Page MenuHomePhabricator

Log when admins access voter data in SecurePoll
Closed, ResolvedPublic2 Estimated Story PointsJan 12 2021

Description

Following T271270: Create new logging table in SecurePoll, log when admins access voter data.

This task is only for adding a row to the log table.

Details of how we could do this are outlined in T270342#6702969.

Details

Due Date
Jan 12 2021, 5:00 AM

Event Timeline

ARamirez_WMF set the point value for this task to 2.Jan 6 2021, 5:49 PM
ARamirez_WMF changed the subtype of this task from "Task" to "Deadline".
STran added a subscriber: STran.

Dependent on T271270: Create new logging table in SecurePoll; stubbing this out in the meanwhile

Change 655545 had a related patch set uploaded (by STran; owner: STran):
[mediawiki/extensions/SecurePoll@master] [WIP] Log when admins access voter data

https://gerrit.wikimedia.org/r/655545

Change 655545 merged by jenkins-bot:
[mediawiki/extensions/SecurePoll@master] Log when admins access voter data

https://gerrit.wikimedia.org/r/655545

dom_walden added a subscriber: dom_walden.

We now record every time an admin goes to Special:SecurePoll/list/<id>. A log entry is also recorded every time you refresh or use pagination. So you may see lots of entries for the same user and election (like below).

A log entry is only recorded if the user is an admin of the election and is in the electionadmin group. If a non-admin user goes to /list, they do not see any of the personal data (e.g. IP, UA) and a log entry is not recorded.

log_list.png (240×769 px, 76 KB)

Test environment: local vagrant SecurePoll 2.0.0 (1ebc4fd).