Page MenuHomePhabricator

Separate Special:CreateLocalAccount from autocreateaccount in abuse filters
Open, Needs TriagePublicFeature

Description

Feature summary (what you would like to be able to do and where):
Create a new abuse filter action for local account creations from Special:CreateLocalAccount to separate them from autocreateaccount. Let the user who create the local account (usually a sysop), instead of the account created, be the action performer.

Use case(s) (list the steps that you performed to discover that problem, and describe the actual underlying problem which you want to solve. Do not describe only a solution):

  • Create an abusefilter to block creation and autocreation of accounts whose names match certain pattern.

Example rules:

(
    action == 'createaccount'
    | action == 'autocreateaccount'
)
& (
    rx := "some pattern";
    accountname irlike rx
)
  • Set warning and prevention as the actions when triggered.
  • Go to Special:CreateLocalAccount and create a local account for some username matching that pattern.
  • The AF we just created is triggered. Abuse log says it was an autocreateaccount action taken by the account who should have been created.

Currently, local account creations from Special:CreateLocalAccount looks the same as the account creating its own local account. This could lead to misinterpreting of abuse logs and difficulties in designing abuse filters.

Benefits (why should this be implemented?):

  • Sysops could be excluded from targets of filters when they manually create local accounts for users who will be caught by the filter but show good records elsewhere.

Other information

Problem was first found on zhwiki (AF194), then reproduced on wikidata.beta.wmflabs.org by User:Stang (AF3).

Event Timeline

The chain of calls seems to be:

  • SpecialCreateLocalAccount::onSubmit (CA)
  • CentralAuthForcedLocalCreationService::attemptAutoCreateLocalUserFromName
  • CentralAuthUtilityService::autoCreateUser
  • AuthManager::autoCreateUser (core)
  • AbuseFilterPreAuthenticationProvider::testUserForCreation/::testUser (AF)
  • RunVariableGenerator::getAccountCreationVars

SpecialCreateLocalAccount::onSubmit calls CentralAuthForcedLocalCreationService::attemptAutoCreateLocalUserFromName and provides the performing authority. But CentralAuthForcedLocalCreationService::attemptAutoCreateLocalUserFromName cannot pass the authority further because neither CentralAuthUtilityService::autoCreateUser nor AuthManager::autoCreateUser support that. The information about the performer is thus not available to AbuseFilter.

(The fact that someone is responsible for "autocreating" an account seems to be a contradiction to what the term "autocreate" was originally coined for.)