Page MenuHomePhabricator
Create Task
Maniphest T369169

Further investigation on globalUser usage from Patch comment
Closed, InvalidPublic
Actions

Description

During a previous patch a comment was give: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CentralAuth/+/1049249/4..11/includes/Special/SpecialGlobalVanishRequest.php#b122.

We should investigate and make sure that all precaution are taken care of, and that the above mentioned implementation works the same as the one mentioned in the comment

Related Objects
Search...

Event Timeline

SimoneThisDot created this task.Jul 3 2024, 12:54 PM
Dbrant moved this task from Needs Triage to Tracking on the Wikipedia-Android-App-Backlog board.Jul 3 2024, 2:32 PM
JJMC89 removed a project: Epic.Jul 4 2024, 5:13 PM
Mimurawil subscribed.Jul 4 2024, 7:47 PM

Doing a quick test in my local development, this looks safe for that specific case (auto-approve vanish requests when user hasn't done anything)

  • The admin has the permission to delete only the global account for the user, which makes that user a local-only
  • If that user logs in the system auto-creates a global user for them

So the user cannot exist only locally AND request a vanish (to be auto-approved).

I'm not sure if there's another edge case in which a user (local only, not global) can request a global vanish.

HNordeenWMF moved this task from Needs Triage to Tracking on the Wikipedia-iOS-App-Backlog board.Jul 8 2024, 3:40 PM
SimoneThisDot closed this task as Invalid.Jul 10 2024, 12:01 PM
Seddon moved this task from Incoming to Done on the Account-Vanishing board.Jul 23 2024, 11:50 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits