Page MenuHomePhabricator
Create Task
Maniphest T252559

CheckUser API in "get edits" mode misses certain types of changes that the Special page provides
Closed, InvalidPublic
Actions

Description

Hello,

I recently started using the CheckUser API in order to format data to be shared with other CheckUsers on our private wiki. However, I noticed that account creations and other log entries are not included in the API output. As a result, some usernames and IP addresses which we can see on Special:CheckUser do not appear in the API output.

It would be beneficial if the API could be updated to include log entries as well, to match the behavior of the special page.

Related Objects

Event Timeline

ST47 created this task.May 12 2020, 4:18 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 12 2020, 4:18 PM
ST47 updated the task description. (Show Details)May 12 2020, 4:21 PM
ST47 added a comment.May 12 2020, 4:40 PM

I assumed that the API was intentionally filtering out log entries, but that isn't correct. Is there some other reason why entries like these appear on Special:CheckUser but not on the API?

(Logs) . . 23:40 . . <redacted> was created
        IP: <redacted>
(Logs) . . 23:40 . . <redacted> User account <redacted> was created
        IP: <redacted>
Tks4Fish subscribed.May 12 2020, 5:40 PM
Huji subscribed.EditedMay 12 2020, 5:58 PM

The bigger issue is that ApiQueryCheckUser.php is replicating code that already exists in SpecialCheckuser.php in an encapsulated way.

Specifically, SpecialCheckUser::doUserEditDBRequest(), SpecialCheckUser::doIPUsersDBRequest() and SpecialCheckUser::doUserIPsDBRequest() should be used by ApiQueryCheckUser.php, for which I think they should be changed from protected to public.

@Niharika is there any plans, as part of CU 2.0, to rewrite the API code base?

ST47 added a comment.May 12 2020, 7:10 PM

I tested this on a Vagrant dev environment and it worked fine:

cugen = site._generator(
    pywikibot.data.api.ListGenerator,
    type_arg='checkuser',
)
cugen.request['curequest'] = 'edits'
cugen.request['cutarget'] = 'TestAcct'
cugen.request['cureason'] = 'test'
cugen.request['cutoken'] = site.tokens['csrf']
data = {
    'cudata': [x for x in cugen],
}
{'cudata': [[{'timestamp': '2020-05-12T18:59:32Z',
    'ns': 2,
    'title': 'TestAcct',
    'user': 'TestAcct',
    'ip': '10.0.2.2',
    'agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36',
    'summary': 'User account TestAcct was created'},
   {'timestamp': '2020-05-12T18:59:31Z',
    'ns': 2,
    'title': '',
    'user': 'TestAcct',
    'ip': '10.0.2.2',
    'agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36',
    'summary': 'was created'}]]}

But attempting the same thing on a sample account on enwiki got nothing:

[[]]
ST47 closed this task as Invalid.May 13 2020, 8:05 PM
ST47 added a comment.May 13 2020, 8:19 PM

Apologies for wasting anyone's time on this. I didn't realize that the API defaults to only 14 days worth of data, instead of defaulting to 90 days like the special page.

Niharika added a comment.May 14 2020, 4:02 AM
In T252559#6130411, @Huji wrote:

The bigger issue is that ApiQueryCheckUser.php is replicating code that already exists in SpecialCheckuser.php in an encapsulated way.

Specifically, SpecialCheckUser::doUserEditDBRequest(), SpecialCheckUser::doIPUsersDBRequest() and SpecialCheckUser::doUserIPsDBRequest() should be used by ApiQueryCheckUser.php, for which I think they should be changed from protected to public.

@Niharika is there any plans, as part of CU 2.0, to rewrite the API code base?

@Huji, not at the moment but we are looking into it - T252051: [Investigation] CheckUser API usage and dependency on special page

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL