[Bug] Normalise usernames in no-JS
Closed, ResolvedPublic5 Estimated Story PointsBUG REPORT
Actions

Description

From T271275: Log when admins are added to or removed from SecurePoll elections:

In T271275#6822096, @dom_walden wrote:

With JS disabled, there can be some weird behaviour. For example, if you change the election admin from Other Electionadmin to Other_Electionadmin, we appear to treat them as two different users and you get a misleading log entry:

In the same way, you can also add/remove the same admin more than once, and this gets recorded multiple times in the log.

I don't think this is likely to happen in practice, nor would it be a big problem if it did, but I may raise a bug about normalising usernames without JS.

Reproduction steps

One

Create an election with the election admin: "Election admin"
Disable Javascript, then edit the election and add an underscore to the admin's name (e.g. "Election_admin")

Observed outcome: Two entries in the log table, one add and one remove, but for the same user.

Two

Create an election with any election admin
Disable Javascript, then edit the election and add two admins: "Election admin" and "Election_admin"

Observed outcome: Two entries in the log table which claim to be adding the same user. In the securepoll_properties table you will also see Election admin|Election_admin in the admins row.

Details

Project	Branch	Lines +/-	Subject
mediawiki/core	master	+1 -1	HTMLUsersMultiselectField: Keep IP addresses while normalizing
mediawiki/core	master	+12 -1	Normalize and de-dupe usernames in HTMLUsersMultiselectField
mediawiki/extensions/SecurePoll	master	+17 -2	[WIP] Normalize admin usernames before logging changes

Customize query in gerrit

Related Objects

Mentioned In: T275394: Normalise IP addresses in HTMLUsersMultiselectField, to avoid adding multiple equivalent IP addresses
Mentioned Here: rMWc2890c3d19f5: Localisation updates from https://translatewiki.net.
rESPOaef4fb389b85: Localisation updates from https://translatewiki.net.
T275394: Normalise IP addresses in HTMLUsersMultiselectField, to avoid adding multiple equivalent IP addresses
T271275: Log when admins are added to or removed from SecurePoll elections

Event Timeline

Niharika triaged this task as Medium priority.Feb 11 2021, 4:55 PM

Niharika created this task.

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 11 2021, 4:55 PM

Niharika changed the subtype of this task from "Task" to "Bug Report".Feb 11 2021, 4:55 PM

Niharika added a project: MediaWiki-extensions-SecurePoll.

ARamirez_WMF set the point value for this task to 5.Feb 11 2021, 5:30 PM

dom_walden updated the task description. (Show Details)Feb 11 2021, 5:40 PM

dom_walden updated the task description. (Show Details)

ARamirez_WMF moved this task from Cards ready to be estimated to The Letter Song on the Anti-Harassment board.Feb 11 2021, 5:53 PM

ARamirez_WMF edited projects, added Anti-Harassment (The Letter Song); removed Anti-Harassment.

STran claimed this task.Feb 11 2021, 9:41 PM

STran moved this task from Ready 🎬 (ONLY IF YOU HAVE NO MORE CODE TO REVIEW) to In Progress 💪 on the Anti-Harassment (The Letter Song) board.

Hm @Prtksxna could I get your opinion on what the expected outcome should be?

If a user has the username "User A", "User A" is the canonical representation but "User_A" is a valid representation as well. If js is enabled, the poll admin selector will always show and save the canonical representation. For instance, if I try to add "User_A", it will not return it as a valid result. I can only add "User A." If js is not enabled, there is no such check.

So if the user does not have js enabled should they be allowed to add "User_A"? I thought so because it's a valid representation of the username but for comparison, if you try to make an account with username "user_a", it will automatically normalize it to "User A." I also thought it would be jarring to type in "User_A" and when you navigated back to the page, to see "User A" but again, create account does it out of the gate and all of our logs normalize the username as well.

What should happen if in no-js they try to add "User A" and "User_A?" Should the UI throw an error? Should it automatically remove "duplicates?" Something else?

I mostly thought about extension-level fixes but it's possible we might want to fix this at the input level so that the js and no-js versions of the widget behave similarly(ish). I'd appreciate any opinions you may have on this @Tchanders. For context, with js enabled, all normalization happens before the user can be selected as a value. There is a validation step when the values are being saved but they check only for user validity, not for canonicity. To make no-js behave similarly, we would have to do something like auto-normalize usernames alongside that validity check (this would theoretically be redundant for js enabled submits).

STran moved this task from In Progress 💪 to Needs Design 🎨 on the Anti-Harassment (The Letter Song) board.Feb 13 2021, 7:19 AM

Change 663940 had a related patch set uploaded (by STran; owner: STran):
[mediawiki/extensions/SecurePoll@master] [WIP] Normalize admin usernames before logging changes

https://gerrit.wikimedia.org/r/663940

gerritbot added a project: Patch-For-Review.Feb 13 2021, 7:23 AM

In T274568#6828009, @STran wrote:

So if the user does not have js enabled should they be allowed to add "User_A"? I thought so because it's a valid representation of the username but for comparison, if you try to make an account with username "user_a", it will automatically normalize it to "User A." I also thought it would be jarring to type in "User_A" and when you navigated back to the page, to see "User A" but again, create account does it out of the gate and all of our logs normalize the username as well.

I think they should be allowed to add "User_A". We should accept the input and clean it up and show it how it would correctly be (even if its is jarring). This way we are not throwing errors when we know what the user intended, and we're also showing them the "right" way.

What should happen if in no-js they try to add "User A" and "User_A?" Should the UI throw an error? Should it automatically remove "duplicates?" Something else?

What happens if they currently try to add "User A" and then "User A" again?
I think throwing an error can be avoided, if we could remove 'duplicates' that'd be ideal.

What happens if they currently try to add "User A" and then "User A" again?

With js enabled, this is not possible:

Since it will not show "Admin A" as an option if I already selected Admin A.

Without js, I can add Admin A repeatedly which is considered valid:

sqlite> select * from securepoll_properties where pr_entity = 24 and pr_key = 'admins';
pr_entity   pr_key      pr_value                             
----------  ----------  -------------------------------------
24          admins      Admin|Admin A|Admin A|Admin A|Admin A

I think throwing an error can be avoided, if we could remove 'duplicates' that'd be ideal.

It looks like the js-enabled version handles this edge case. If I re-enable js after adding duplicate entries, it will clean up the duplicates and be reflected when I save the entry:

sqlite> select * from securepoll_properties where pr_entity = 24 and pr_key = 'admins';
pr_entity   pr_key      pr_value     
----------  ----------  -------------
24          admins      Admin|Admin A

Hm. 🤔 It does sound like we just want to replicate what the js widget does for cleanup. I am leaning toward this being a widget-level fix.

In T274568#6832137, @Prtksxna wrote:

I think throwing an error can be avoided, if we could remove 'duplicates' that'd be ideal.

In T274568#6833671, @STran wrote:

Hm. 🤔 It does sound like we just want to replicate what the js widget does for cleanup. I am leaning toward this being a widget-level fix.

I agree with these.

To make no-js behave similarly, we would have to do something like auto-normalize usernames alongside that validity check (this would theoretically be redundant for js enabled submits).

Sounds sensible to me - this shouldn't break anything that's using the widget correctly.

STran moved this task from Needs Design 🎨 to In Progress 💪 on the Anti-Harassment (The Letter Song) board.Feb 16 2021, 5:16 PM

Change 663940 abandoned by STran:
[mediawiki/extensions/SecurePoll@master] [WIP] Normalize admin usernames before logging changes

Reason:
fixing upstream

https://gerrit.wikimedia.org/r/663940

Change 664679 had a related patch set uploaded (by STran; owner: STran):
[mediawiki/core@master] In no-js, there is no on the fly normalization of usernames in HTMLUsersMultiselectField so both "User A" and "User_A" are valid representations of "User A" (the canonical representation).

https://gerrit.wikimedia.org/r/664679

STran moved this task from In Progress 💪 to Code Review 🔍 on the Anti-Harassment (The Letter Song) board.Feb 17 2021, 12:31 AM

Tchanders moved this task from Code Review 🔍 to QA/Testing 🐞 on the Anti-Harassment (The Letter Song) board.Feb 17 2021, 10:38 PM

Change 664679 merged by jenkins-bot:
[mediawiki/core@master] Normalize and de-dupe usernames in HTMLUsersMultiselectField

https://gerrit.wikimedia.org/r/664679

ReleaseTaggerBot added a project: MW-1.36-notes (1.36.0-wmf.32; 2021-02-23).Feb 18 2021, 12:00 AM

@STran I think this means the widget no longer works when you input IPs rather than usernames. It seems to remove/ignore them when you submit.

This is something you would do for things like Special:Investigate, e.g.:

Change 666120 had a related patch set uploaded (by Tchanders; owner: Tchanders):
[mediawiki/core@master] HTMLUsersMultiselectField: Keep IP addresses while normalizing

https://gerrit.wikimedia.org/r/666120

Thanks for spotting this @dom_walden - the new patch should fix it.

Also filed this similar task T275394: Normalise IP addresses in HTMLUsersMultiselectField, to avoid adding multiple equivalent IP addresses - can be done separately.

Change 666120 merged by jenkins-bot:
[mediawiki/core@master] HTMLUsersMultiselectField: Keep IP addresses while normalizing

https://gerrit.wikimedia.org/r/666120

I can no longer reproduce the bugs in the description.

Moreover, the bug above (T274568#6848623) appears fixed. I can submit usernames, IPs and IP ranges via Special:Investigate correctly. Indeed, usernames are de-duplicated (but not IPs as Thalia points out).

Test environment Local vagrant MediaWiki 1.36.0-alpha (c2890c3), SecurePoll 2.0.0 (aef4fb3).

Niharika closed this task as Resolved.Feb 24 2021, 2:46 PM

[Bug] Normalise usernames in no-JSClosed, ResolvedPublic5 Estimated Story PointsBUG REPORTActions