What is the problem
When using Special:CheckUser 'Get edits', a checkuser can run a check and see the actiontext associated with log actions that is hidden. This can be seen in the example screenshots further down in the description.
The actiontext should only be shown if the current user has the right to see it.
Steps to reproduce
- Install the CheckUser extension
- Add $wgCheckUserEventTablesMigrationStage = SCHEMA_COMPAT_WRITE_OLD | SCHEMA_COMPAT_NEW; to your LocalSettings.php file.
- Log into an account with the suppressor group
- Move a page
- Load Special:Log
- Click on the checkbox for the log item associated with the move and then click Change visibility of selected log entries
- On this new page, check the checkboxes labelled Hide target and parameters and Suppress data from administrators as well as others
- Submit that form
- Log into a different account with the checkuser group (and importantly not the suppressor group)
- Load Special:CheckUser
- Run a 'Get edits' check on the username of the account used in steps 3 to 8.
Observed behaviour: The move entry will show the suppressed actiontext.
Expected behaviour: The move entry will have the actiontext hidden.
Similar to T315820, but the action text / comment can be hidden separately. The fix really relies on T145265 being solved so that CheckUser knows what the log entry is and can have it hidden if necessary.
|Entry with these hidden for admins
|The log entry in Special:Log
|The log entry in Special:CheckUser