Page MenuHomePhabricator
Create Task
Maniphest T250901

Allow privileged accounts to use action=query&meta=oath
Closed, ResolvedPublic
Actions

Description

Now that there is an UI for querying OATH status (T209749), we should allow privileged users to do that via the API as well.

My patch adds logging to that API module and allows holders of oathauth-verify-user to execute it. However, the original purpose of this API module was for Striker and similar software to be able to use Wikitech-powered 2FA. We probably don't want to log that. Question is...how to do this? Maybe we should add a "suppresslog" parameter and allow holders of oathauth-api-all to do that?

Details

SubjectRepoBranchLines +/-
Allow privileged accounts to use action=query&meta=oathmediawiki/extensions/OATHAuthmaster+29 -3
Customize query in gerrit

Related Objects

Event Timeline

Urbanecm created this task.Apr 22 2020, 10:04 AM
Restricted Application added a project: User-Urbanecm. · View Herald TranscriptApr 22 2020, 10:04 AM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
gerritbot added a comment.Apr 22 2020, 10:06 AM

Change 591790 had a related patch set uploaded (by Urbanecm; owner: Urbanecm):
[mediawiki/extensions/OATHAuth@master] Allow privileged accounts to use action=query&meta=oath

https://gerrit.wikimedia.org/r/591790

gerritbot added a project: Patch-For-Review.Apr 22 2020, 10:06 AM
Urbanecm moved this task from Backlog to Waiting on review on the User-Urbanecm board.Apr 25 2020, 10:22 PM
Ammarpad updated the task description. (Show Details)Aug 28 2020, 12:16 PM
gerritbot added a comment.Oct 6 2020, 6:21 PM

Change 591790 merged by jenkins-bot:
[mediawiki/extensions/OATHAuth@master] Allow privileged accounts to use action=query&meta=oath

https://gerrit.wikimedia.org/r/591790

ReleaseTaggerBot added a project: MW-1.36-notes (1.36.0-wmf.13; 2020-10-12).Oct 6 2020, 7:02 PM
Maintenance_bot removed a project: Patch-For-Review.Oct 6 2020, 7:10 PM
Urbanecm closed this task as Resolved.Oct 6 2020, 9:23 PM
FriedrickMILBarbarossa added a project: Stewards-and-global-tools.Apr 29 2021, 11:35 AM
FriedrickMILBarbarossa added a subscriber: Stewards-and-global-tools.
FriedrickMILBarbarossa removed a subscriber: Stewards-and-global-tools.
FriedrickMILBarbarossa subscribed.
FriedrickMILBarbarossa awarded a token.May 14 2021, 3:54 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits