Page MenuHomePhabricator
Create Task
Maniphest T368949

Implement global autoblocks from global user blocks
Open, Needs TriagePublic
Actions

Description

Background

See also the parent task: T355286: [Epic] Globally blocking a temporary account should prevent further account creations

Problem

Once a temporary account is globally blocked, the user could just make another edit, causing another temporary account to be autocreated.

Solution
An autoblock (an automatically created block against the user's IP address) would prevent the user making subsequent edits once logged out of their temporary account. See more documentation about autoblocks.

Autoblocks can currently only be made for local blocks. This task is for implementing autoblocks for global blocks. Since autoblocks only work against user accounts, this task must be completed first: T17294: Allow globally blocking of accounts.

How would they work

Global autoblocks could work similarly to local autoblocks:

  • The last IP address used by the blocked user is blocked automatically for 24 hours (this duration is controlled by a sitewide configuration option)
  • Any IP address the user tries to edit from subsequently is also autoblocked
  • If the original block is removed or updated to block different things, the autoblock is similarly removed or updated
Technical notes

Notes about how autoblocks work locally:

  • Local blocks are stored in the block table
  • Any block that is an autoblock has block.bl_parent_block_id set to the ID of the original block against the user account
  • Any block against a user account that causes autoblocks to be made have block.bl_enable_autoblock true
  • Some IPs are exempt from autoblocks (defined in the message block-autoblock-exemptionlist)
  • The maximum duration is controlled by the config AutoblockExpiry
  • An autoblock is made when the original block is inserted via DatabaseBlockStore::insertBlock calling ::doRetroactiveAutoblock
  • If CheckUser is enabled, the block is made by CheckUser handling the PerformRetroactiveAutoblock hook, since CheckUser can look up IP addresses. (Otherwise core can do it, but that's not the case on WMF production: T356430#9940748)
  • Subsequent autoblocks are made via User::spreadAnyEditBlock (callers here)
  • Autoblocks are updated via DatabaseBlockStore::updateBlock

Related Objects
Search...

StatusSubtypeAssignedTask
 In ProgressNiharikaT324492 Temporary accounts - MVP
 OpenNoneT326816 Update features for temporary accounts
 OpenNoneT355286 [Epic] Globally blocking a temporary account should prevent further account creations
 OpenNoneT368949 Implement global autoblocks from global user blocks
 OpenNoneT368151 Add a shared table to CheckUser that records changes to different wikis per IP address of the user
 OpenFeatureDreamy_JazzT17294 Allow globally blocking of accounts
 ResolvedDreamy_JazzT356990 GlobalBlocking extension has poor test coverage
 OpenNoneT358777 Rename messages with the '-new' suffix to remove this suffix
 OpenNoneT358776 Remove old versions of GlobalBlocking i18n messages
 OpenNoneT358773 Remove the global accounts block configuration flag
 OpenNoneT356924 Deploy global account blocks to WMF wikis
 ResolvedDreamy_JazzT356926 Add support to block global accounts using the globalblock API
 ResolvedDreamy_JazzT356929 Allow SpecialRemoveGlobalBlock to remove a global block on an account
 ResolvedDreamy_JazzT356931 Support modifying the status of global blocks on accounts using Special:GlobalBlockStatus
 OpenDreamy_JazzT356932 Allow Special:GlobalBlockList to show global blocks for accounts
 ResolvedDreamy_JazzT359584 Provide action links on Special:Log for global block entries
 ResolvedDreamy_JazzT356934 Allow a user to perform global blocks on accounts using Special:GlobalBlock
 ResolvedBUG REPORTDreamy_JazzT366352 The "Locally block anonymous users only" checkbox is not properly disabled when it is made visible
 OpenDreamy_JazzT356935 The 'globalblocks' API should support listing global blocks for accounts
 ResolvedTchandersT360516 Periodically remove orphaned global_block_whitelist entries
 ResolvedDreamy_JazzT360621 Test and make improvements to the fixGlobalBlockWhitelist.php script
 ResolvedDreamy_JazzT366386 Update GlobalBlockingHooks to support global account blocks
 ResolvedDreamy_JazzT356936 Update GlobalBlocking services to support global block on accounts
 ResolvedDreamy_JazzT358150 Update the GlobalBlockLocalStatusLookup and GlobalBlockLocalStatusManager services to support blocking accounts
 ResolvedDreamy_JazzT358157 Update the GlobalBlockManager service to support global blocks on accounts
 ResolvedDreamy_JazzT358155 Update GlobalBlockLookup service to support global blocks on accounts
 ResolvedDreamy_JazzT356876 Add a column to store central ID in globalblocks and global_block_whitelist tables
 ResolvedMarosteguiT356987 Add gb_target_central_id to the globalblocks table on the centralauth DB
 ResolvedMarosteguiT356988 Add gbw_target_central_id to global_block_whitelist table on WMF wikis
 ResolvedDreamy_JazzT356922 Deprecate unnecessary GlobalBlocking hooks
 ResolvedDreamy_JazzT359091 Create GlobalBlockLocalStatusManager service
 ResolvedDreamy_JazzT358865 Use non-legacy log parameters for log entries for global blocking and unblocking
 ResolvedDreamy_JazzT358725 Update the GlobalBlockingLinkBuilder service for global account blocks
 ResolvedDreamy_JazzT356923 Create a configuration value to control whether global account blocks are enabled
 ResolvedDreamy_JazzT356925 Update or duplicate GlobalBlocking messages to allow staged deployment of blocking accounts
 ResolvedDreamy_JazzT357385 Refactor the GlobalBlocking utility class into services
 ResolvedDreamy_JazzT357399 Create GlobalBlockingConnectionProvider
 ResolvedDreamy_JazzT357443 Create GlobalBlockingBlockPurger service
 ResolvedDreamy_JazzT357506 Create GlobalBlockLocalStatusLookup service
 ResolvedDreamy_JazzT357675 Create GlobalBlockLookup service
 ResolvedDreamy_JazzT357925 Create the GlobalBlockManager service
 ResolvedDreamy_JazzT366921 GlobalBlockingHooks::onSpecialPasswordResetOnSubmit is never called
 OpenNoneT367647 Review global blocks from a Steward perspective
 OpenNoneT368955 Investigate some open questions related to global autoblocks

Event Timeline

Tchanders created this task.Mon, Jul 1, 4:49 PM
Tchanders added a subtask: T368151: Add a shared table to CheckUser that records changes to different wikis per IP address of the user.
Tchanders added a subtask: T17294: Allow globally blocking of accounts.Mon, Jul 1, 4:51 PM
Tchanders mentioned this in T368955: Investigate some open questions related to global autoblocks.Mon, Jul 1, 5:36 PM
Bugreporter subscribed.Tue, Jul 2, 12:36 AM

Note: autoblocks only last for one day, though there are proposal to extend it: T43479: [Spam/vandalism] Raise $wgAutoblockExpiry noticeably - Note if I read the task correctly, the current blocker of increasing $wgAutoblockExpiry is not a technical one, but a social one, namely we need to measure how increasing it is effective.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits