Page MenuHomePhabricator
Create Task
Maniphest T346091

Fix the cap utility to work for users belonging to more than one groups
Closed, ResolvedPublic2 Estimated Story PointsBUG REPORT
Actions

Description

We need to fix the behaviour of cap utility such that the most-privileged group configuration is applied.

What is happening
When a user is part of more than one groups, and if any of those groups have a cap limit, the limit will be enforced.

What should be happening
When a user is part of more than one groups, only the limit corresponding to the most-privileged group should be enforced. For instance, if an user if part of groups ["group_1" and "group_3"], we only apply the cap config related to group_3

To do

  • Create a method that acts on User object and returns MostPrivileged group that the user belongs to.
  • Refer to the general/httputil/limiter.go code for an example of how to apply the most-privileged group limits. Update this code to use the new MostPrivileged method.
  • Fix the general/httputil/cap.go code to work similarly, i.e., only apply config based on MostPrivileged group.

QA / Acceptance criteria
For users with 2 groups, we only see the cap behaviour related to the highest (most privileged) group.

To consider
Libraries will stay the same

Review:

  • Stephan
  • Ricardo

Event Timeline

prabhat created this task.Sep 11 2023, 7:57 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 11 2023, 7:57 PM
prabhat added a project: Wikimedia Enterprise Engineering.Sep 11 2023, 7:58 PM
JArguello-WMF triaged this task as Medium priority.Sep 13 2023, 2:12 PM
JArguello-WMF updated the task description. (Show Details)
JArguello-WMF set the point value for this task to 2.
JArguello-WMF moved this task from To Be Estimated/To Be Discussed to Estimated /Discussed on the Wikimedia Enterprise board.
prabhat updated the task description. (Show Details)Sep 13 2023, 2:16 PM
LDlulisa-WMF claimed this task.Oct 16 2023, 2:37 PM
LDlulisa-WMF moved this task from Estimated /Discussed to Sprint 48 on the Wikimedia Enterprise board.
LDlulisa-WMF edited projects, added Wikimedia Enterprise (Sprint 48); removed Wikimedia Enterprise.
LDlulisa-WMF moved this task from Next Up to In Progress on the Wikimedia Enterprise (Sprint 48) board.
LDlulisa-WMF moved this task from In Progress to MR on the Wikimedia Enterprise (Sprint 48) board.Oct 18 2023, 2:50 PM
JArguello-WMF edited projects, added Wikimedia Enterprise (Sprint 49); removed Wikimedia Enterprise (Sprint 48).Oct 19 2023, 12:37 PM
JArguello-WMF moved this task from Next Up to MR on the Wikimedia Enterprise (Sprint 49) board.
LDlulisa-WMF moved this task from Sprint 49 to Sprint 48 on the Wikimedia Enterprise board.Oct 19 2023, 3:43 PM
LDlulisa-WMF edited projects, added Wikimedia Enterprise (Sprint 48); removed Wikimedia Enterprise (Sprint 49).
LDlulisa-WMF moved this task from Sprint 48 to Sprint 49 on the Wikimedia Enterprise board.
LDlulisa-WMF edited projects, added Wikimedia Enterprise (Sprint 49); removed Wikimedia Enterprise (Sprint 48).
REsquito-WMF subscribed.Oct 20 2023, 1:37 PM

we should add a dependency to update the main API after this work is merged.

JArguello-WMF updated the task description. (Show Details)Oct 23 2023, 1:12 PM
Protsack.stephan updated the task description. (Show Details)Oct 24 2023, 10:18 AM
LDlulisa-WMF moved this task from MR to QA on the Wikimedia Enterprise (Sprint 49) board.Oct 25 2023, 12:05 PM
LDlulisa-WMF moved this task from QA to Done on the Wikimedia Enterprise (Sprint 49) board.Oct 30 2023, 9:45 AM

QA was performed for articles that exist in dev, after the cap was reached 400 bad requests are received.

JArguello-WMF moved this task from Done to QA on the Wikimedia Enterprise (Sprint 49) board.Oct 30 2023, 1:14 PM
LDlulisa-WMF moved this task from QA to Done on the Wikimedia Enterprise (Sprint 49) board.Oct 30 2023, 5:03 PM

QA performed with different groups. Cap is applied on lowest group and not applied in highest group.

LDlulisa-WMF updated the task description. (Show Details)Oct 30 2023, 5:06 PM
JArguello-WMF closed this task as Resolved.Nov 2 2023, 4:29 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits