The CheckUser tool allows actions to be performed by IP addresses that leave no on-wiki record outside the CheckUser tables, except in the actor table. This can occur on events such as a failed login attempt to an account and password reset requests.
These events should not create a temporary account for the user, as they have made no on-wiki write action outside what is stored in CheckUser for only 3 months. However, currently this means that an CannotCreateActorException exception will be thrown if an IP has a failed login attempt to an account or even attempting to reset their password.
An example of these entries is shown below:
To avoid this issue CheckUser should make the actor column in the cu_private_event table nullable and then write NULL if the actor ID could not be generated. Using NULL over 0 makes it clearer in non-MediaWiki contexts, and if we consider this as a foreign key we should be using NULL to indicate it is not relevant (as 0 when the foreign key constraints are applied will cause an error).
Acceptance criteria
Blockers for testwiki release of temporary accounts:
- Update the the cupe_actor column in the cu_private_event table to be nullable
- Write NULL to cupe_actor if the actor is an IP address and temporary accounts are enabled
- Stop writing to cu_changes for events which require cuc_actor to be NULL (as the column is not nullable) - T366505
- Handle a value of cupe_actor being NULL in Special:CheckUser
Blockers for a production release of temporary accounts:
- Handle a value of cupe_actor being NULL in Special:Investigate and the CheckUser API