⚓ T309318 Can global sysops have ipinfo-view-full and ipinfo-view-log access?

Status	Subtype	Assigned	Task
Open		None	T261555 Allow CheckUser to provide IP addresses for logged in edits/actions
Open		None	T285977 IP Info
Resolved		Niharika	T287648 Reviews and deployment
Resolved		Tchanders	T260597 Deploy IP Info extension to all wikis (as a beta feature)
Resolved		Niharika	T261372 Replace mock data returned from API endpoint with live data
Resolved		Dzahn	T288844 Update MaxMind GeoIP2 license key and product IDs for application servers
Resolved	BUG REPORT	Clement_Goubert	T288375 IPInfo MediaWiki extension depends on presence of maxmind db in the container/host
Open	Spike	Niharika	T263637 Determine on which pages IPInfo should be available
Resolved		Niharika	T292755 Epic: IP Info access
Resolved		STran	T296499 Grant certain groups the ipinfo-view-full right
Resolved		Tchanders	T260598 Deploy IP Info extension to test.wikipedia.org
Resolved		Tchanders	T260599 Deploy IP Info extension to beta cluster
Resolved		sbassett	T262963 Security Readiness Review For geoip2/geoip2
Resolved	Dec 15 2020	Tchanders	T266136 Update CI config once geoip2 is available
Resolved		Tchanders	T269475 Add geoip2/geoip2 library to mediawiki/vendor
Resolved		Tchanders	T260602 Complete the necessary reviews for the IP Info extension
Invalid		None	T260601 Remove the static mock data from the popup and make a request to the API endpoint for dynamic mock data
Resolved	Sep 22 2020	Tchanders	T260603 Create an API endpoint that accepts a log id or revision id and returns mock data about the IP address
Resolved	Sep 22 2020	Tchanders	T260604 Display a popup with fixed mock data for an IP address on the specified page(s)
Resolved		Tchanders	T260605 Add IP Info extension to translatewiki.net
Resolved		dbarratt	T260607 Deploy the IP Info extension to The Good Place
Resolved		Tchanders	T260609 Create a basic extension.json file and a new wikipage for the IP Info extension
Resolved		dbarratt	T260611 Request a repository for the IP Info Extension
Resolved		Tchanders	T260610 Request the necessary reviews of the IP Info extension
Resolved		sbassett	T260822 Security review of IP Info extension
Resolved		Niharika	T260821 Performance review of IP Info extension
Invalid		None	T270347 Remove 'ipinfo' right from administrators on the Beta Cluster
Stalled		None	T309318 Can global sysops have ipinfo-view-full and ipinfo-view-log access?

TheresNoTime created this task.May 26 2022, 2:26 PM

TheresNoTime mentioned this in T260597: Deploy IP Info extension to all wikis (as a beta feature).May 26 2022, 2:33 PM

Stang added a subscriber: WhitePhosphorus.May 26 2022, 2:43 PM

Stang subscribed.

Xaosflux subscribed.May 26 2022, 3:41 PM

JJMC89 edited projects, added Anti-Harassment; removed Anti-Harassment (AHaT Sprint 8: The Flat Cap).May 26 2022, 4:04 PM

@TheresNoTime https://meta.wikimedia.org/wiki/Talk:IP_Editing:_Privacy_Enhancement_and_Abuse_Mitigation/Archives/2021-11#What_about_global_rights_holder

Hmm, we could start a new task to discuss about Global Rollbackers.

Yahya subscribed.May 26 2022, 7:59 PM

• mdedul.islam.16 closed this task as a duplicate of T309357: *spam*.May 26 2022, 9:33 PM

TheresNoTime reopened this task as Open.May 26 2022, 9:42 PM

Hang tight, I'm checking with Legal about this!

AntiCompositeNumber mentioned this in T296499: Grant certain groups the ipinfo-view-full right.May 27 2022, 12:24 AM

In T309318#7962140, @Niharika wrote:

Hang tight, I'm checking with Legal about this!

Can you please also ask about global rollbackers and other global groups?

In T309318#7962271, @DannyS712 wrote:

In T309318#7962140, @Niharika wrote:

Hang tight, I'm checking with Legal about this!

Can you please also ask about global rollbackers and other global groups?

Yes, could you tell me which other global groups would need this access? stewards, staff and ombuds groups already have this access.

In T309318#7962273, @Niharika wrote:

In T309318#7962271, @DannyS712 wrote:

In T309318#7962140, @Niharika wrote:

Hang tight, I'm checking with Legal about this!

Can you please also ask about global rollbackers and other global groups?

Yes, could you tell me which other global groups would need this access? stewards, staff and ombuds groups already have this access.

I imagine this would also be helpful for abuse filter helpers and maintainers (see the ip address when debugging edit filters that use ips), system administrators, global rollbackers, and maybe global interface editors (since they are trusted with so much more including editing site wide js/css)

In T309318#7962274, @DannyS712 wrote:

In T309318#7962273, @Niharika wrote:

In T309318#7962271, @DannyS712 wrote:

In T309318#7962140, @Niharika wrote:

Hang tight, I'm checking with Legal about this!

Can you please also ask about global rollbackers and other global groups?

Yes, could you tell me which other global groups would need this access? stewards, staff and ombuds groups already have this access.

I imagine this would also be helpful for abuse filter helpers and maintainers (see the ip address when debugging edit filters that use ips), system administrators, global rollbackers, and maybe global interface editors (since they are trusted with so much more including editing site wide js/css)

Thanks @DannyS712. I've updated my request for the Legal team.

JJMC89 mentioned this in T307164: IP Info log access to staff, stewards, checkusers, ombudsmen.May 27 2022, 8:07 AM

JJMC89 added a parent task: T292755: Epic: IP Info access.May 27 2022, 7:46 PM

For reference: T309411: sysop access to ipinfo logs can leak IP addresses that sysops should not have access to

~~ipinfo-view-log seems limited for those with CU-log access per T307164. Given that global sysops/rollbackers do not sign any NDA, maybe this should not be added unless Legal thinks otherwise.~~ Strike per rOMWC9886463a1fba: Add IPInfo viewing rights for certain groups; sysops have it too but it looks like this is not intended per T307164#7963866.

ipinfo-view-full is probably okay considering that it's a sysop level permission and they have sysop permissions on the several wikis that allow them.

NguoiDungKhongDinhDanh subscribed.May 28 2022, 8:25 AM

MdsShakil subscribed.May 28 2022, 5:19 PM

Iluvatar subscribed.May 30 2022, 12:11 AM

Daniuu subscribed.Jun 2 2022, 10:41 PM

Snaevar subscribed.Jun 2 2022, 11:21 PM

TheresNoTime mentioned this in T309928: Remove `ipinfo-view-log` from sysops.Jun 4 2022, 8:30 PM

Per the resolution of T309928: Remove `ipinfo-view-log` from sysops, ipinfo-view-log is not going to be added (pending Legal's input) — ipinfo-view-full probably can be added as @MarcoAurelio mentions above, but its best we wait for clarification from @Niharika et al

Set task to stalled, awaiting input

1234qwer1234qwer4 subscribed.Jun 8 2022, 5:29 PM

Samuele2002 subscribed.Jun 10 2022, 9:57 AM

FriedrickMILBarbarossa added a project: Stewards-and-global-tools.Jul 5 2022, 2:47 PM

FriedrickMILBarbarossa subscribed.Jul 5 2022, 2:59 PM

FriedrickMILBarbarossa awarded a token.Jul 5 2022, 3:16 PM

ZhaoFJx subscribed.Jul 17 2022, 4:15 PM

Ericliu1912 subscribed.Jul 29 2022, 8:07 AM

Johannnes89 subscribed.Aug 28 2022, 8:53 AM

Niharika moved this task from Untriaged to Triage/To be Estimated on the Anti-Harassment board.Dec 5 2022, 10:16 PM

Tchanders mentioned this in T310393: IP Info log can be used to deanonymize user.Apr 20 2023, 11:21 PM

TAdeleye_WMF edited projects, added Trust and Safety Product Team (PM); removed Anti-Harassment.May 14 2024, 4:29 PM