse filter',

+ 'right-abusefilter-view-private' => 'View abuse filters marked as private',

	'action-abusefilter-modify' => 'modify abuse filters',
	'action-abusefilter-view' => 'view abuse filters',

@@ -69,6 +70,7 @@

	'action-abusefilter-private' => 'view private data in the abuse log',
	'action-abusefilter-modify-restricted' => 'modify abuse filters with restricted actions',
	'action-abusefilter-revert' => 'revert all changes by a given abuse filter',

+ 'action-abuserfilter-view-private' => 'view abuse filters marked as private',

	// Abuse Log
	'abusefilter-log' => 'Abuse filter log',

haza.wiki wrote:

Comment on attachment 6254
abusefilter-view-private user right

Index: AbuseFilter/AbuseFilter.php

  • AbuseFilter/AbuseFilter.php (revision 52305)

+++ AbuseFilter/AbuseFilter.php (working copy)
@@ -78,6 +78,7 @@
$wgAvailableRights[] = 'abusefilter-private';
$wgAvailableRights[] = 'abusefilter-modify-restricted';
$wgAvailableRights[] = 'abusefilter-revert';
+$wgAvailableRights[] = 'abusefilter-view-private';
$wgLogTypes[] = 'abusefilter';
$wgLogNames['abusefilter'] = 'abusefilter-log-name';

Index: AbuseFilter/Views/AbuseFilterViewEdit.php

  • AbuseFilter/Views/AbuseFilterViewEdit.php (revision 52305)

+++ AbuseFilter/Views/AbuseFilterViewEdit.php (working copy)
@@ -220,7 +220,7 @@

		$wgOut->setSubtitle( wfMsg( 'abusefilter-edit-subtitle', $filter, $history_id ) );
		// Hide hidden filters.
  • if (isset($row->af_hidden) && $row->af_hidden && !$this->canEdit()) {

+ if (isset($row->af_hidden) && $row->af_hidden && !($this->canEdit() || $wgUser->isAllowed( 'abusefilter-view-private' ))) {

			return wfMsg( 'abusefilter-edit-denied' );
		}
  • if (isset($row->af_hidden) && $row->af_hidden && !$this->canEdit()) {

+ if (isset($row->af_hidden) && $row->af_hidden && !($this->canEdit() || $wgUser->isAllowed( 'abusefilter view-private' ))) {

Would prefer that this was broken out to a canView() method, instead of hacked in here.

haza.wiki wrote:

abusefilter-view-private user right, added English language variables

Apologies for making such a mess of the attachment... Bugzilla and I are still not quite acquainted!

This is a second version of the patch – I suddenly realised that I hadn't added any language variables for the new user right.

attachment abusefilter-view-private-patch.php ignored as obsolete

(In reply to comment #4)

Apologies for making such a mess of the attachment... Bugzilla and I are still
not quite acquainted!
This is a second version of the patch – I suddenly realised that I hadn't
added any language variables for the new user right.

Since we're both online at the same time, it might make sense for you to drop into MediaWiki-General and I'll do a live review with you.

haza.wiki wrote:

abusefilter-view-private user right

Created canView function and changed the static variable declaration slightly.

I'm assuming this works... perhaps someone could test it? </beg>

Attached:

Per the discussion at [[Wikipedia talk:Abuse filter#Adding abuse-filter-view-private into sysop package]], we would like this permission into the sysop package, but no separate user group. Thanks.

Committed with adjustments in r52743.

Xeno added a comment.Sep 18 2009, 1:00 PM

I've just removed my abuse-filter-editor permission and find I can't view private filters now.

(In reply to comment #9)

I've just removed my abuse-filter-editor permission and find I can't view
private filters now.

That's because it hasn't been given to administrators on any wikis yet.

If you want to give it to administrators on a particular wiki, please file a site request bug saying so.

MGChecker renamed this task from New user permission abusefilter-viewprivate to New user permission abusefilter-view-private.Jun 13 2016, 9:47 PM
MGChecker updated the task description. (Show Details)
MGChecker removed a subscriber: wikibugs-l-list.