Page MenuHomePhabricator

Update Nuke code to query CheckUser
Open, Needs TriagePublic


When IP masking is enabled, the IP address will disappear in the recentchanges table because it will no longer be used as a username. Due to that, changes need to be made to the query in the SpecialNuke file.

Acceptance criteria:

  • If a user inputs an IP address, an API query must be made to CheckUser to return that IP address' contributions. See:
  • If a user inputs an IP address, but does not have the $wgGroupPermissions['sysop']['checkuser-temporary-account'] permission, an error message should display and no contributions should be shown.
  • Nuke should retain the same functionality when searching for temporary and named accounts.

Event Timeline

If a user inputs an IP address, a query must be made to cu_changes to return that IP address' contributions.

@Niharika has been discussing doing something similar to this for the Global User Contributions work (T337089). I believe there were some legal questions around looking up all temporary users by their IP address (as opposed to looking up the IP address of a single temporary user).

Access to IP address associated with temporary accounts should be logged. Perhaps - if it is legally ok - CheckUser should provide an API for this, which will handle logging.

It's also important that contributions are not returned for and registered accounts using that IP address, since that should only be available via CheckUser special pages and APIs (which will check for the 'checkuser' right and also handle logging this access).

Thanks for the additional information! I have updated the task to reflect that we will be querying the CheckUser API instead of the DB table.