Add security limits to the Wikifunctions system to maintain stability and integrity of the content
Open, Needs TriagePublic
Actions

Assigned To

None

Authored By

	Jdforrester-WMF
	Jan 19 2022, 10:25 PM

Related Objects
Search...

Status	Assigned	Task
Open	None	T299176 Phase Theta – Root task
Open	None	T299598 Add security limits to the Wikifunctions system to maintain stability and integrity of the content
Open	gengh	T260314 Restrict making content (non-label/alias) changes to system-provided ZObjects to users with a special right
Resolved	DVrandecic	T260315 Create a file containing the core types to upload to wiki
Resolved	DVrandecic	T269182 Figure out validation and well-formedness
Open	gengh	T299600 Restrict associating & disassociating Testers and Implementations to ZFunctions to users with a special right
Open	gengh	T299601 Restrict creating Types to users with a special right
Open	gengh	T299602 Restrict altering Types to users with a special right
Open	gengh	T299603 Restrict editing Implementations and Testers which are associated with their Function to users with a special right
Open	gengh	T299604 Restrict altering Function definitions to users with a special right
Resolved	gengh	T297869 Function Editor: Allow user to REMOVE an Input from a function definition
Resolved	gengh	T299606 Restrict users from creating top-level ZObjects of inappropriate types
Resolved	DVrandecic	T266239 Determine which types are allowed to be created as top level objects
Open	None	T278843 Avoid edit conflicts by merging competing edits where possible
Resolved	maryyang	T285312 Enable Logging in Backend Services
Resolved	cmassaro	T287090 Improve Logging in Executors by Not Relying on stderr for Error Reporting
Resolved	ori	T290700 Use a Proper Logging Module in Orchestrator
Open	None	T301667 Use Roles to determine what features are shown to the user in the frontend code
Open	None	T301670 Create a placeholder Roles module in Vuex ahead of future role work
Resolved	JKieserman	T301672 Prevent logged out user from editing input / output in Edit function
Resolved	• AdesojiThisDot	T301673 Display "impactful change" dialog and disable implementations on input / output change of existing function
Open	Jdforrester-WMF	T282914 Provide user rights for editing of ZObjects at all, and specific ones for ZImplementations, ZTesters, and ZFunctions
Open	None	T303335 Users can understand the nature of changes others have made to ZObject wiki content
Open	None	T284473 Users are provided with a meaningful diff when changes have been made
Resolved	DVrandecic	T303336 Users can write an edit summary when publishing which can be seen by other users in histories
Open	None	T303342 Users get an automatic edit tag when publishing that shows what kind of edit was made
Open	None	T290205 Provide semi-automated edit summaries for ZObject edits
Open	None	T303338 The WikiLambda system understands the nature of changes being made and can react to them
Resolved	gengh	T303339 Provide a tree-diffing system for WikiLambda that allows us to compare changes to ZObjects
Resolved	gengh	T303340 Decide whether we're going to re-use an existing tree-diffing system or build our own
Resolved	gengh	T315882 WikiLambda: implement diffing algorithm
Open	gengh	T321183 Design an architecture proposal for user authorization that can use the data returned from WikilambdaDiff to restrict access
Open	gengh	T321186 Discuss and decide all areas for restricted access (high granularity)
Open	gengh	T321184 Implement user authorization base classes and one POC