Page MenuHomePhabricator

Make OATHExclusiveRights more reliable
Closed, DeclinedPublic

Description

As @Tgr correctly notes in T150562#6078263, OATHExclusiveRights probably does not work on CentralAuth-provided sessions, and also works currently only on title-based checks. I propose to:

  1. Stop using session altogether, instead, only verify the user has OATH enabled
  2. Use the same logic in UserGetRights as well

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Change 660003 had a related patch set uploaded (by Urbanecm; owner: Urbanecm):
[mediawiki/extensions/OATHAuth@master] Make OATHExclusiveRights more reliable

https://gerrit.wikimedia.org/r/660003

Urbanecm triaged this task as Medium priority.Jan 29 2021, 9:28 PM
Urbanecm moved this task from Backlog to Waiting on review on the User-Urbanecm board.

image.png (517×1 px, 127 KB)

I'd say patch works :). Reviews appreciated.

Change 660003 abandoned by Urbanecm:

[mediawiki/extensions/OATHAuth@master] Make OATHExclusiveRights more reliable

Reason:

in favor of https://gerrit.wikimedia.org/r/c/mediawiki/extensions/OATHAuth/+/762385

https://gerrit.wikimedia.org/r/660003