Page MenuHomePhabricator
Create Task
Maniphest T346022

How does wgCheckUserLogAdditionalRights affect read new for event table migration
Open, Needs TriagePublic
Actions

Description

To achieve read new for T324907: Create separate tables for log events in CheckUser, the CheckUser tables now store log events in the structured log_params format along with a log_action and log_type. This means that the action text is generated on the fly when showing results of a check.

When reading old, the action text was generated at insert time. This meant that to allow log entries to be shown that have an entry in wgLogRestrictions CheckUser needed to in a newExtraneousContext give temporary user rights such that the CheckUser code could save the actiontext to the database. Extensions that were sending log entries would add the rights to wgCheckUserLogAdditionalRights such that CheckUser could save the actiontext reliably.

The difference means that the config wgCheckUserLogAdditionalRights should no longer be needed but also that the actiontext would only be shown if the user has the rights to see the log entry.

Acceptance criteria
  • Decide the future of wgCheckUserLogAdditionalRights
  • Should CheckUsers be able to see the log actiontext for logs that are restricted when they don't have the associated right?

Related Objects
Search...

StatusSubtypeAssignedTask
Restricted Task
Restricted Task
Restricted Task
 ResolvedSecurityZabeT311337 CVE-2022-39193: Edits with the performer suppressed still show the performer in results from the CheckUser extension
 ResolvedSecurityDreamy_JazzT316414 CVE-2022-39193: Special:Investigate can expose supressed information in check results
 ResolvedSecurityDreamy_JazzT318166 CVE-2022-39193: CheckUser API can expose the suppressed performer
 ResolvedSecurityDreamy_JazzT316360 Oversighted action text is shown in Special:CheckUser when the checkuser does not have the right to see it
Restricted Task
 OpenBUG REPORTNoneT326866 Special:Investigate can expose suppressed information for log events
 OpenBUG REPORTNoneT326867 CheckUser API can expose suppressed information for log events
 OpenBUG REPORTNoneT326865 Special:CheckUser can expose suppressed information for log events
 OpenDreamy_JazzT253796 Make CheckUser record the log_id of logged actions
 OpenNoneT139810 RFC: Overhaul the CheckUser extension
 OpenNoneT132892 CheckUser UI revamp
 OpenNoneT69811 CheckUsers "Get users" design needs improvements
 OpenFeatureDreamy_JazzT24120 Enhance Blocking and tagging from checkuser interface: add dropdowns
 DuplicateNoneT145340 Split CheckUser mass-block interface to separate special page
 OpenFeatureNoneT318458 Add dropdown options for the reason in Special:InvestigateBlock (like Special:Block has)
 OpenFeatureNoneT319517 Allow the OOUI selectandother field to have the required status indicate that either the dropdown or the input box could be used
 OpenFeatureNoneT324709 Allow the HTMLForm Select and other field to have a minimum length set
 ResolvedFeatureDreamy_JazzT316441 Enforce minimum length of the tag on the client side for the checkuser block form
 ResolvedFeatureDreamy_JazzT321427 Allow HTMLForm text based elements to specify a minimum length
 ResolvedFeatureDreamy_JazzT321439 Allow TextInputWidget to specify the "minlength" attribute
 OpenFeatureNoneT316444 The CheckUser block form should explain why users were not blocked or tagged
 OpenFeatureNoneT314700 Restore the bottom paging links on 'Get users'
 ResolvedBUG REPORTDreamy_JazzT314217 Checkuserblock form is broken when paging links are shown on 'Get users'
 OpenFeatureNoneT313451 Separate out when the blocks are made for IPs and users in Special:CheckUser 'get users' mode
 OpenFeatureNoneT18306 Allow user to specify block settings from CU form
 ResolvedGlaisherT41213 Block interface after "Get users" check should allow talk page/send email blocking
 OpenNoneT27053 Replace user / talk pages feature of "Get users" creates a user/talk page if it doesnt exist
 OpenFeatureNoneT318459 Make a clearer visual distinction between the UA and IP list in 'get users'
 ResolvedGlaisherT49505 CheckUser results (userlinks) cannot be customized
 ResolvedNiharikaT24119 Enhance Blocking and tagging from checkuser interface: add new page
 ResolvedNoneT14808 Blocking and tagging from checkuser interface
 ResolvedFeatureDreamy_JazzT16699 More versatile searching in CheckUser log
 DeclinedNoneT15789 Restore the global CheckUser log
 ResolvedFeatureDreamy_JazzT309924 Add check links for both the target and performer in Special:CheckUserLog
 ResolvedFeatureDreamy_JazzT309925 Implement User:Amalthea/culoghelper.js into the CheckUser extension
 DuplicateNoneT140345 Userlinks in CheckUser should be customizable
 OpenNoneT21964 Provide a link to the user on account creation
 DuplicateNoneT144099 Make CheckUser unit-testable
 ResolvedDreamy_JazzT309815 Use OOUI in Special:CheckUser
 ResolvedDreamy_JazzT310019 The Special:CheckUser block form should use OOUI
 ResolvedDreamy_JazzT266586 Use OOUI in SpecialCheckUserLog
Restricted Task
 OpenFeatureNoneT26231 Allow CheckUsers to filter checks for account creations only
 ResolvedDreamy_JazzT139809 Bad output of AbuseFilter blocks in CU get edits
 OpenBUG REPORTNoneT41013 Incomplete i18n for log entries in CheckUser
 ResolvedBUG REPORTDreamy_JazzT268156 Partial blocks from namespaces are displayed odd
 OpenNoneT311354 Make CheckUser results easier to parse by userscripts
 OpenFeatureNoneT311380 Make certain types of edits in 'Get edits' highlightable for ease of parsing the results
 DeclinedFeatureNoneT54849 Checkuser option "get users" should point out when user password is changed
 OpenFeatureNoneT315488 Show failed login attempts in the results list for the user
Restricted Task
 OpenDreamy_JazzT145265 Store check user data action text in structured format
 In ProgresskostajhT257893 [EPIC] Support User-Agent Client Hints header in CheckUser
 OpenNoneT341094 Create client hint mapping rows for CheckUser-worthy events
 OpenNoneT248926 Performance review of checkuser database queries [NOT READY]
 ResolvedtstarlingT342613 CompareService::getTotalEditsFromIp queries exceeding TransactionProfiler limits
 OpenNoneT301992 Insert CheckUser row events during certain 2FA actions
 OpenTchandersT326393 IP Address Reveal on Log page
 OpenFeatureDreamy_JazzT324907 Create separate tables for log events in CheckUser
 OpenNoneT346022 How does wgCheckUserLogAdditionalRights affect read new for event table migration
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL