Page MenuHomePhabricator
Create Task
Maniphest T218558

Move User::getRights and related methods into PermissionManager
Closed, ResolvedPublic
Actions

Description

The following methods should be factored out of the User class into PermissionManager, leaving only deprecated stubs:

  • User::isAllowed -> PermissionManager::userHasRight or some such
  • User::getRights -> PermissionManager::getUserPermissions.
  • User::groupHasPermission -> PermissionManager::groupHasPermission
  • User::getGroupPermissions -> PermissionManager::getGroupPermissions
  • User::getGroupsWithPermission -> PermissionManager::getGroupsWithPermission
  • User::groupHasPermission -> PermissionManager::groupHasPermission
  • User::isEveryoneAllowed -> PermissionManager::isEveryoneAllowed
  • User::getAllRights -> PermissionManager::getAllPermissions

Notes:

  • This change should allow us to switch the public method signatures in PermissionManager from USer to UserIdentity. Some internal uses of User will remain for now, but they can be covered by User::newFromIdentity(). (Note that the "new" is a lie, the method will return the original instance if it's already a User object).
  • Implementing getRights needs access to the user's session. This may not be possible for users other than the current user, making the behavior inconsistent in some cases (needs investigation of current behavior!). The method's contract should make this clear. Also, injecting any information about the current user, request or session is awkward for a service object, but should be acceptable due to PHP's per-request execution model, compare T218555.
  • User::getAllGroups is based on the same information as getAllRights, but this fact should not be cemented by exposing getAllGroups in the PermissionManager interface. Instead, we should probably create a GroupManager service at some point.

Details

SubjectRepoBranchLines +/-
Re-apply: Factors out permissions check from User into PermissionManager servicemediawiki/coremaster+1 K -607
Factors out permissions check from User into PermissionManager servicemediawiki/coremaster+1 K -568
Customize query in gerrit

Related Objects
Search...

Event Timeline

daniel created this task.Mar 18 2019, 11:26 AM
daniel added a subtask: T208768: Create a PermissionManager service.
daniel updated the task description. (Show Details)Mar 18 2019, 2:06 PM
Vedmaka claimed this task.Mar 18 2019, 2:09 PM
daniel updated the task description. (Show Details)Mar 18 2019, 2:58 PM
daniel updated the task description. (Show Details)
Tgr mentioned this in T218608: OAuth doesn't work when $wgBlockDisablesLogin is true.Mar 20 2019, 8:33 PM
CCicalese_WMF edited projects, added Platform Team Workboards (Contractor - Ready); removed MediaWiki-Decoupling (MediaWiki-Decoupling 2019 Q3/Q4), Platform Team Legacy (Next).Mar 26 2019, 4:34 PM
CCicalese_WMF triaged this task as Medium priority.Mar 26 2019, 6:01 PM
daniel updated the task description. (Show Details)Apr 4 2019, 11:43 AM
daniel mentioned this in T220191: Remove calls to deprecated methods in Title and User with calls to the new PermissionManager service..Apr 5 2019, 10:53 AM
daniel added a parent task: T220191: Remove calls to deprecated methods in Title and User with calls to the new PermissionManager service..
gerritbot added a comment.Apr 9 2019, 1:14 PM

Change 502484 had a related patch set uploaded (by Vedmaka Wakalaka; owner: Vedmaka Wakalaka):
[mediawiki/core@master] Factors out permissions check from User into PermissionManager service

https://gerrit.wikimedia.org/r/502484

gerritbot added a project: Patch-For-Review.Apr 9 2019, 1:14 PM
daniel closed subtask T208768: Create a PermissionManager service as Resolved.May 14 2019, 3:54 PM
daniel mentioned this in T223294: Deprecate the $mRights field in the User class, replacing it with a cache in PermissionManager..May 14 2019, 4:05 PM
daniel added a parent task: T223295: Make PermissionManager aware of the current user's session..May 14 2019, 4:10 PM
gerritbot added a comment.May 29 2019, 4:10 PM

Change 502484 merged by jenkins-bot:
[mediawiki/core@master] Factors out permissions check from User into PermissionManager service

https://gerrit.wikimedia.org/r/502484

Maintenance_bot removed a project: Patch-For-Review.May 29 2019, 4:10 PM
daniel closed this task as Resolved.May 29 2019, 7:23 PM
kostajh reopened this task as Open.May 30 2019, 2:13 PM
kostajh subscribed.

I had to revert this due to issues noted in T224607. There are three patches attached to that issue which, when merged, should make it OK to merge https://gerrit.wikimedia.org/r/502484 again. There's a fourth patch (https://gerrit.wikimedia.org/r/c/mediawiki/core/+/513268) that proposes to do things in a somewhat different way for the problems encountered with WikibaseLexeme, but it doesn't yet work.

I'd recommend merging the three patches attached to T224607, then merging https://gerrit.wikimedia.org/r/c/mediawiki/core/+/502484, then looking at https://gerrit.wikimedia.org/r/c/mediawiki/core/+/513268 again.

kostajh mentioned this in T224607: CentralAuth, MassMessage and WikibaseLexeme build failures.May 30 2019, 2:15 PM
Vedmaka added a comment.May 30 2019, 6:22 PM

@kostajh @daniel I am a bit confused about how this could result in broken CI, could you give me some clues on what did go wrong?

My biggest concern at the moment is to understand how and why the patch was green at the time it was merged ( considering all dependencies were merged beforehand ) [1] but ended up in the broken state. It's clear that for this change to pass some of both core and other extensions tests (which manipulate user or groups permissions in their code) needed to be updated in order to pass, so the change was supplied by a set of smaller patches to failing extensions based on CI results.

But, looking on T224607 I clearly see that CentralAuth and some test in Wikibase\Lexeme started to fail and I can understand why these are failing, but I have no clue why they did not fail during CI before the patch was merged? So, in other words, I think I am trying to understand if, if to say, "production" CI is somehow run different set of tests from the review stage CI?

  1. https://gerrit.wikimedia.org/r/c/mediawiki/core/+/502484/68#message-627618b69f076aef8f8d8a92e2e4870d8d0bec8d
kostajh added a comment.May 30 2019, 6:23 PM

@Vedmaka those extensions are not included in the set of extensions tested when MediaWiki core patches go through CI. So we only find the problems later, when someone tries to merge or publish a patch related to those extensions. There's some discussion of it here fwiw https://gerrit.wikimedia.org/r/c/integration/config/+/513283

Vedmaka added a comment.EditedMay 30 2019, 7:28 PM

@kostajh ah, I've got it, thanks! That makes it clear and at the same time makes things worse - at first glance, I don't see any good solution to make this patch compatible with every extension ( see https://phabricator.wikimedia.org/T224607#5224443 ) since the change seems to be simply way too radical.

The only workaround that could to work is to "rewind" it back and get rid of individual configuration values being passed into PermissionManager constructor during the wiring phase and replace it with the whole Config instance injection - that's not cool, but that would ensure that PermissionManager is always working with actual globals values and will eliminate the need to reset it. We probably may need to also get rid of caching inside the service, depending on the situation. @daniel any thoughts on this?

gerritbot added a comment.Jun 5 2019, 1:47 PM

Change 514474 had a related patch set uploaded (by Daniel Kinzler; owner: Vedmaka Wakalaka):
[mediawiki/core@master] Re-apply: Factors out permissions check from User into PermissionManager service

https://gerrit.wikimedia.org/r/514474

gerritbot added a project: Patch-For-Review.Jun 5 2019, 1:47 PM
Aklapper added a project: MediaWiki-User-management.Jun 21 2019, 8:39 AM
JJMC89 moved this task from Backlog to User rights on the MediaWiki-User-management board.Jun 21 2019, 10:59 PM
gerritbot added a comment.Jun 28 2019, 11:44 PM

Change 514474 merged by jenkins-bot:
[mediawiki/core@master] Re-apply: Factors out permissions check from User into PermissionManager service

https://gerrit.wikimedia.org/r/514474

Maintenance_bot removed a project: Patch-For-Review.Jun 29 2019, 12:10 AM
daniel closed this task as Resolved.Jul 1 2019, 10:09 AM

Let's hope this doesn't break CI again :)

WDoranWMF moved this task from Contractor - Ready to S&F Workboard on the Platform Team Workboards board.Jul 5 2019, 5:09 PM
WDoranWMF edited projects, added Platform Team Workboards (S&F Workboard); removed Platform Team Workboards (Contractor - Ready).
WDoranWMF moved this task from Backlog to Done on the Platform Team Workboards (S&F Workboard) board.
DannyS712 mentioned this in T251851: Move remaining user rights methods to PermissionManager.May 5 2020, 2:30 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits