Problem:
We are currently leaking the IPs of users who are not logged in when making certain edits on Wiklidata.
With temporary accounts are enabled on the repo, we must not leak the IPs of users who are not logged in and add entry with their temporary account name instead to the edit histories etc.
Affected SpecialPages
EntitySchema pages T356148
- Create EntitySchema
- Edit EntitySchema text
- Set label, description and aliases for EntitySchema
Lexeme pages T356147
- Create Lexeme (both js and non-js)
- Merge Lexeme
Item and Property pages T356149
- Create Item
- Create Property
- Merge Item
- Redirect an entity
- Set Item sitelink
- Set Item label, description or alias
- Set Property label, description or alias
Affected page UIs
Item/Property UI T356151
Lexeme UI T356150
Affected APIs
Action API (if required)
REST API
BDD
GIVEN a user who isn't logged in
AND Temporary Accounts are enabled
WHEN an edit is made
THEN an entry with their temporary account name is added to the edit history of the Item
Acceptance criteria:
- IP is not leaked for users editing on SpecialPages and IP masking is enabled on the repo
- IP is not leaked for users editing on Item, Property, Lexeme nor EntitySchema UIs and IP masking is enabled on the repo
- IP is not leaked for users editing through the REST and Action API and IP masking is enabled on the repo