Page MenuHomePhabricator
Create Task
Maniphest T386593

Remove "Edit protected pages" grant option from Special:AppManagement
Closed, ResolvedPublic
Actions

Description

T290790: Group OAuth grants by riskiness indicates to users that including admin-level permissions in their app requests make them less likely to be approved. Unfortunately, ApiPortal has its own implementation of requesting new OAuth 2 apps, and there are no warnings there, so we get lots of requests with "Edit protected pages" checked (for some reason, the only advanced grant available via that interfaces), which are then often rejected, a waste of time for everyone involved.

Since the idea behind Special:AppManagement is to have a simple, minimal UI for the most common OAuth 2 use cases, and editing protected pages is very decidedly not a common use case, I think the easiest thing to do would be to just remove that grant option (and maybe add a link to Special:OAuthConsumerRegistration for more complex use cases).

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
form: Remove editprotected scopemediawiki/extensions/WikimediaApiPortalOAuthmaster+0 -8
Customize query in gerrit

Related Objects

Event Timeline

Tgr created this task.Feb 16 2025, 8:05 PM
Restricted Application added a project: MediaWiki-Platform-Team. · View Herald TranscriptFeb 16 2025, 8:05 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
larissagaulia moved this task from Inbox, needs triage to Roadmap on the MediaWiki-Platform-Team board.Feb 17 2025, 2:16 PM
larissagaulia edited projects, added MediaWiki-Platform-Team (Roadmap); removed MediaWiki-Platform-Team.
gerritbot added a comment.Feb 19 2025, 5:40 PM

Change #1121057 had a related patch set uploaded (by Alex Paskulin; author: Alex Paskulin):

[mediawiki/extensions/WikimediaApiPortalOAuth@master] form: Remove editprotected scope

https://gerrit.wikimedia.org/r/1121057

gerritbot added a project: Patch-For-Review.Feb 19 2025, 5:40 PM
OWresch-WMF edited projects, added MediaWiki-Platform-Team; removed MediaWiki-Platform-Team (Roadmap).Fri, Jan 16, 1:55 PM
matmarex moved this task from Inbox, needs triage to Q3 Kanban Board on the MediaWiki-Platform-Team board.Mon, Jan 19, 3:35 PM
matmarex edited projects, added MediaWiki-Platform-Team (Q3 Kanban Board); removed MediaWiki-Platform-Team.
matmarex moved this task from Essential Work to Next on the MediaWiki-Platform-Team (Q3 Kanban Board) board.
DAlangi_WMF moved this task from Next to In Progress on the MediaWiki-Platform-Team (Q3 Kanban Board) board.Tue, Jan 20, 11:06 AM
gerritbot added a comment.Thu, Jan 22, 1:49 PM

Change #1121057 merged by jenkins-bot:

[mediawiki/extensions/WikimediaApiPortalOAuth@master] form: Remove editprotected scope

https://gerrit.wikimedia.org/r/1121057

Restricted Repository Identity mentioned this in rEWAPda34ed011bd5: form: Remove editprotected scope.Thu, Jan 22, 1:51 PM
DAlangi_WMF closed this task as Resolved.Thu, Jan 22, 1:52 PM
DAlangi_WMF assigned this task to apaskulin.
Maintenance_bot removed a project: Patch-For-Review.Thu, Jan 22, 2:32 PM
matmarex subscribed.Thu, Jan 22, 3:14 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits