Page MenuHomePhabricator
Create Task
Maniphest T271462

Experiment with converting action API modules to Authority
Closed, ResolvedPublic
Actions

Description

After Authority is available from IContextSource T271460 we can try converting a ApiBase and action API modules to using it instead of PermissionManager.

Details

SubjectRepoBranchLines +/-
Use Authority and GroupPermissionLookup in Action APImediawiki/coremaster+141 -182
Customize query in gerrit

Related Objects
Search...

Event Timeline

Pchelolo created this task.Jan 7 2021, 8:31 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 7 2021, 8:31 PM
Pchelolo moved this task from Unsorted pile to Authority pile on the Platform Team Workboards (MW Expedition) board.Jan 7 2021, 8:33 PM
JJMC89 moved this task from Backlog to Other on the MediaWiki-User-management board.Jan 7 2021, 8:35 PM
CCicalese_WMF claimed this task.Jan 13 2021, 12:56 AM
Pchelolo triaged this task as Medium priority.Jan 19 2021, 6:27 PM
Pchelolo moved this task from Authority pile to Blocked on the Platform Team Workboards (MW Expedition) board.
CCicalese_WMF renamed this task from Experiment with converting some action API modules to Authority to Experiment with converting action API modules to Authority.Jan 21 2021, 2:40 PM
CCicalese_WMF updated the task description. (Show Details)
gerritbot added a comment.Jan 21 2021, 2:42 PM

Change 655438 had a related patch set uploaded (by Cicalese; owner: Cicalese):
[mediawiki/core@master] EXPERIMENT Use Authority in Action API

https://gerrit.wikimedia.org/r/655438

gerritbot added a project: Patch-For-Review.Jan 21 2021, 2:42 PM
CCicalese_WMF added a comment.EditedJan 21 2021, 2:47 PM

An experimental patch (https://gerrit.wikimedia.org/r/c/mediawiki/core/+/655438) converts the bulk of the Action API code to use Authority rather than PermissionManager.

The ApiCheckCanExecute hook still needs to be converted to use Authority rather than User.

The remaining usages of PermissionManager in the Action API code are calls to the following functions: isBlockedFrom(), isEveryoneAllowed( 'read' ), getAllPermissions(), and getUserPermissions(). In addition, in the tests, addTemporaryUserRights() and invalidateUserRightsCache() are called.

There are also calls to a couple of other core functions external to the Action API that should take Authority rather then User eventually: ChangeTags::canAddTagsAccompanyingChange() and MovePage::checkPermissions().

gerritbot added a comment.Feb 23 2021, 4:03 PM

Change 655438 merged by jenkins-bot:
[mediawiki/core@master] Use Authority and GroupPermissionLookup in Action API

https://gerrit.wikimedia.org/r/655438

Maintenance_bot removed a project: Patch-For-Review.Feb 23 2021, 4:10 PM
Pchelolo moved this task from Blocked to On the train on the Platform Team Workboards (MW Expedition) board.Feb 23 2021, 5:46 PM
Pchelolo closed this task as Resolved.Mar 2 2021, 11:22 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits