Page MenuHomePhabricator
Create Task
Maniphest T310476

Add rate limiting to Authority
Closed, ResolvedPublic
Actions

Description

Per the original proposal (T231930), Authority should be responsible for applying rate limits to actions they authorize. The idea is that callers that ask for an action to be authorized should not know or care what factors into that decision - be it group permissions, user blocks, rate limits, etc.

Rate limits would be tested (but not bumped) by "thorough" checks as performed by definitelyCan() (and, in the future, isDefinitelyAllowed). Methods that "authorize" an action would enforce and bump the limit, this would be the authorizwRead() and authorizeWrite() methods (as well as, in t he future, authorizeDo()).

Performing rate limit checks implicitly for all permission checks allows all code to be removed that currently enforces rate limits explicitly, by calling User::pingLimiter or RateLimiter::limit. It also allows error handling for rate limits to be generalized in the API, so that clients are informed avout limit violations in a uniform way.

Details

SubjectRepoBranchLines +/-
Introduce authorizeAction() into Authority.mediawiki/coremaster+697 -75
Implement rate limiting in Authority.mediawiki/coremaster+500 -113
RateLimiter: collect statisticsmediawiki/coremaster+110 -2
Rename rate limits to match permission namesmediawiki/coremaster+50 -9
Customize query in gerrit

Related Objects
Search...

Event Timeline

daniel created this task.Jun 13 2022, 9:40 AM
daniel moved this task from Unsorted pile to Doing on the Platform Team Workboards (MW Expedition) board.Jun 15 2022, 6:57 PM
daniel claimed this task.Jun 29 2022, 11:00 AM
daniel triaged this task as Medium priority.
gerritbot added a comment.Jul 13 2022, 1:14 PM

Change 809295 had a related patch set uploaded (by Daniel Kinzler; author: Daniel Kinzler):

[mediawiki/core@master] Experiment: Implement rate limiting in Authority.

https://gerrit.wikimedia.org/r/809295

gerritbot added a project: Patch-For-Review.Jul 13 2022, 1:14 PM
daniel added a project: RESTBase Sunsetting.Dec 6 2022, 3:36 PM
daniel moved this task from Unsorted to Doing on the RESTBase Sunsetting board.Dec 6 2022, 3:40 PM
gerritbot added a comment.Jan 13 2023, 8:31 PM

Change 879862 had a related patch set uploaded (by Daniel Kinzler; author: Daniel Kinzler):

[mediawiki/core@master] Rename rate limits to match permission names

https://gerrit.wikimedia.org/r/879862

gerritbot added a comment.Feb 26 2023, 11:54 PM

Change 879862 merged by jenkins-bot:

[mediawiki/core@master] Rename rate limits to match permission names

https://gerrit.wikimedia.org/r/879862

ReleaseTaggerBot added a project: MW-1.40-notes (1.40.0-wmf.25; 2023-02-27).Feb 27 2023, 12:00 AM
daniel removed a project: RESTBase Sunsetting.Jun 5 2023, 6:07 PM
gerritbot added a comment.Jun 18 2023, 12:34 PM

Change 930934 had a related patch set uploaded (by Daniel Kinzler; author: Daniel Kinzler):

[mediawiki/core@master] RateLimiter: collect statistics

https://gerrit.wikimedia.org/r/930934

Daimona mentioned this in T339822: Bind the 'sendemail' user right to a wiki page.Jun 18 2023, 5:47 PM
gerritbot added a comment.Jun 20 2023, 11:54 AM

Change 930934 merged by jenkins-bot:

[mediawiki/core@master] RateLimiter: collect statistics

https://gerrit.wikimedia.org/r/930934

ReleaseTaggerBot added a project: MW-1.41-notes (1.41.0-wmf.15; 2023-06-27).Jun 20 2023, 12:00 PM
Addshore unsubscribed.Jun 27 2023, 12:39 PM
daniel updated the task description. (Show Details)Jun 29 2023, 11:17 AM
Tgr added a comment.Jul 1 2023, 1:53 AM

See also T134953: Merge Throttler and ping limiter - Throttler handles login and signup, which is not handled by Authority (signup somewhat is, via the createaccount user right, but most permission checks happen elsewhere) but it would still be nice to have a single component for rate limiting.

gerritbot added a comment.Jul 7 2023, 11:39 AM

Change 814359 had a related patch set uploaded (by Daniel Kinzler; author: Daniel Kinzler):

[mediawiki/core@master] Introduce authorizeDo() into Authority.

https://gerrit.wikimedia.org/r/814359

gerritbot added a comment.Jul 24 2023, 12:32 AM

Change 809295 merged by jenkins-bot:

[mediawiki/core@master] Implement rate limiting in Authority.

https://gerrit.wikimedia.org/r/809295

Michael mentioned this in T342527: Lexeme CI PHPUnit tests broken .Aug 2 2023, 4:46 PM
gerritbot added a comment.Sep 6 2023, 4:15 AM

Change 814359 merged by jenkins-bot:

[mediawiki/core@master] Introduce authorizeAction() into Authority.

https://gerrit.wikimedia.org/r/814359

Maintenance_bot removed a project: Patch-For-Review.Sep 6 2023, 4:30 AM
ReleaseTaggerBot edited projects, added MW-1.41-notes (1.41.0-wmf.26; 2023-09-12); removed MW-1.41-notes (1.41.0-wmf.15; 2023-06-27).Sep 6 2023, 5:00 AM
Umherirrender mentioned this in T354460: purge actions are affected by permission check via $wgNamespaceProtection or config pages (.js/.css).Jan 5 2024, 11:16 PM
Umherirrender mentioned this in T354461: Permission warnings on Action API action=purge&forcelinkupdate= results in skipping the remaining titles from the request.Jan 5 2024, 11:22 PM
matmarex closed this task as Resolved.Feb 14 2024, 2:15 AM
matmarex mentioned this in T343101: Decide whether acquiring temporary account usernames should be rate limited.
matmarex subscribed.

Looks like this is done?

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL