Page MenuHomePhabricator
Create Task
Maniphest T287286

Oversighters need to be able to revert things to get rid of bad edits
Closed, ResolvedPublic
Actions

Description

Awareness of this need came out of reviewing patrolling workflows with @Risker. A user with the oversighter role needs to be able to perform reverts on any object they are patrolling so that they can remove offending content from a record before suppressing the edit which introduced the offending content.

In Django backend terms, this means that members of the Oversighter group need to be granted the "toolinfo.change_tool" permission. This will translate to a {subject: toolinfo/tool, action: change} permission in the CASL frontend rules.

Details

SubjectRepoBranchLines +/-
api: expand test for lists viewswikimedia/toolhubmain+193 -209
api: expand tests for toolinfo viewswikimedia/toolhubmain+281 -250
api: Allow Oversighters to edit tools and listswikimedia/toolhubmain+43 -18
Customize query in gerrit

Event Timeline

bd808 created this task.Jul 23 2021, 8:18 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 23 2021, 8:18 PM
bd808 updated the task description. (Show Details)Jul 25 2021, 5:33 PM
bd808 added a subscriber: Risker.
bd808 added a comment.Jul 25 2021, 5:37 PM

The need for this specific permission was missed when comparing rights to the rights granted to the analogous group in MediaWiki because of the different content controls in Toolhub. On a typical MediaWiki wiki anyone can edit any page. There are sometimes page specific protections that are slightly more restrictive, but there is very seldom a restriction like the core rule in Toolhub which gives "ownership" of a toolinfo record to a single individual.

bd808 claimed this task.Jul 26 2021, 4:38 PM
bd808 moved this task from Backlog to In Progress on the Toolhub board.
bd808 added a project: Developer-Advocacy (Jul-Sep 2021).
Restricted Application added a project: User-bd808. · View Herald TranscriptJul 26 2021, 4:38 PM
gerritbot added a comment.Jul 27 2021, 4:59 PM

Change 708320 had a related patch set uploaded (by BryanDavis; author: Bryan Davis):

[wikimedia/toolhub@main] api: Allow Oversighters to edit tools and lists

https://gerrit.wikimedia.org/r/708320

gerritbot added a project: Patch-For-Review.Jul 27 2021, 4:59 PM

Change 708322 had a related patch set uploaded (by BryanDavis; author: Bryan Davis):

[wikimedia/toolhub@main] api: expand tests for toolinfo views

https://gerrit.wikimedia.org/r/708322

gerritbot added a comment.Jul 27 2021, 4:59 PM

Change 708323 had a related patch set uploaded (by BryanDavis; author: Bryan Davis):

[wikimedia/toolhub@main] api: expand test for lists views

https://gerrit.wikimedia.org/r/708323

gerritbot added a comment.Jul 27 2021, 7:23 PM

Change 708320 merged by jenkins-bot:

[wikimedia/toolhub@main] api: Allow Oversighters to edit tools and lists

https://gerrit.wikimedia.org/r/708320

gerritbot added a comment.Jul 27 2021, 7:31 PM

Change 708322 merged by jenkins-bot:

[wikimedia/toolhub@main] api: expand tests for toolinfo views

https://gerrit.wikimedia.org/r/708322

gerritbot added a comment.Jul 27 2021, 7:33 PM

Change 708323 merged by jenkins-bot:

[wikimedia/toolhub@main] api: expand test for lists views

https://gerrit.wikimedia.org/r/708323

Maintenance_bot removed a project: Patch-For-Review.Jul 27 2021, 8:10 PM
bd808 closed this task as Resolved.Jul 28 2021, 11:57 PM
bd808 moved this task from In Progress to Review on the Toolhub board.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits