Page MenuHomePhabricator
Create Task
Maniphest T325638

Investigate: How should tunnels be represented in the database
Closed, ResolvedPublic5 Estimated Story Points
Actions

Description

The tunnels attribute is an array of...tunnels. It's currently being written into the table as a blob of data. Please investigate (and presumably do as part of this ticket):

  • If we can write to the table in a more granular and specced manner (eg. if each tunnel should get its own row and then the ids are assigned to the actor)
  • How we can expect to pull that data back out when it's needed

Event Timeline

STran created this task.Dec 20 2022, 1:49 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 20 2022, 1:49 PM
Niharika set the point value for this task to 5.Dec 20 2022, 5:41 PM
STran edited projects, added Anti-Harassment-Team (AHaT Sprint 29: The Ikseongwan); removed Anti-Harassment-Team.Apr 17 2023, 5:29 PM
STran added a comment.Apr 17 2023, 5:35 PM

I wrote this as an investigation but looking at it again I think it makes sense to just go ahead and implement tunnels this way. We treat other arrays of data similarly and we might as well be consistent.

Tchanders moved this task from AHaT Sprint 29: The Ikseongwan to AHaT Sprint 30: Avanton Gold Cone on the Anti-Harassment-Team board.Apr 25 2023, 1:03 PM
Tchanders edited projects, added Anti-Harassment-Team (AHaT Sprint 30: Avanton Gold Cone); removed Anti-Harassment-Team (AHaT Sprint 29: The Ikseongwan).
Tchanders assigned this task to STran.May 8 2023, 6:36 PM
STran added a comment.Jun 6 2023, 6:48 AM

The object being written for each tunnel consists of the following keys:

  • operator: string (not required)
  • type: vpn/proxy (required)
  • anonymous: true/false (required)
  • entities: an array of IPs (not required)

If a tunnel does not have an operator, it will be an anonymous (or not) vpn or proxy. afaik we're not sure if this data will be used or not. In the interest of moving forward (and unblocking other bigger patches that need to go through), I'm going to make the call to only write tunnels with operators into the table for now and also skip the entities, since it's not immediately clear what the IP should be associated with (it's not the IP of the originating entity). When we're more sure of what we're going to do with the tunnel data, I think we can reconsider if knowing that an IP is using an additional unnamed tunnel/vpn will be useful. It's possible that information will be covered by another attribute.

ARamirez_WMF edited projects, added Anti-Harassment-Team (AHaT Sprint 31 - The Fez); removed Anti-Harassment-Team (AHaT Sprint 30: Avanton Gold Cone).Jun 6 2023, 5:14 PM
STran moved this task from Ready 🎬 (ONLY IF YOU HAVE NO MORE CODE TO REVIEW) to In Progress 💪 on the Anti-Harassment-Team (AHaT Sprint 31 - The Fez) board.Jun 7 2023, 7:14 AM
STran moved this task from In Progress 💪 to Code Review 🔍 on the Anti-Harassment-Team (AHaT Sprint 31 - The Fez) board.Jun 7 2023, 7:47 AM
STran moved this task from Backlog to In Progress on the iPoid-Service board.
Tchanders added subscribers: Niharika, Tchanders.Jun 7 2023, 4:35 PM

[...] also skip the entities, since it's not immediately clear what the IP should be associated with (it's not the IP of the originating entity).

@STran I'm seeing in the data type documentation that the tunnel object has the keys:

  • anonymous
  • entries
  • exits (I notice this is never used in our small test dataset)
  • operator
  • type

Given that there are (potentially) entries and exits, is that useful after all?

Flagging for @Niharika, who is working on defining what data we want to show.

STran added a comment.Jun 7 2023, 7:53 PM

The last discussion I had with Prateek, we weren't even sure if we were going to show tunnels so I was conservative about what we chose to write, assuming it would be fairly trivial to update later. I noted the entries but couldn't correlate them to the IPs that were being recorded in the db from my file. Given that, I'm not sure if we're going to be revealing IPs like that and opted not to include them but Niharika might have a different opinion.

eg. User A's IP correlates to an IP recorded that has an entry point with IP B. Are we going to reveal IP B? Can checkusers do anything with an IP like that?

Tchanders moved this task from Code Review 🔍 to Done Q2 2022-2023 on the Anti-Harassment-Team (AHaT Sprint 31 - The Fez) board.Jun 8 2023, 5:48 AM

OK, makes sense - thanks @STran. I'll move this to Done and leave open for @Niharika to look over.

STran moved this task from In Progress to Done on the iPoid-Service board.Jun 16 2023, 8:23 AM
Niharika closed this task as Resolved.Aug 24 2023, 6:24 AM

I'm fine with the current choice. We can re-evaluate once this is out to understand what the community deems useful information. Thanks for working on this task.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits