Page MenuHomePhabricator

Semantic ACL: filter query results for access control
Closed, ResolvedPublic

Description

Pages a user is not supposed to see still show up in semantic queries. This presents the current user irrelevant results with regards to their security context and could leak protected data through property display.

My use case is filtering unviewable images out of an image gallery.

See https://www.mediawiki.org/wiki/Topic:Vets8335gdg2tp6c

Details

Related Gerrit Patches:
mediawiki/extensions/SemanticACL : masterSemanticACL: filter query results for access control

Event Timeline

Restricted Application added subscribers: Liuxinyu970226, Aklapper. · View Herald TranscriptJan 14 2020, 2:39 AM
DannyS712 added a subscriber: DannyS712.

Should be a part of #mediawiki-extensions-semanticacl per https://www.mediawiki.org/wiki/Extension:Semantic_ACL, but that project doesn't exist

Should be a part of #mediawiki-extensions-semanticacl per https://www.mediawiki.org/wiki/Extension:Semantic_ACL, but that project doesn't exist

Looks like @Tinss added an issue tracker value in https://www.mediawiki.org/w/index.php?title=Extension%3ASemantic_ACL&type=revision&diff=3572192&oldid=3324778 for reasons I don't know. If you would like to use Wikimedia Phabricator, please see https://www.mediawiki.org/wiki/Phabricator/Creating_and_renaming_projects - thanks.

Aklapper removed Tinss as the assignee of this task.Jan 14 2020, 8:54 AM
Aklapper added a subscriber: Tinss.

Resetting task assignee as it is up to each individual what they plan to work on or not.

Should be a part of #mediawiki-extensions-semanticacl per https://www.mediawiki.org/wiki/Extension:Semantic_ACL, but that project doesn't exist

Looks like @Tinss added an issue tracker value in https://www.mediawiki.org/w/index.php?title=Extension%3ASemantic_ACL&type=revision&diff=3572192&oldid=3324778 for reasons I don't know. If you would like to use Wikimedia Phabricator, please see https://www.mediawiki.org/wiki/Phabricator/Creating_and_renaming_projects - thanks.

Sorry about that, still learning the ropes :) I'll put up a request to have a project created on Phabricator.

Tinss claimed this task.Jan 16 2020, 1:47 AM
Tinss added a comment.EditedJan 17 2020, 10:51 PM

@Smith.dan, how about filtering out items that are not accessible from queries?

The is_accessible property makes little sense and will introduce security holes because:

  • under no circumstances you will want a user to view an item for which they dot not have read permission;
  • to make queries secure, user will have to remember to add the [[is_accessible::true]] condition;
  • the is_accessible property makes it possible for users to know which pages they do not have access to by running a query against it.

Does this make sense?

Sure, that would do the trick.

Change 565736 had a related patch set uploaded (by Antoine Mercier-Linteau; owner: Antoine Mercier-Linteau):
[mediawiki/extensions/SemanticACL@master] SemanticACL: filter query results for access control

https://gerrit.wikimedia.org/r/565736

Tinss renamed this task from Semantic ACL: support queries for accessibility of pages to Semantic ACL: filter query results for access control.Jan 18 2020, 4:20 PM
Tinss closed this task as Resolved.
Tinss triaged this task as High priority.
Tinss updated the task description. (Show Details)

@Smith.dan, can you give the patch that I made a run?

Tinss reopened this task as Open.Jan 18 2020, 4:21 PM

Change 565736 merged by jenkins-bot:
[mediawiki/extensions/SemanticACL@master] SemanticACL: filter query results for access control

https://gerrit.wikimedia.org/r/565736

Tinss closed this task as Resolved.Feb 18 2020, 6:46 PM

I decided to go ahead and +2 the change.