Page MenuHomePhabricator
Create Task
Maniphest T342786

Investigate impact of IP Masking on Nuke
Closed, ResolvedPublic
Actions

Description

We need to understand what changes, if any, are required in Nuke given the IP Masking changes which are coming.

The scope of this investigation should be to understand what technical changes are needed to retain currently functionality, and create tasks for each unit of work.

In T342785 we will extend Nuke's functionality, but this ticket should be scoped to current functionality - for example ensuring that Nuke will still work when a temporary account is entered.

Related Objects
Search...

Event Timeline

Samwalton9-WMF created this task.Jul 26 2023, 3:57 PM
Samwalton9-WMF added a project: Moderator-Tools-Team (Kanban).Sep 25 2023, 2:44 PM
Scardenasmolinar changed the status of subtask T343143: Install Nuke locally for IP Masking work from Open to In Progress.Oct 6 2023, 7:27 PM
Scardenasmolinar changed the task status from Open to In Progress.Oct 12 2023, 12:02 AM
Scardenasmolinar claimed this task.
Scardenasmolinar changed the status of subtask T343143: Install Nuke locally for IP Masking work from In Progress to Open.
Scardenasmolinar moved this task from Ready to In Progress on the Moderator-Tools-Team (Kanban) board.
Scardenasmolinar added a comment.Oct 14 2023, 3:32 AM

Here are some of my findings after a few days of investigation:

  • Nuke can only be accessed and used by Administrators. This means that anonymous users, non-admins, and temporary accounts will not have access to Nuke. This requires no change on our part.
  • There are no instances of User::isRegistered() and User::isAnon() in the codebase, so we don't have to change any code in that regard.
  • I don't believe we have to change the way a user is searched by name (even if it is a temporary account) because the temporary account name will have the same behavior as an anonymous one. This means that the queries to the recentchanges and actor tables used in Nuke will not need to be changed in any way.
Scardenasmolinar moved this task from In Progress to Eng review on the Moderator-Tools-Team (Kanban) board.Oct 14 2023, 3:39 AM
Scardenasmolinar added a comment.Oct 17 2023, 7:57 PM

@Niharika @Tchanders, quick question: Nuke as-is looks for the IP address in the recentchanges table. Since the IP address will no longer be available via that table, how should we get the IP address? Can we link the temporary account with an IP address and show it in Nuke? If so, how?

Tchanders added a comment.Oct 20 2023, 4:58 PM
In T342786#9259520, @Scardenasmolinar wrote:

@Niharika @Tchanders, quick question: Nuke as-is looks for the IP address in the recentchanges table. Since the IP address will no longer be available via that table, how should we get the IP address? Can we link the temporary account with an IP address and show it in Nuke? If so, how?

Had a quick look - are you referring to the query built here? https://gerrit.wikimedia.org/g/mediawiki/extensions/Nuke/+/8895b95e3910e24b033886361f0e868abc03cf7c/includes/SpecialNuke.php#336

If so, it looks as though that's selecting the IP address as the user name from recentchanges.rc_user_text - i.e. it doesn't need an IP address of anyone whose name is not their IP address. Is that correct?

If so, then there won't be a problem here. Any IP actor that got created before we enabled temporary accounts (and therefore has their IP address as their name) would still have their IP address name in this table (and other tables). Any new actors created would simply have a non-IP address name in the rc_user_text field.

(Just for completeness, in case it helps: After temporary accounts are enabled, an anon user's IP address will no longer be visible as their username. Instead it will be stored in the CheckUser extension's tables (cu_changes etc), for 3 months. If an extension needs to look it up, it will need to add a dependency on CheckUser and look it up in those tables. After 3 months, the IP address will not be stored anywhere. That's already the case for looking up a registered user's IP address.)

jsn.sherman closed subtask T343143: Install Nuke locally for IP Masking work as Resolved.Oct 20 2023, 5:16 PM
Scardenasmolinar added a comment.Oct 23 2023, 7:42 PM
In T342786#9269154, @Tchanders wrote:
In T342786#9259520, @Scardenasmolinar wrote:

@Niharika @Tchanders, quick question: Nuke as-is looks for the IP address in the recentchanges table. Since the IP address will no longer be available via that table, how should we get the IP address? Can we link the temporary account with an IP address and show it in Nuke? If so, how?

Had a quick look - are you referring to the query built here? https://gerrit.wikimedia.org/g/mediawiki/extensions/Nuke/+/8895b95e3910e24b033886361f0e868abc03cf7c/includes/SpecialNuke.php#336

If so, it looks as though that's selecting the IP address as the user name from recentchanges.rc_user_text - i.e. it doesn't need an IP address of anyone whose name is not their IP address. Is that correct?

If so, then there won't be a problem here. Any IP actor that got created before we enabled temporary accounts (and therefore has their IP address as their name) would still have their IP address name in this table (and other tables). Any new actors created would simply have a non-IP address name in the rc_user_text field.

(Just for completeness, in case it helps: After temporary accounts are enabled, an anon user's IP address will no longer be visible as their username. Instead it will be stored in the CheckUser extension's tables (cu_changes etc), for 3 months. If an extension needs to look it up, it will need to add a dependency on CheckUser and look it up in those tables. After 3 months, the IP address will not be stored anywhere. That's already the case for looking up a registered user's IP address.)

Thanks for the quick answer! This has helped a lot. We wanted to know where to check for the IP address once IP masking was enabled. I will now create subtasks to adapt Nuke to IP masking (by searching in the cu_changes table).

Scardenasmolinar mentioned this in T349573: Install CheckUser locally.Oct 24 2023, 12:47 AM
Scardenasmolinar mentioned this in T349575: Add CheckUser as a dependency.Oct 24 2023, 12:50 AM
Scardenasmolinar moved this task from Eng review to Done on the Moderator-Tools-Team (Kanban) board.Oct 24 2023, 1:17 AM

I have created several tasks based on my findings and @Tchanders's help to migrate Nuke into the brave new world of IP masking. Moving this on to the Done column.

Samwalton9-WMF closed this task as Resolved.Oct 24 2023, 4:29 PM
Samwalton9-WMF mentioned this in T326935: Prepare Nuke extension for IP Masking.Oct 24 2023, 4:34 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits