Page MenuHomePhabricator
Create Task
Maniphest T326926

Prepare Renameuser extension for IP Masking
Closed, ResolvedPublic1 Estimated Story Points
Actions

Description

A preliminary investigation (T326759) has found that the RenameUser extension may be affected by IP Masking

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
specials: Reject temp users on Special:Renameusermediawiki/coremaster+33 -4
Customize query in gerrit

Related Objects
Search...

Event Timeline

Tchanders created this task.Jan 13 2023, 10:12 AM
Tchanders renamed this task from Prepare RenameUser extension for IP Masking to Prepare Renameuser extension for IP Masking.Jan 13 2023, 10:27 AM
gerritbot added a comment.Apr 30 2023, 1:39 PM

Change 913670 had a related patch set uploaded (by Umherirrender; author: Umherirrender):

[mediawiki/core@master] specials: Reject temp users on Special:Renameuser

https://gerrit.wikimedia.org/r/913670

gerritbot added a project: Patch-For-Review.Apr 30 2023, 1:39 PM
gerritbot added a comment.May 19 2023, 3:22 PM

Change 913670 merged by jenkins-bot:

[mediawiki/core@master] specials: Reject temp users on Special:Renameuser

https://gerrit.wikimedia.org/r/913670

Maintenance_bot removed a project: Patch-For-Review.May 19 2023, 3:29 PM
ReleaseTaggerBot added a project: MW-1.41-notes (1.41.0-wmf.10; 2023-05-23).May 19 2023, 4:00 PM
Dreamy_Jazz mentioned this in T344714: Update requireLogin() for temp users on CentralAuth extension .Aug 22 2023, 7:33 PM
TAdeleye_WMF edited projects, added Trust and Safety Product Team; removed Anti-Harassment-Team.May 14 2024, 4:16 PM
Tchanders edited projects, added Temporary accounts (Update unowned extensions); removed Temporary accounts.Jun 11 2024, 5:07 PM
Niharika added a subscriber: Umherirrender.Sep 5 2024, 12:24 PM

@Umherirrender Can I mark this task as Resolved? Anything else pending? (to your knowledge)

Dreamy_Jazz claimed this task.Sep 17 2024, 10:39 AM
Dreamy_Jazz added a project: Trust and Safety Product Sprint (Sprint Beatboxing (Sept 16-27)).
Dreamy_Jazz set the point value for this task to 1.
Dreamy_Jazz subscribed.

This is no longer an extension (considering it was merged into core after 1.40) but we can check that the work on the renameuser functionality now in core is complete.

Dreamy_Jazz moved this task from Priority Backlog to In Progress on the Trust and Safety Product Sprint (Sprint Beatboxing (Sept 16-27)) board.Sep 23 2024, 11:28 PM
Dreamy_Jazz moved this task from In Progress to Needs review on the Trust and Safety Product Sprint (Sprint Beatboxing (Sept 16-27)) board.EditedSep 23 2024, 11:32 PM

Support for temporary accounts was added in 553b0ba3862e8627b26d3466b03da589f74cdf68.

The maintenance scripts that can rename users do not check for temporary accounts, but I think we can leave these as-is. These scripts will never be used on production because the scripts for this are in MediaWiki-extensions-CentralAuth. Furthermore, the equivalent maintenance script in MediaWiki-extensions-CentralAuth talks about how it can be useful for updating the temporary user configuration and does not prevent the renaming of temporary users.

Open to making a patch to ensure that temporary accounts can never be renamed using a maintenance script if there is disagreement on my position.

Dreamy_Jazz closed this task as Resolved.Sep 26 2024, 2:28 PM
Dreamy_Jazz moved this task from Needs review to Done on the Trust and Safety Product Sprint (Sprint Beatboxing (Sept 16-27)) board.

Going to move this to 'Done' per my comment.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits