CannotCreateActorException when creating a temporary account on an edit which causes an abuse filter log
Closed, ResolvedPublic1 Estimated Story PointsBUG REPORT
Actions

Assigned To

Authored By

	Dreamy_Jazz
	Feb 28 2024, 12:03 AM

Description

it seems that AbuseFilter sends private event entries to CheckUser when a match occurs before the temporary account is created for an edit. This causes an exception because CheckUser needs the temporary account to exist and also to have an actor ID. Found when testing my patch for T357615.

Steps to replicate the issue

Install AbuseFilter and CheckUser
Create a filter that targets all edits (for example the conditions are action = 'edit') but the filter just is set to log
Enable temporary accounts on a wiki
While logged out, try to make an edit to a page that is not protected

What happens?:
The edit fails, no temporary account is created for the user, and an exception is shown:

What should have happened instead?:
The edit should have succeeded as the filter did not block the edit

Software version

CheckUser 2.5 (bc635d6) 07:19, 27 February 2024. Abuse Filter – (e530aed) 23:50, 27 February 2024

QA Results - Local

AC	Status	Details
1	✅	https://phabricator.wikimedia.org/T358632 here

Details

	Subject	Repo	Branch	Lines +/-
	Add integration test to verify logs are saved in CheckUser	mediawiki/extensions/AbuseFilter	master	+40 -0
	Send AbuseFilter logs to CheckUser on PRESEND	mediawiki/extensions/AbuseFilter	master	+6 -1

Customize query in gerrit

Related Objects
Search...

Status	Subtype	Assigned	Task
			Restricted Task
Resolved		kostajh	T294511 2021 Security Team wikireplicas audit
Declined		None	T284948 Raw IPs of logged-out users disclosed in wiki-replicas
In Progress		Niharika	T324492 Temporary accounts - MVP
Open		None	T326816 [Epic] Update features for temporary accounts
Open		Tchanders	T326869 Update TSP-owned products that may be affected by IP Masking
Resolved		• lbowmaker	T262321 IP Masking
Resolved		• tstarling	T300263 [IP Masking] Create temporary account on first edit
Open		None	T307060 [Epic] Temporary account AbuseFilter support
Resolved	BUG REPORT	Dreamy_Jazz	T358632 CannotCreateActorException when creating a temporary account on an edit which causes an abuse filter log

Event Timeline

Dreamy_Jazz created this task.Feb 28 2024, 12:03 AM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 28 2024, 12:03 AM

Dreamy_Jazz renamed this task from CannotCreateActorException: Cannot create an actor for a usable name that is not an existing user: user_name="~34" to CannotCreateActorException: Cannot create an actor for a usable name that is not an existing user when creating a temporary account on an edit.Feb 28 2024, 12:04 AM

This is fixable on my local wiki by wrapping the call to Hooks::updateCheckUserData in AbuseLogger::insertLocalLogEntries in a DeferredUpdate.

Dreamy_Jazz renamed this task from CannotCreateActorException: Cannot create an actor for a usable name that is not an existing user when creating a temporary account on an edit to CannotCreateActorException when creating a temporary account on an edit which causes an abuse filter log.Feb 28 2024, 12:10 AM

Dreamy_Jazz claimed this task.

Dreamy_Jazz added a parent task: T307060: [Epic] Temporary account AbuseFilter support.

Dreamy_Jazz added projects: Trust and Safety Product Sprint (Sprint Piano (Feb 19th - 1st March)), Trust and Safety Product Team.

Dreamy_Jazz set the point value for this task to 1.

Dreamy_Jazz moved this task from Priority Backlog to In Progress on the Trust and Safety Product Sprint (Sprint Piano (Feb 19th - 1st March)) board.

Change 1007021 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/AbuseFilter@master] Send AbuseFilter logs to CheckUser on PRESEND

https://gerrit.wikimedia.org/r/1007021

gerritbot added a project: Patch-For-Review.Feb 28 2024, 12:18 AM

Dreamy_Jazz moved this task from In Progress to Needs review on the Trust and Safety Product Sprint (Sprint Piano (Feb 19th - 1st March)) board.Feb 28 2024, 12:18 AM

Dreamy_Jazz updated the task description. (Show Details)Feb 28 2024, 12:29 AM

Dreamy_Jazz updated the task description. (Show Details)

Change 1007021 merged by jenkins-bot:

[mediawiki/extensions/AbuseFilter@master] Send AbuseFilter logs to CheckUser on PRESEND

https://gerrit.wikimedia.org/r/1007021

Dreamy_Jazz moved this task from Needs review to Needs QA on the Trust and Safety Product Sprint (Sprint Piano (Feb 19th - 1st March)) board.Feb 28 2024, 2:00 PM

Maintenance_bot removed a project: Patch-For-Review.Feb 28 2024, 2:30 PM

ReleaseTaggerBot added a project: MW-1.42-notes (1.42.0-wmf.21; 2024-03-05).Feb 28 2024, 5:01 PM

STran mentioned this in T334623: How do we log unsuccessful first edits for temporary users?.Feb 29 2024, 2:16 PM

Change 1007657 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/AbuseFilter@master] Add integration test to verify logs are saved in CheckUser

https://gerrit.wikimedia.org/r/1007657

gerritbot added a project: Patch-For-Review.Feb 29 2024, 5:58 PM

Tchanders mentioned this in T358806: CannotCreateActorException when a logged out user triggers SpamBlacklist log.Feb 29 2024, 8:39 PM

Status: ✅PASS
Environment: Beta: 1.42.0-alpha (277e4ea) 15:17, 28 February 2024; Checkuser- 2.5 (17fd03e) 18:28, 16 February 2024; AbuseFilter- (901d881) 13:37, 28 February 2024
OS: macOS Sonoma 14.2.1
Browser: Chrome 122, Firefox 123, Safari 17.3, Edge 122
Skins. Vector 2022
Device: MBA M2
Emulated Device:: n/a
Test Links:
Special:AbuseFilter
https://en.m.wikipedia.beta.wmflabs.org/wiki/Cat

✅AC1: https://phabricator.wikimedia.org/T358632

Chrome	Firefox	Safari	Edge

GMikesell-WMF updated the task description. (Show Details)Feb 29 2024, 9:13 PM

GMikesell-WMF moved this task from Needs QA to Done on the Trust and Safety Product Sprint (Sprint Piano (Feb 19th - 1st March)) board.

Dreamy_Jazz closed this task as Resolved.Feb 29 2024, 9:19 PM

Change 1007657 merged by jenkins-bot: