Page MenuHomePhabricator
Create Task
Maniphest T349577

Update Nuke code to query CheckUser
Open, Needs TriagePublic
Actions

Description

When IP masking is enabled, the IP address will disappear in the recentchanges table because it will no longer be used as a username. Due to that, changes need to be made to the query in the SpecialNuke file.

Acceptance criteria:

  • If a user inputs an IP address, an API query must be made to CheckUser to return that IP address' contributions. See: https://www.mediawiki.org/wiki/Extension:CheckUser#APIs
  • If a user inputs an IP address, but does not have the $wgGroupPermissions['sysop']['checkuser-temporary-account'] permission, an error message should display and no contributions should be shown.
  • Nuke should retain the same functionality when searching for temporary and named accounts.

Related Objects
Search...

Event Timeline

Scardenasmolinar created this task.Oct 24 2023, 1:11 AM
Samwalton9-WMF edited parent tasks, added: T326935: Prepare Nuke extension for IP Masking; removed: T349575: Add CheckUser as a dependency.Oct 24 2023, 4:25 PM
Samwalton9-WMF edited parent tasks, added: T342785: Enable Nuking of pages created by all temporary accounts which were used by an IP address; removed: T326935: Prepare Nuke extension for IP Masking.Oct 24 2023, 4:27 PM
Samwalton9-WMF added a subtask: T349575: Add CheckUser as a dependency.
Tchanders added a comment.EditedOct 28 2023, 11:21 AM

If a user inputs an IP address, a query must be made to cu_changes to return that IP address' contributions.

@Niharika has been discussing doing something similar to this for the Global User Contributions work (T337089). I believe there were some legal questions around looking up all temporary users by their IP address (as opposed to looking up the IP address of a single temporary user).

Access to IP address associated with temporary accounts should be logged. Perhaps - if it is legally ok - CheckUser should provide an API for this, which will handle logging.

It's also important that contributions are not returned for and registered accounts using that IP address, since that should only be available via CheckUser special pages and APIs (which will check for the 'checkuser' right and also handle logging this access).

Scardenasmolinar updated the task description. (Show Details)Oct 30 2023, 7:12 PM

Thanks for the additional information! I have updated the task to reflect that we will be querying the CheckUser API instead of the DB table.

Niharika added a comment.Oct 31 2023, 6:48 PM

+1 to what @Tchanders said. @Samwalton9-WMF we should talk about this.

Bugreporter mentioned this in T357959: Install CheckUser in Beta Cluster.Feb 20 2024, 9:23 AM
Samwalton9-WMF moved this task from Inbox to Blocked on the Moderator-Tools-Team board.Mon, Apr 8, 11:37 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL