Page MenuHomePhabricator
Create Task
Maniphest T387324

Add hook to support custom logging in `ProtectedVarsAccessLogger`
Closed, ResolvedPublic
Actions

Description

The ProtectedVarsAccessLogger class in AbuseFilter is responsible for logging access to protected variables. As IPs are the only protected variable at the moment and CheckUser's temporary accounts support wants to centralize logging access to IPs, the class does a check to see if CU is installed and if so, prefers its logger over AF's.

We can remove this business logic by adding a hook to ProtectedVarsAccessLogger that allows CU to respond to this event and contain CheckUser's logging reqs in the extension itself. Depending on implementation, an additional mechanism may need to be implemented in order to allow an override as opposed to a lateral logger. Whatever the implementation, I don't think the event should be logged twice.

Acceptance Criteria:

  • Hook exists and is run in ProtectedVarsAccessLogger
  • Mechanism allows for logger/log to be diverted from AbuseFilter's logging

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Add ProtectedVarsAccessLogger hookmediawiki/extensions/AbuseFiltermaster+188 -91
Customize query in gerrit

Related Objects
Search...

Event Timeline

STran created this task.Feb 26 2025, 12:14 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 26 2025, 12:14 PM
STran mentioned this in T387328: Refactor CheckUser ProtectedVarsAccessLogger logging out of AbuseFilter.Feb 26 2025, 1:00 PM
STran mentioned this in T385687: Investigate: How should the AbuseFilter variable `user_unnamed_ip` be restricted.Feb 26 2025, 1:31 PM
STran added a parent task: T354599: [EPIC] WE4.2.14b Provide IP reputation variables in AbuseFilter.Feb 26 2025, 3:38 PM
STran added a project: Trust and Safety Product Sprint (Sprint Lemon Meringue (March 3 - 21)).
Dreamy_Jazz moved this task from Inbox to Engineering on the Trust and Safety Product Team board.Feb 28 2025, 5:52 PM
Dreamy_Jazz edited projects, added Trust and Safety Product Team (Engineering); removed Trust and Safety Product Team.
STran claimed this task.Mar 3 2025, 5:20 PM
STran moved this task from Priority Backlog to In Progress on the Trust and Safety Product Sprint (Sprint Lemon Meringue (March 3 - 21)) board.
gerritbot added a comment.Mar 6 2025, 6:35 PM

Change #1125212 had a related patch set uploaded (by STran; author: STran):

[mediawiki/extensions/AbuseFilter@master] [WIP] Add ProtectedVarsAccessLogger hook

https://gerrit.wikimedia.org/r/1125212

gerritbot added a project: Patch-For-Review.Mar 6 2025, 6:35 PM
kostajh moved this task from Engineering to Engineering on the Trust and Safety Product Team board.Mar 10 2025, 12:44 PM
kostajh edited projects, added Trust and Safety Product Team; removed Trust and Safety Product Team (Engineering).
gerritbot added a comment.Mar 12 2025, 4:40 PM

Change #1125212 merged by jenkins-bot:

[mediawiki/extensions/AbuseFilter@master] Add ProtectedVarsAccessLogger hook

https://gerrit.wikimedia.org/r/1125212

ReleaseTaggerBot added a project: MW-1.44-notes (1.44.0-wmf.21; 2025-03-18).Mar 12 2025, 5:00 PM
Maintenance_bot removed a project: Patch-For-Review.Mar 12 2025, 5:30 PM
STran moved this task from In Progress to Needs QA on the Trust and Safety Product Sprint (Sprint Lemon Meringue (March 3 - 21)) board.Mar 13 2025, 10:56 AM
Tchanders edited projects, added Trust and Safety Product Sprint (Sprint Chocolate Cake (March 24 - April 11)); removed Trust and Safety Product Sprint (Sprint Lemon Meringue (March 3 - 21)).Mar 24 2025, 2:21 PM
Tchanders moved this task from Priority Backlog to Needs QA on the Trust and Safety Product Sprint (Sprint Chocolate Cake (March 24 - April 11)) board.
Djackson-ctr moved this task from Needs QA to Done on the Trust and Safety Product Sprint (Sprint Chocolate Cake (March 24 - April 11)) board.Apr 5 2025, 6:39 AM
Djackson-ctr subscribed.

QA is completed, I have verified the new code has been implemented and is functioning as expected Per the Acceptance Criteria.

kostajh closed this task as Resolved.Apr 14 2025, 8:07 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits