Page MenuHomePhabricator
Create Task
Maniphest T254822

CentralAuth's group membership is not reliable
Closed, ResolvedPublic
Actions

Description

SpecialCentralAuth uses UserGroupMembership::getMembershipForUser, which is given an userid and a database, but the database is ignored, which results in SpecialCentralAuth receiving incorrect results. An example is available at https://en.wikipedia.beta.wmflabs.org/wiki/Special:CentralAuth/Dyolf77_TEST. The acount should have confirmed, oversight, sysop at commons, but that's not true.

A fix: Use UserGroupManagerFactory at https://github.com/wikimedia/mediawiki-extensions-CentralAuth/blob/master/includes/CentralAuthUser.php#L2554, to get the DB-specific UserGroupManager.

Details

SubjectRepoBranchLines +/-
CentralAuthUser: Stop using depracated UserGroupMembership::getMembershipsForUsermediawiki/extensions/CentralAuthmaster+11 -2
Customize query in gerrit

Related Objects
Search...

Event Timeline

Urbanecm created this task.Jun 8 2020, 9:28 PM
Restricted Application added a project: User-Urbanecm. · View Herald TranscriptJun 8 2020, 9:28 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Urbanecm triaged this task as Unbreak Now! priority.Jun 8 2020, 9:29 PM

This is going to seriously break Special:CentralAuth in production if train goes forward.

Restricted Application added a subscriber: Liuxinyu970226. · View Herald TranscriptJun 8 2020, 9:29 PM
DannyS712 added a project: MediaWiki-User-management.Jun 8 2020, 9:29 PM
DannyS712 added parent tasks: T254173: 1.35.0-wmf.36 deployment blockers, T234921: Factor group membership management out of User class.
Urbanecm mentioned this in T254173: 1.35.0-wmf.36 deployment blockers.Jun 8 2020, 9:30 PM
DannyS712 added subscribers: Pchelolo, DannyS712.Jun 8 2020, 9:30 PM

@Pchelolo see above - if the fix for CentralAuth can't be reviewed in time, we'll probably need to revert https://gerrit.wikimedia.org/r/#/c/mediawiki/core/+/545690

Jdforrester-WMF awarded a token.Jun 8 2020, 9:31 PM
Agusbou2015 subscribed.Jun 8 2020, 9:33 PM
RhinosF1 subscribed.Jun 8 2020, 9:35 PM
gerritbot added a comment.Jun 8 2020, 9:36 PM

Change 603618 had a related patch set uploaded (by Urbanecm; owner: Urbanecm):
[mediawiki/extensions/CentralAuth@master] CentralAuthUser: Stop using depracated UserGroupMembership::getMembershipsForUser

https://gerrit.wikimedia.org/r/603618

gerritbot added a project: Patch-For-Review.Jun 8 2020, 9:36 PM
Urbanecm moved this task from Backlog to Waiting on review on the User-Urbanecm board.Jun 8 2020, 9:54 PM

Confirmed the patch above works at my local CA instance, hopefully it will work in prod too :).

Urbanecm mentioned this in T254826: Special:Investigate's determination of user groups is unreliable.Jun 8 2020, 10:08 PM
gerritbot added a comment.Jun 8 2020, 10:12 PM

Change 603618 merged by jenkins-bot:
[mediawiki/extensions/CentralAuth@master] CentralAuthUser: Stop using depracated UserGroupMembership::getMembershipsForUser

https://gerrit.wikimedia.org/r/603618

Urbanecm added a comment.Jun 8 2020, 10:17 PM

https://en.wikipedia.beta.wmflabs.org/wiki/Special:CentralAuth/Dyolf77_TEST is now clear

DannyS712 removed a project: Patch-For-Review.Jun 8 2020, 10:20 PM
ReleaseTaggerBot added a project: MW-1.35-notes (1.35.0-wmf.36; 2020-06-09).Jun 8 2020, 11:00 PM
jeena subscribed.Jun 9 2020, 5:19 PM

@Urbanecm this has been resolved and is no longer a train blocker, correct?

Urbanecm closed this task as Resolved.Jun 9 2020, 5:20 PM

Yes @jeena, this should work properly. Thanks for asking!

jeena added a comment.Jun 9 2020, 5:21 PM

great, thanks!

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits