Page MenuHomePhabricator
Create Task
Maniphest T21362

New user permission abusefilter-view-private
Closed, ResolvedPublic
Actions

Description

Author: haza.wiki

Description:
abusefilter-view-private user right

There is currently a discussion on enwiki about how to distribute abuse filter rights between different user groups. One proposal is to separate the right to view private filter details and the right to edit filters, and assign these to different user groups. Currently, these rights are both granted by abusefilter-modify (Views/AbuseFilterViewEdit.php, lines 222-225).

The attached patch allows the optional allocation of a new user right, abusefilter-view-private, which allows usergroups without abusefilter-modify but with abusefilter-view-private to view hidden filters. Users in such a usergroup who view the hidden abuse page should see all the Big Red Buttons and text fields grayed through $readOnlyAttrib, and aren't assigned edit tokens either. (I haven't tested the patch, though, so someone'll need to give it a test-drive.)

Users with abusefilter-modify automatically have the ability to view the hidden filters, so there's no need to give those users abusefilter-view-private on top.

Even if this functionality is not exploited on enwiki, I am sure that there will be other wikis, WMF or otherwise, which will find it useful.

Details

Reference
bz19362

Related Objects

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:40 PM
bzimport added a project: AbuseFilter.
bzimport set Reference to bz19362.
bzimport created this task.Jun 23 2009, 12:25 PM
bzimport added a comment.Jun 23 2009, 12:38 PM

haza.wiki wrote:

Comment on attachment 6254
abusefilter-view-private user right

Index: AbuseFilter/AbuseFilter.php

  • AbuseFilter/AbuseFilter.php (revision 52305)

+++ AbuseFilter/AbuseFilter.php (working copy)
@@ -78,6 +78,7 @@
$wgAvailableRights[] = 'abusefilter-private';
$wgAvailableRights[] = 'abusefilter-modify-restricted';
$wgAvailableRights[] = 'abusefilter-revert';
+$wgAvailableRights[] = 'abusefilter-view-private';

$wgLogTypes[] = 'abusefilter';
$wgLogNames['abusefilter'] = 'abusefilter-log-name';

Index: AbuseFilter/Views/AbuseFilterViewEdit.php

  • AbuseFilter/Views/AbuseFilterViewEdit.php (revision 52305)

+++ AbuseFilter/Views/AbuseFilterViewEdit.php (working copy)
@@ -220,7 +220,7 @@

		$wgOut->setSubtitle( wfMsg( 'abusefilter-edit-subtitle', $filter, $history_id ) );

		// Hide hidden filters.
  • if (isset($row->af_hidden) && $row->af_hidden && !$this->canEdit()) {

+ if (isset($row->af_hidden) && $row->af_hidden && !($this->canEdit() || $wgUser->isAllowed( 'abusefilter-view-private' ))) {

			return wfMsg( 'abusefilter-edit-denied' );
		}

Index: AbuseFilter/AbuseFilter.i18n.php

  • AbuseFilter/AbuseFilter.i18n.php (revision 52305)

+++ AbuseFilter/AbuseFilter.i18n.php (working copy)
@@ -61,6 +61,7 @@

	'right-abusefilter-private' => 'View private data in the abuse log',
	'right-abusefilter-modify-restricted' => 'Modify abuse filters with restricted actions',
	'right-abusefilter-revert' => 'Revert all changes by a given abuse filter',

+ 'right-abusefilter-view-private' => 'View abuse filters marked as private',

	'action-abusefilter-modify' => 'modify abuse filters',
	'action-abusefilter-view' => 'view abuse filters',

@@ -69,6 +70,7 @@

	'action-abusefilter-private' => 'view private data in the abuse log',
	'action-abusefilter-modify-restricted' => 'modify abuse filters with restricted actions',
	'action-abusefilter-revert' => 'revert all changes by a given abuse filter',

+ 'action-abuserfilter-view-private' => 'view abuse filters marked as private',

	// Abuse Log
	'abusefilter-log' => 'Abuse filter log',
bzimport added a comment.Jun 23 2009, 12:39 PM

haza.wiki wrote:

Comment on attachment 6254
abusefilter-view-private user right

Index: AbuseFilter/AbuseFilter.php

  • AbuseFilter/AbuseFilter.php (revision 52305)

+++ AbuseFilter/AbuseFilter.php (working copy)
@@ -78,6 +78,7 @@
$wgAvailableRights[] = 'abusefilter-private';
$wgAvailableRights[] = 'abusefilter-modify-restricted';
$wgAvailableRights[] = 'abusefilter-revert';
+$wgAvailableRights[] = 'abusefilter-view-private';

$wgLogTypes[] = 'abusefilter';
$wgLogNames['abusefilter'] = 'abusefilter-log-name';

Index: AbuseFilter/Views/AbuseFilterViewEdit.php

  • AbuseFilter/Views/AbuseFilterViewEdit.php (revision 52305)

+++ AbuseFilter/Views/AbuseFilterViewEdit.php (working copy)
@@ -220,7 +220,7 @@

		$wgOut->setSubtitle( wfMsg( 'abusefilter-edit-subtitle', $filter, $history_id ) );

		// Hide hidden filters.
  • if (isset($row->af_hidden) && $row->af_hidden && !$this->canEdit()) {

+ if (isset($row->af_hidden) && $row->af_hidden && !($this->canEdit() || $wgUser->isAllowed( 'abusefilter-view-private' ))) {

			return wfMsg( 'abusefilter-edit-denied' );
		}
werdna added a comment.Jun 23 2009, 12:41 PM
  • if (isset($row->af_hidden) && $row->af_hidden && !$this->canEdit()) {

+ if (isset($row->af_hidden) && $row->af_hidden && !($this->canEdit() || $wgUser->isAllowed( 'abusefilter view-private' ))) {

Would prefer that this was broken out to a canView() method, instead of hacked in here.

bzimport added a comment.Jun 23 2009, 12:44 PM

haza.wiki wrote:

abusefilter-view-private user right, added English language variables

Apologies for making such a mess of the attachment... Bugzilla and I are still not quite acquainted!

This is a second version of the patch – I suddenly realised that I hadn't added any language variables for the new user right.

attachment abusefilter-view-private-patch.php ignored as obsolete

werdna added a comment.Jun 23 2009, 12:45 PM

(In reply to comment #4)

Apologies for making such a mess of the attachment... Bugzilla and I are still
not quite acquainted!

This is a second version of the patch – I suddenly realised that I hadn't
added any language variables for the new user right.

Since we're both online at the same time, it might make sense for you to drop into MediaWiki-General and I'll do a live review with you.

bzimport added a comment.Jun 30 2009, 9:08 PM

haza.wiki wrote:

abusefilter-view-private user right

Created canView function and changed the static variable declaration slightly.

I'm assuming this works... perhaps someone could test it? </beg>

Attached:

abusefilter-view-private-patch.php2 KBDownload

Cenarium added a comment.Jun 30 2009, 9:29 PM

Per the discussion at [[Wikipedia talk:Abuse filter#Adding abuse-filter-view-private into sysop package]], we would like this permission into the sysop package, but no separate user group. Thanks.

werdna added a comment.Jul 3 2009, 2:17 PM

Committed with adjustments in r52743.

Xeno added a comment.Sep 18 2009, 1:00 PM

I've just removed my abuse-filter-editor permission and find I can't view private filters now.

werdna added a comment.Sep 18 2009, 1:01 PM

(In reply to comment #9)

I've just removed my abuse-filter-editor permission and find I can't view
private filters now.

That's because it hasn't been given to administrators on any wikis yet.

If you want to give it to administrators on a particular wiki, please file a site request bug saying so.

MGChecker renamed this task from New user permission abusefilter-viewprivate to New user permission abusefilter-view-private.Jun 13 2016, 9:47 PM
MGChecker updated the task description. (Show Details)
MGChecker removed a subscriber: wikibugs-l-list.
Orlodrim mentioned this in T143365: abusefilter-modify should let you view histories of private filters.Aug 18 2016, 9:16 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL