Page MenuHomePhabricator
Create Task
Maniphest T332414

Make ApiOptions unavailable to temporary users
Open, Needs TriagePublic2 Estimated Story Points
Actions

Description

ApiOptions (used for setting preferences) throws a 'notloggedin' error for anonymous users. It should do the same for temporary users.

mw.Api#saveOptions (in JS) calls ApiOptions, and currently skips the API request for logged-out users. It should do the same for temporary users.

Testing Notes

  • As a temporary user, access the API sandbox ,e.g. http://localhost:8080/wiki/Special:ApiSandbox.
  • Select the "options" module in the "action" parameter dropdown. Fill in the required parameters, such as the token and an option that you want to change (e.g., changing the 'language' to 'es') and make the API request.
  • Check the response to ensure that you receive an error or a message indicating that temporary users cannot update user options.
  • Also Test API calls as a registered user and an anonymous user to make sure the response is as expected.

Details

ProjectBranchLines +/-Subject
mediawiki/coremaster+74 -32Make ApiOptions unavailable to temporary users
Customize query in gerrit

Related Objects
Search...

Event Timeline

Tchanders created this task.Fri, Mar 17, 4:05 PM
Tchanders set the point value for this task to 1.
matmarex merged a task: T332413: Make ApiOptions unavailable to temporary users.Fri, Mar 17, 4:09 PM
matmarex mentioned this in T330815: Disallow preference setting by temporary users.Fri, Mar 17, 7:36 PM

Request from me: please also update mw.Api#saveOptions in JS, which calls ApiOptions, and currently checks for logged-out users to skip the API request.

MusikAnimal removed a subscriber: MusikAnimal.Fri, Mar 17, 11:15 PM
Tchanders updated the task description. (Show Details)Mon, Mar 20, 9:30 AM
Tchanders changed the point value for this task from 1 to 2.
In T332414#8706302, @matmarex wrote:

Request from me: please also update mw.Api#saveOptions in JS, which calls ApiOptions, and currently checks for logged-out users to skip the API request.

Thanks - task updated

Cyndymediawiksim claimed this task.Tue, Mar 21, 9:45 AM
Cyndymediawiksim moved this task from Ready ๐ŸŽฌ (ONLY IF YOU HAVE NO MORE CODE TO REVIEW) to In Progress ๐Ÿ’ช on the Anti-Harassment (AHaT Sprint 27: The Big Yellow Hat) board.
Cyndymediawiksim updated the task description. (Show Details)Tue, Mar 21, 4:48 PM
gerritbot added a comment.Tue, Mar 21, 4:49 PM

Change 901672 had a related patch set uploaded (by Cyndywikime; author: Cyndywikime):

[mediawiki/core@master] Make ApiOptions unavailable to temporary users

https://gerrit.wikimedia.org/r/901672

gerritbot added a project: Patch-For-Review.Tue, Mar 21, 4:49 PM
Cyndymediawiksim moved this task from In Progress ๐Ÿ’ช to Code Review ๐Ÿ” on the Anti-Harassment (AHaT Sprint 27: The Big Yellow Hat) board.Tue, Mar 21, 4:50 PM
Cyndymediawiksim moved this task from Code Review ๐Ÿ” to In Progress ๐Ÿ’ช on the Anti-Harassment (AHaT Sprint 27: The Big Yellow Hat) board.Tue, Mar 21, 5:00 PM
Cyndymediawiksim moved this task from In Progress ๐Ÿ’ช to Code Review ๐Ÿ” on the Anti-Harassment (AHaT Sprint 27: The Big Yellow Hat) board.Wed, Mar 22, 9:13 AM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. ยท Wikimedia Foundation ยท Privacy Policy ยท Code of Conduct ยท Terms of Use ยท Disclaimer ยท CC-BY-SA ยท GPL