Page MenuHomePhabricator
Create Task
Maniphest T390708

Log attempts to access protected variable values even if no actual values were present
Closed, ResolvedPublic
Actions

Description

As part of the changes implemented in T387331: Provide a mechanism for other extensions to modify protected variables access requirements, access to protected variables is only logged if an actual value is present:

if ( count( $protectedVariableValuesShown ) ) {
	$logger = $this->abuseLoggerFactory->getProtectedVarsAccessLogger();

This replaces code that used to infer whether or not a log view should be logged, as technical limitations at the time caused a use case which unnecessarily logged views of public logs. However, we should still log if the logs of a protected filter were viewed, similar to how CheckUser logs all uses, even if no results were found. This can happen when a filter that was previously using protected variables no longer uses them, as it will still be considered protected into perpetuity.

Acceptance Criteria:

  • Views of logs of protected filter hits are logged, even if no protected variable values are exposed.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Always log when a user views details about a protected filter hitmediawiki/extensions/AbuseFiltermaster+14 -10
Customize query in gerrit

Related Objects

Event Timeline

STran created this task.Apr 1 2025, 12:58 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 1 2025, 12:58 PM
STran moved this task from Priority Backlog to In Progress on the Trust and Safety Product Sprint (Sprint Chocolate Cake (March 24 - April 11)) board.Apr 1 2025, 12:58 PM
STran updated the task description. (Show Details)Apr 1 2025, 1:02 PM

This may affect the implementation of T389614: Update protected variable view log copy to reflect what protected variable(s) are being viewed

gerritbot added a comment.Apr 1 2025, 5:24 PM

Change #1133188 had a related patch set uploaded (by STran; author: STran):

[mediawiki/extensions/AbuseFilter@master] Always log when a user views details about a protected filter hit

https://gerrit.wikimedia.org/r/1133188

gerritbot added a project: Patch-For-Review.Apr 1 2025, 5:24 PM
STran moved this task from In Progress to Needs Review on the Trust and Safety Product Sprint (Sprint Chocolate Cake (March 24 - April 11)) board.Apr 3 2025, 1:19 PM
Dreamy_Jazz moved this task from Needs Review to Needs QA on the Trust and Safety Product Sprint (Sprint Chocolate Cake (March 24 - April 11)) board.Apr 3 2025, 2:22 PM
gerritbot added a comment.Apr 3 2025, 2:25 PM

Change #1133188 merged by jenkins-bot:

[mediawiki/extensions/AbuseFilter@master] Always log when a user views details about a protected filter hit

https://gerrit.wikimedia.org/r/1133188

Maintenance_bot removed a project: Patch-For-Review.Apr 3 2025, 2:31 PM
ReleaseTaggerBot added a project: MW-1.44-notes (1.44.0-wmf.24; 2025-04-08).Apr 3 2025, 3:00 PM
kostajh edited projects, added Trust and Safety Product Sprint (Sprint Cozonac (April 14 - May 2)); removed Trust and Safety Product Sprint (Sprint Chocolate Cake (March 24 - April 11)).Apr 14 2025, 2:52 PM
kostajh moved this task from Priority Backlog to Needs QA on the Trust and Safety Product Sprint (Sprint Cozonac (April 14 - May 2)) board.
dom_walden moved this task from Needs QA to Done on the Trust and Safety Product Sprint (Sprint Cozonac (April 14 - May 2)) board.Apr 16 2025, 2:55 PM
dom_walden subscribed.

I have tested accessing a large number of AbuseFilter logs on my local wiki and checking that a log is recorded each time. This included AbuseFilter logs of protected filters but which did not contain protected variables.

Test environment: local docker Abuse Filter – (d6dc418) 07:22, 15 April 2025. CheckUser 2.5 (7c58304) 07:29, 14 April 2025.

dom_walden mentioned this in T387328: Refactor CheckUser ProtectedVarsAccessLogger logging out of AbuseFilter.Apr 16 2025, 2:57 PM
kostajh closed this task as Resolved.Apr 16 2025, 3:34 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits