Page MenuHomePhabricator
Create Task
Maniphest T350964

Use expression builder instead of raw SQL in CheckUser
Open, Needs TriagePublic
Actions

Description

Now that T210206: Deprecate raw SQL conditions for IDatabase methods (select, insert, etc.) is done, this extension should migrate away from building and passing around raw SQL to expression builders.

It improves readability and security of the code and is more aligned with industry practices easing onboarding.

For more information check T210206 and T350075.

Calls to Database::addQuotes(), ::buildLike(), ::makeList() indicate that raw SQL is being built and passed around.

Details

SubjectRepoBranchLines +/-
Use IExpression objects in ChangeServicemediawiki/extensions/CheckUsermaster+116 -117
Use expression builder to avoid some raw sqlmediawiki/extensions/CheckUsermaster+39 -32
Use response classes in ApiQueryCheckUsermediawiki/extensions/CheckUsermaster+104 -306
Replace ::getIpConds and ::isValidRange with CheckUserLookupUtilsmediawiki/extensions/CheckUsermaster+62 -222
Create CheckUserLookupUtils servicemediawiki/extensions/CheckUsermaster+274 -0
Move Hooks::maybePruneIPData and ::pruneIPData to a new servicemediawiki/extensions/CheckUsermaster+454 -420
Remove raw SQL in maintenance scriptsmediawiki/extensions/CheckUsermaster+138 -327
Customize query in gerrit

Related Objects
Search...

Event Timeline

Maintenance_bot created this task.Nov 10 2023, 4:19 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 10 2023, 4:20 PM
Ladsgroup added a project: CheckUser.Nov 10 2023, 5:09 PM
Dreamy_Jazz added a project: Trust and Safety Product Team.Nov 10 2023, 5:15 PM
Dreamy_Jazz added a subtask: T29646: Implement Database util method for BETWEEN operator.Feb 21 2024, 12:41 AM
Dreamy_Jazz subscribed.

Several maintenance scripts and AbstractCheckUserPager::getIpConds (used to generate WHERE conditions for conditions on Special:CheckUser and the CheckUser API) use the BETWEEN operator.

Ladsgroup subscribed.Feb 27 2024, 9:18 AM
In T350971#9579516, @Ladsgroup wrote:

You can turn between to a combined condition of "and". That should be rather easy.

Ladsgroup closed subtask T29646: Implement Database util method for BETWEEN operator as Declined.Mar 5 2024, 10:10 PM
gerritbot added a comment.Mar 7 2024, 3:30 PM

Change 929030 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Move Hooks::maybePruneIPData and ::pruneIPData to a new service

https://gerrit.wikimedia.org/r/929030

gerritbot added a project: Patch-For-Review.Mar 7 2024, 3:30 PM
Dreamy_Jazz removed a subtask: T29646: Implement Database util method for BETWEEN operator.Mar 7 2024, 3:31 PM
Dreamy_Jazz claimed this task.Mar 7 2024, 4:01 PM
gerritbot added a comment.Mar 7 2024, 5:06 PM

Change 1009572 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Remove raw SQL in maintenance scripts

https://gerrit.wikimedia.org/r/1009572

gerritbot added a comment.Mar 8 2024, 2:04 PM

Change 1009572 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Remove raw SQL in maintenance scripts

https://gerrit.wikimedia.org/r/1009572

ReleaseTaggerBot added a project: MW-1.42-notes (1.42.0-wmf.22; 2024-03-12).Mar 8 2024, 4:00 PM
gerritbot added a comment.Mar 19 2024, 5:06 PM

Change 1012722 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Create CheckUserLookupUtils service

https://gerrit.wikimedia.org/r/1012722

gerritbot added a comment.Mar 21 2024, 6:19 PM

Change #1013330 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Replace ::getIpConds and ::isValidRange with CheckUserLookupUtils

https://gerrit.wikimedia.org/r/1013330

gerritbot added a comment.Mar 21 2024, 7:00 PM

Change #1012722 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Create CheckUserLookupUtils service

https://gerrit.wikimedia.org/r/1012722

ReleaseTaggerBot edited projects, added MW-1.42-notes (1.42.0-wmf.24; 2024-03-26); removed MW-1.42-notes (1.42.0-wmf.22; 2024-03-12).Mar 21 2024, 8:00 PM
gerritbot added a comment.Mar 22 2024, 8:44 AM

Change #1013330 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Replace ::getIpConds and ::isValidRange with CheckUserLookupUtils

https://gerrit.wikimedia.org/r/1013330

gerritbot added a comment.Mar 26 2024, 12:32 AM

Change #1011289 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Use response classes in ApiQueryCheckUser

https://gerrit.wikimedia.org/r/1011289

gerritbot added a comment.Mar 28 2024, 6:59 PM

Change #1011289 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Use response classes in ApiQueryCheckUser

https://gerrit.wikimedia.org/r/1011289

ReleaseTaggerBot edited projects, added MW-1.42-notes (1.42.0-wmf.25; 2024-04-02); removed MW-1.42-notes (1.42.0-wmf.24; 2024-03-26).Mar 28 2024, 7:00 PM
gerritbot added a comment.Apr 21 2024, 11:19 AM

Change #1022554 had a related patch set uploaded (by Umherirrender; author: Umherirrender):

[mediawiki/extensions/CheckUser@master] Use expression builder to avoid some raw sql

https://gerrit.wikimedia.org/r/1022554

gerritbot added a comment.Apr 21 2024, 7:41 PM

Change #1022554 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Use expression builder to avoid some raw sql

https://gerrit.wikimedia.org/r/1022554

ReleaseTaggerBot added a project: MW-1.43-notes (1.43.0-wmf.2; 2024-04-23).Apr 21 2024, 8:00 PM
gerritbot added a comment.May 2 2024, 12:42 PM

Change #1026550 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Use IExpression objects in ChangeService

https://gerrit.wikimedia.org/r/1026550

gerritbot added a comment.May 15 2024, 5:19 PM

Change #1026550 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Use IExpression objects in ChangeService

https://gerrit.wikimedia.org/r/1026550

ReleaseTaggerBot edited projects, added MW-1.43-notes (1.43.0-wmf.6; 2024-05-21); removed MW-1.43-notes (1.43.0-wmf.2; 2024-04-23).May 15 2024, 6:00 PM
Dreamy_Jazz removed Dreamy_Jazz as the assignee of this task.May 15 2024, 7:29 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL