Page MenuHomePhabricator
Create Task
Maniphest T408724

Clean up $performer parameter of AuthManager::autoCreateUser()
Closed, ResolvedPublic
Actions

Description

Currently on self-autocreation, some callers pass in the user as the performer and some pass in null. That's confusing and increases the likelihood of bugs. We should probably just deprecate null as a valid value. (It's also used by maintenance scripts but those could just pass something like new UltimateAuthority( User::newSystemUser( User::MAINTENANCE_SCRIPT_USER, [ 'steal' => true ] ).)

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
maintenance: Avoid NULL as performer to AuthManager::autoCreateUser()mediawiki/extensions/CheckUsermaster+8 -2
auth: Use the user object when action performer is NULLmediawiki/coremaster+86 -41
Use the `$user` object when performer is passed in as NULLmediawiki/extensions/CentralAuthmaster+40 -30
Dump: Fix passing NULL to ::autoCreateUser()mediawiki/extensions/Flowmaster+1 -1
auth: Minor fixes to the AuthManager::autoCreateUser() docsmediawiki/coremaster+7 -6
Customize query in gerrit

Related Objects

Event Timeline

Tgr created this task.Oct 29 2025, 5:41 PM
Restricted Application added a project: MediaWiki-Platform-Team. · View Herald TranscriptOct 29 2025, 5:42 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
JTweed-WMF moved this task from Inbox, needs triage to Next (DO NOT USE) on the MediaWiki-Platform-Team board.Oct 30 2025, 3:09 PM
Dragoniez subscribed.Nov 1 2025, 1:23 AM
DAlangi_WMF changed the task status from Open to In Progress.Nov 4 2025, 11:56 AM
DAlangi_WMF claimed this task.
DAlangi_WMF moved this task from Next (DO NOT USE) to In progress (DO NOT USE) on the MediaWiki-Platform-Team board.
gerritbot added a comment.Nov 4 2025, 12:17 PM

Change #1201589 had a related patch set uploaded (by D3r1ck01; author: Derick Alangi):

[mediawiki/extensions/CentralAuth@master] Emit deprecation warnings when NULL is used as the performer

https://gerrit.wikimedia.org/r/1201589

gerritbot added a project: Patch-For-Review.Nov 4 2025, 12:17 PM

Change #1201590 had a related patch set uploaded (by D3r1ck01; author: Derick Alangi):

[mediawiki/core@master] auth: Minor fixes to the AuthManager::autoCreateUser() docs

https://gerrit.wikimedia.org/r/1201590

DAlangi_WMF added a comment.Nov 4 2025, 12:19 PM

Per CodeSearch search, luckily not so many places in WMF deployed repos: https://codesearch.wmcloud.org/deployed/?q=%3EautoCreateUser%5C%28

gerritbot added a comment.Nov 4 2025, 1:31 PM

Change #1201604 had a related patch set uploaded (by D3r1ck01; author: Derick Alangi):

[mediawiki/extensions/CheckUser@master] maintenance: Avoid NULL as performer to AuthManager::autoCreateUser()

https://gerrit.wikimedia.org/r/1201604

gerritbot added a comment.Nov 4 2025, 1:36 PM

Change #1201605 had a related patch set uploaded (by D3r1ck01; author: Derick Alangi):

[mediawiki/extensions/Flow@master] Dump: Fix passing NULL to ::autoCreateUser()

https://gerrit.wikimedia.org/r/1201605

gerritbot added a comment.Nov 4 2025, 4:05 PM

Change #1201590 merged by jenkins-bot:

[mediawiki/core@master] auth: Minor fixes to the AuthManager::autoCreateUser() docs

https://gerrit.wikimedia.org/r/1201590

ReleaseTaggerBot added a project: MW-1.46-notes (1.46.0-wmf.2; 2025-11-12).Nov 4 2025, 5:00 PM
gerritbot added a comment.Nov 5 2025, 9:36 AM

Change #1201605 abandoned by D3r1ck01:

[mediawiki/extensions/Flow@master] Dump: Fix passing NULL to ::autoCreateUser()

Reason:

With the latest PS at I16497e4789d38d1ade07aceeebb4031359bd4b8c, this patch is no longer needed.

https://gerrit.wikimedia.org/r/1201605

gerritbot added a comment.Nov 5 2025, 9:53 AM

Change #1201681 had a related patch set uploaded (by D3r1ck01; author: Derick Alangi):

[mediawiki/core@master] auth: Deprecate passing NULL as performer to autoCreateUser()

https://gerrit.wikimedia.org/r/1201681

gerritbot added a comment.Nov 5 2025, 10:30 PM

Change #1201604 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] maintenance: Avoid NULL as performer to AuthManager::autoCreateUser()

https://gerrit.wikimedia.org/r/1201604

gerritbot added a comment.Nov 6 2025, 10:01 AM

Change #1201605 restored by D3r1ck01:

[mediawiki/extensions/Flow@master] Dump: Fix passing NULL to ::autoCreateUser()

https://gerrit.wikimedia.org/r/1201605

matmarex subscribed.Nov 6 2025, 4:53 PM

It's not actually clear to me what we should pass as performer instead of null. The code of AuthManager::autoCreateUser() itself mostly uses an anonymous user as performer when null is given. Some of the patches proposed here pass the user to be created instead, which may be an unintended change in behavior. @Tgr Any advice?

Tgr added a comment.Nov 6 2025, 5:59 PM

There are three options:

  • the operation shouldn't fail: use an UltimateAuthority
  • the operation should fail if there's a conflicting AbuseFilter etc, regardless of who the user is: use an anonymous user object
  • the operation should fail if there's a conflicting AbuseFilter etc, unless the (central) user has permissions to override it: use $user

I think most of the time the third makes most sense, even if it's a behavior change.

We could also go the opposite direction, keep null as the "user is same as performer" value, and change the internal logic so it uses $user rather than a new anonymous user in that case. Either way, we should avoid the situation where callers sometimes pass null and sometimes the user, with the difference between the two being non-obvious.

gerritbot added a comment.Nov 7 2025, 6:57 AM

Change #1201605 merged by jenkins-bot:

[mediawiki/extensions/Flow@master] Dump: Fix passing NULL to ::autoCreateUser()

https://gerrit.wikimedia.org/r/1201605

OWresch-WMF edited projects, added MediaWiki-Platform-Team (Q3 Kanban Board); removed MediaWiki-Platform-Team.Nov 21 2025, 11:44 AM
OWresch-WMF moved this task from Essential Work to In Progress on the MediaWiki-Platform-Team (Q3 Kanban Board) board.
gerritbot added a comment.Nov 26 2025, 3:44 PM

Change #1201589 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] Use the `$user` object when performer is passed in as NULL

https://gerrit.wikimedia.org/r/1201589

ReleaseTaggerBot edited projects, added MW-1.46-notes (1.46.0-wmf.5; 2025-12-02); removed MW-1.46-notes (1.46.0-wmf.2; 2025-11-12).Nov 26 2025, 4:00 PM
DAlangi_WMF mentioned this in T385310: Could not find local user data for {username}@{wikiId} (2025).Nov 28 2025, 2:12 PM
gerritbot added a comment.Dec 2 2025, 10:39 PM

Change #1201681 merged by jenkins-bot:

[mediawiki/core@master] auth: Use the user object when action performer is NULL

https://gerrit.wikimedia.org/r/1201681

ReleaseTaggerBot edited projects, added MW-1.46-notes (1.46.0-wmf.7; 2025-12-16); removed MW-1.46-notes (1.46.0-wmf.5; 2025-12-02).Dec 3 2025, 12:00 AM
DAlangi_WMF closed this task as Resolved.Dec 3 2025, 10:51 AM

Thanks for landing the final piece @matmarex. This can be resolved now!

matmarex mentioned this in T411826: MediaWiki periodic job centralauth-backfilllocalaccounts.php-loginwiki failed.Dec 5 2025, 11:36 PM
Dragoniez mentioned this in T411952: Special:CreateLocalAccount doesn't create accounts for other users due to IP blocks, even when I am a sysop.Dec 7 2025, 1:52 PM
Reedy removed a project: Patch-For-Review.Dec 7 2025, 11:41 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits