Page MenuHomePhabricator
Create Task
Maniphest T263752

Add a user preference for access to IP Info
Closed, ResolvedPublic3 Estimated Story Points
Actions

Description

Access to the IPInfo tool is controlled by the 'ipinfo' right, which will be grated to certain trusted user groups, starting with checkusers.

Following T264150: User needs to request access to IP information [L], a user with the 'ipinfo' right must additionally check a box to indicate that they will use the tool only for anti-abuse purposes. This will be stored as a user preference. This task is to build out this preference.

In addition, the API endpoints should check for the presence of this user preference in addition to the 'ipinfo' right, and return a relevant error message if it is not present.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Add a user preference for enabling the IP info toolmediawiki/extensions/IPInfomaster+212 -8
Customize query in gerrit

Related Objects

Event Timeline

Tchanders created this task.Sep 24 2020, 1:45 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 24 2020, 1:45 PM
Niharika triaged this task as Medium priority.Sep 30 2020, 5:27 AM
Niharika updated the task description. (Show Details)
Niharika moved this task from Untriaged to Triage/To be Estimated on the Anti-Harassment-Team board.Oct 7 2020, 5:42 AM
Niharika renamed this task from Check for a user preference in addition to the 'ipinfo' right for the IPInfo tool to Add a user preference for access to IP Info .Oct 7 2020, 4:47 PM
Niharika updated the task description. (Show Details)
ARamirez_WMF set the point value for this task to 3.Oct 7 2020, 4:49 PM
ARamirez_WMF moved this task from Triage/To be Estimated to Cards ready for development on the Anti-Harassment-Team board.
ARamirez_WMF moved this task from Cards ready for development to The Letter Song on the Anti-Harassment-Team board.Oct 8 2020, 3:43 PM
ARamirez_WMF edited projects, added Anti-Harassment-Team (The Letter Song); removed Anti-Harassment-Team.
ARamirez_WMF changed the subtype of this task from "Task" to "Deadline".Oct 8 2020, 10:14 PM
ARamirez_WMF set Due Date to Oct 20 2020, 4:00 AM.
Tchanders claimed this task.Oct 20 2020, 4:07 PM
Tchanders moved this task from Ready 🎬 (ONLY IF YOU HAVE NO MORE CODE TO REVIEW) to In Progress 💪 on the Anti-Harassment-Team (The Letter Song) board.
ARamirez_WMF removed Due Date which was set to Oct 20 2020, 4:00 AM.Oct 21 2020, 4:42 PM
ARamirez_WMF removed a project: Anti-Harassment-Team (The Letter Song).
ARamirez_WMF removed a subscriber: Tchanders.
ARamirez_WMF added a project: Anti-Harassment-Team.Oct 21 2020, 4:55 PM
ARamirez_WMF moved this task from Untriaged to Cards ready for development on the Anti-Harassment-Team board.
ARamirez_WMF moved this task from Cards ready for development to The Letter Song on the Anti-Harassment-Team board.Nov 5 2020, 6:19 PM
ARamirez_WMF edited projects, added Anti-Harassment-Team (The Letter Song); removed Anti-Harassment-Team.
Tchanders added subscribers: Niharika, Prtksxna.Nov 9 2020, 3:28 PM

@Prtksxna @Niharika I was thinking of starting with a checkbox on Special:Preferences, with a label something along the lines of: "See information about an IP address. A record will be made when you enable/disable this option."

If that's OK, which section of Special:Preferences should this option appear in?

Are we OK to defer details of the legal agreement about anti-vandalism until T264150?

Tchanders moved this task from In Progress 💪 to Needs Design/Product 🎨 on the Anti-Harassment-Team (The Letter Song) board.Nov 9 2020, 3:29 PM
gerritbot added a comment.Nov 9 2020, 8:08 PM

Change 640236 had a related patch set uploaded (by Tchanders; owner: Tchanders):
[mediawiki/extensions/IPInfo@master] Add a user preference for enabling the IP info tool

https://gerrit.wikimedia.org/r/640236

gerritbot added a project: Patch-For-Review.Nov 9 2020, 8:08 PM
Prtksxna added a comment.Nov 16 2020, 4:14 AM
In T263752#6613395, @Tchanders wrote:

@Prtksxna @Niharika I was thinking of starting with a checkbox on Special:Preferences, with a label something along the lines of: "See information about an IP address. A record will be made when you enable/disable this option."

This text looks good 👍🏽

If that's OK, which section of Special:Preferences should this option appear in?

I am thinking that we can add a new section called Permissions at the bottom of the User profile tab.

Tchanders added a comment.Nov 16 2020, 3:03 PM
In T263752#6622845, @Prtksxna wrote:

This text looks good 👍🏽

Thanks, we'll go ahead with this then.

I am thinking that we can add a new section called Permissions at the bottom of the User profile tab.

Are you thinking a generic Permissions section for any permissions to go in? If so, then that should be added in core rather than in the IPInfo extension, since it doesn't make sense for that section only to be available if IPInfo is enabled. (We can do that just by adding a message in core - if the section is empty, the title won't appear.)

Do we know if this preference is going to stay in Special:Preferences, or move to an in-tool workflow? If the latter (or if we're not sure) we perhaps shouldn't make any changes to core for now. We could add it to an IP info section (defined in the extension) at the bottom of User profile until we know?

Niharika added a comment.Nov 16 2020, 8:41 PM
In T263752#6624150, @Tchanders wrote:
In T263752#6622845, @Prtksxna wrote:

This text looks good 👍🏽

Thanks, we'll go ahead with this then.

I am thinking that we can add a new section called Permissions at the bottom of the User profile tab.

Are you thinking a generic Permissions section for any permissions to go in? If so, then that should be added in core rather than in the IPInfo extension, since it doesn't make sense for that section only to be available if IPInfo is enabled. (We can do that just by adding a message in core - if the section is empty, the title won't appear.)

Do we know if this preference is going to stay in Special:Preferences, or move to an in-tool workflow? If the latter (or if we're not sure) we perhaps shouldn't make any changes to core for now. We could add it to an IP info section (defined in the extension) at the bottom of User profile until we know?

I think it will have to be in both places. I guess the correct answer right now is "we're not sure". @Prtksxna please correct me if I'm wrong.

Prtksxna added a comment.Nov 17 2020, 3:19 AM

Do we know if this preference is going to stay in Special:Preferences, or move to an in-tool workflow?

I think it will have to be in both places. I guess the correct answer right now is "we're not sure".

Yeah, from our discussions I imagined that it'll be both too. We'll have a big obvious way to enable it from the tool itself (whether its a popup or a box on Special Contribs) but not a way to disable it. For disabling we'll point them to the right place in Special Prefs.

If the latter (or if we're not sure) we perhaps shouldn't make any changes to core for now. We could add it to an IP info section (defined in the extension) at the bottom of User profile until we know?

Yeah, I don't think this warrants making a change to core. So I'd go with your suggestion of adding an "IP information" section at the bottom of the User profile tab.

Tchanders moved this task from Needs Design/Product 🎨 to Code Review 🔍 on the Anti-Harassment-Team (The Letter Song) board.Nov 17 2020, 4:21 PM
Tchanders added a comment.Nov 17 2020, 4:50 PM

Yeah, I don't think this warrants making a change to core. So I'd go with your suggestion of adding an "IP information" section at the bottom of the User profile tab.

OK thanks - have done this.

Tchanders mentioned this in T264795: Decide how we want to store how we log which users have access to IP Info [8 hours].Nov 19 2020, 6:45 PM
gerritbot added a comment.Nov 24 2020, 10:54 PM

Change 640236 merged by jenkins-bot:
[mediawiki/extensions/IPInfo@master] Add a user preference for enabling the IP info tool

https://gerrit.wikimedia.org/r/640236

Maintenance_bot removed a project: Patch-For-Review.Nov 24 2020, 11:10 PM
STran moved this task from Code Review 🔍 to QA/Testing 🐞 on the Anti-Harassment-Team (The Letter Song) board.Nov 25 2020, 6:20 PM
dom_walden moved this task from QA/Testing 🐞 to Done: Q2 (2020-2021) ✅ on the Anti-Harassment-Team (The Letter Song) board.Nov 27 2020, 9:22 AM
dom_walden subscribed.

We now have a new preference at the bottom of the "User profile" tab of Special:Preferences.

preference.png (183×765 px, 14 KB)

When this is unchecked, the "i" icons do not appear on Special:Log or revision history.

The API endpoints return a 403 with error message You do not have permission to perform the action. This is the same response you get when you don't have the ipinfo right.

I tested the log, revision and IP endpoints.

It is also possible to set this preference globally.

Test environment: vagrant MediaWiki 1.36.0-alpha (a8f051f), CheckUser 2.5 (1309125).

dom_walden added a comment.Dec 1 2020, 8:59 AM
In T263752#6652604, @dom_walden wrote:

We now have a new preference at the bottom of the "User profile" tab of Special:Preferences.

This setting only appears if the user has the ipinfo right.

Tchanders closed this task as Resolved.Dec 3 2020, 1:21 PM
Niharika moved this task from Backlog to Closed on the IP Info board.Aug 8 2022, 8:02 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits