Page MenuHomePhabricator
Create Task
Maniphest T412583

If the Antivandalism Extension is disabling an account in response to a given action, also prevent that action from taking place
Open, Stalled, Needs TriagePublicFeature
Actions

Description

Feature summary
If the Phabricator Antivandalism Extension is disabling a Phabricator account in response to a given action, it could also prevent that action from taking place.
If information about the attempted action should be stored (e.g. for logging/debugging purposes), it could theoretically e.g. be logged at the time the account is disabled.

Use case(s)/Benefits
It'd remove the need to clean up after vandalism/task disruption in cases where the antivandalism extension has already decided that an action is likely enough to be vandalism that it's gonna disable the user's account as a result.
It'd also prevent task notifications that'd otherwise be generated as a result of that action, in addition to preventing it from adding extra 'noise' to a task's history.

T378834#11456451 is an example from earlier today. The Phabricator account in question was disabled as a result of that action, but it e.g. still needed to be manually reverted.

Related upstream task: https://we.phorge.it/T16290

Related Objects

Event Timeline

A_smart_kitten created this task.Dec 13 2025, 11:27 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 13 2025, 11:27 AM
Pppery awarded a token.Dec 13 2025, 7:08 PM
Aklapper added a comment.EditedDec 13 2025, 11:27 PM

it could also prevent that action from taking place.

Preventing an action is not possible as AVA is implemented as a Herald action, and a Herald action can only react to something that has already happened. In my understanding.

A_smart_kitten added a comment.Dec 14 2025, 8:42 AM

Hrm; random idea — maybe we could:

  • Ask upstream for them to introduce a "prevent action from taking place" Herald action [that could be used] for global Maniphest Herald rules (similar to the "block push/diff with message" Herald actions that already exist for Differential & Diffusion)
  • Modify AVA to do its calculations (& also disable accounts/delete sessions as appropriate) as a Herald condition, rather than a Herald action
  • Edit {H293} to use the modified AVA condition, and - as the action - use the new "prevent action from taking place" action implemented by upstream

?

There are probably also other ways that this could be implemented downstream, but some of them might (e.g.) require our downstream fork of Phorge to be aware of AVA… which seems maybe kinda hacky & I don't know if you and/or RelEng would want to maintain that sort of downstream patch :)

Aklapper added a comment.Dec 15 2025, 9:23 PM

More context is in https://we.phorge.it/T16290 which rules out the first bullet point (and I guess the followup ones, assuming it's an ordered list).

Yes I'd love to see this too but the current architecture is pretty much against us. :-/

Aklapper changed the task status from Open to Stalled.Dec 15 2025, 9:24 PM
Aklapper edited projects, added Phabricator (Upstream); removed Phabricator.
Aklapper moved this task from Backlog to Upstreamed on the Phabricator (Upstream) board.
Aklapper added a project: Upstream.
Aklapper moved this task from Backlog to Reported Upstream on the Upstream board.
Aklapper updated the task description. (Show Details)
A_smart_kitten added a comment.Dec 15 2025, 9:45 PM
In T412583#11462191, @Aklapper wrote:

More context is in https://we.phorge.it/T16290 which rules out the first bullet point (and I guess the followup ones, assuming it's an ordered list).

FWIW, maybe I'm missing something but I don't currently see how that task (re [evaluating the possibility of] asynchronous Herald rules) would necessarily block a "prevent action from taking place" Herald action from being added (assuming that async Herald rules end up ever going ahead :p) -- as I noted at https://we.phorge.it/T16290#28596, it seems like there would always be some Herald rules that probably couldn't be async.

Aklapper added a comment.Dec 16 2025, 2:01 PM
In T412583#11462286, @A_smart_kitten wrote:

I don't currently see how that task (re [evaluating the possibility of] asynchronous Herald rules) would necessarily block a "prevent action from taking place" Herald action from being added

Hmm, maybe _I_ misunderstand now. :) In my understanding there is no way to have Herald block a transaction as Herald runs after the transaction has already taken place? (Maybe Herald could try to revert the transaction, though that might also not trivial to implement.)

A_smart_kitten added a comment.EditedDec 16 2025, 2:16 PM

Basically, I 'stole'/repurposed the idea for a "prevent [Maniphest] action from taking place" Herald action from Diffusion/Differential, which have their own implementations of a similar action ("block push with message" / "block diff with message").
I'm unfamiliar with Phorge code; but it looks like, at the time of those applications calculating the Herald effects for a given event, they check for whether that specific Herald action has been triggered, and block the event from taking place if it has been (Differential code, Diffusion code).

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits