Page MenuHomePhabricator
Create Task
Maniphest T367390

Add granular query restrictions for AbuseFilter filter search
Closed, ResolvedPublic
Actions

Description

In T363906#9870978, @dom_walden wrote:

On Special:AbuseFilter, I can do a Search within rules and put something like user_unnamed_ip. This will then show the filter's rules in the table, even to users who don't have permission to see the filter.

For example: Special:AbuseFilter/?querypattern=user_unnamed_ip&searchoption=LIKE

abuse_filter_search_pattern.png (648×1 px, 82 KB)

Search is restricted to users who have private filter viewing rights. Trying to do a similar update with protected variable viewing rights would lock everyone out of this feature, as no one has the right yet. Instead, update the query to only return filters that the user has the right to see.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Only return filters visible to user in searchmediawiki/extensions/AbuseFiltermaster+152 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

STran created this task.Jun 13 2024, 9:42 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 13 2024, 9:42 AM
Tchanders mentioned this in T363906: [Epic] Ensure filters that use PII-sensitive variables are protected.Jun 13 2024, 2:31 PM
Tchanders edited projects, added Trust and Safety Product Sprint (Sprint Cajon (Jun 24 - July 5)); removed Trust and Safety Product Sprint (Sprint Melodica (Jun 3 - Jun 14)).Jun 25 2024, 10:48 AM
Tchanders moved this task from Priority Backlog to Ready on the Trust and Safety Product Sprint (Sprint Cajon (Jun 24 - July 5)) board.
gerritbot added a comment.Jul 2 2024, 12:21 PM

Change #1051349 had a related patch set uploaded (by STran; author: STran):

[mediawiki/extensions/AbuseFilter@master] Only return filters visible to user in search

https://gerrit.wikimedia.org/r/1051349

gerritbot added a project: Patch-For-Review.Jul 2 2024, 12:21 PM
Tchanders moved this task from Ready to Needs Review on the Trust and Safety Product Sprint (Sprint Cajon (Jun 24 - July 5)) board.Jul 3 2024, 2:03 PM
Tchanders added a parent task: T363906: [Epic] Ensure filters that use PII-sensitive variables are protected.Jul 3 2024, 5:04 PM
kostajh moved this task from Needs Review to Needs QA on the Trust and Safety Product Sprint (Sprint Cajon (Jun 24 - July 5)) board.Jul 9 2024, 9:21 AM
gerritbot added a comment.Jul 9 2024, 9:45 AM

Change #1051349 merged by jenkins-bot:

[mediawiki/extensions/AbuseFilter@master] Only return filters visible to user in search

https://gerrit.wikimedia.org/r/1051349

ReleaseTaggerBot added a project: MW-1.43-notes (1.43.0-wmf.14; 2024-07-16).Jul 9 2024, 10:00 AM
Tchanders added a project: Temporary accounts (Blockers to minor pilot wiki deployment).Jul 9 2024, 10:26 AM
Maintenance_bot removed a project: Patch-For-Review.Jul 9 2024, 7:50 PM
Tchanders edited projects, added Trust and Safety Product Sprint (Sprint Koto (July 15 - July 26)); removed Trust and Safety Product Sprint (Sprint Cajon (Jun 24 - July 5)).Jul 14 2024, 2:06 PM
Tchanders moved this task from Priority Backlog to Needs QA on the Trust and Safety Product Sprint (Sprint Koto (July 15 - July 26)) board.
Djackson-ctr moved this task from Needs QA to Done on the Trust and Safety Product Sprint (Sprint Koto (July 15 - July 26)) board.Jul 18 2024, 2:57 AM
Djackson-ctr subscribed.

Per the ticket Description, I have verified the new code has been implemented and is functioning and displaying as expected.

Tchanders closed this task as Resolved.Jul 19 2024, 9:24 AM
Tchanders mentioned this in T381470: Protected filters should display in Special:AbuseFilter.Dec 4 2024, 9:14 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits