Page MenuHomePhabricator
Create Task
Maniphest T368125

Clean up existing unattached accounts
Open, Needs TriagePublic
Actions

Description

See parent task:

As part of T348388: Use central login wiki for login (SUL3), the login and signup forms would be moved to the central login wiki. It would make sense to move the credentials change forms (password change, 2FA change) as well. This doesn't block rollout of the other SUL3 work, and could be done much later, apart from WebAuthn where we'd have to disable the local form at least (T354701: Enable migration of WebAuthn credentials to loginwiki).

In the simplest form, this could just mean changing the various Special:Preferences buttons to be simple links.

Once we only use loginwiki to do password or 2FA change, existing accounts not attached to CentralAuth will break. Proposed:

  • For each wiki, enumerate its user table (we do not use localnames table, since local user table is canonical) and compare it with globaluser table.
  • If the local and global username differ, unattach it first since CentralAuth can not merge accounts with different names. I am not sure whether there are any such cases.
  • If there are no global account with a specific user name:
    • If local account with such name only exists in one wiki, create a global account for it.
    • If local account with such name exists in multiple wikis, we need to first rename the account so they have different name, then create new global accounts.
  • If there is a global account with such name:
    • If local account has zero edits, it can be attached to the global one.
    • If local account is a system user, it can be attached.
    • In other cases, they should be checked manually before attaching.

See also T367968#9908254: this is basically doing SUL finalisation again, but in a much smaller scale.

Related Objects
Search...

Event Timeline

Bugreporter created this task.Fri, Jun 21, 7:03 AM
Bugreporter mentioned this in T368235: Remove support for unattached accounts in CentralAuth.Mon, Jun 24, 3:10 AM
Bugreporter added a parent task: T368235: Remove support for unattached accounts in CentralAuth.
Tgr edited projects, added MediaWiki-extensions-CentralAuth; removed SUL3.Mon, Jun 24, 2:56 PM
Tgr subscribed.

Once we only use loginwiki to do password or 2FA change, existing accounts not attached to CentralAuth will break.

As noted in T348388, this is incorrect, and so this task isn't particularly related to SUL3.

There was a task about unattached accounts which I can't find anymore, but IIRC there were about 100 of them, mostly system users (cf T214722: Introduce global system users) or very old bot accounts, so this does not seem like an acute problem. Although T313492: Participants reported incorrectly on Special:EventDetails if some users are hidden or unattached is a recent case of unattached accounts apparently still causing issues.

Restricted Application added a project: MediaWiki-Platform-Team. · View Herald TranscriptMon, Jun 24, 2:56 PM
larissagaulia moved this task from Inbox, needs triage to Backlog: non-prioritized on the MediaWiki-Platform-Team board.Mon, Jul 1, 2:41 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits