Page MenuHomePhabricator
Create Task
Maniphest T412609

Introduce Superuser Role to Manage and Edit Any Campaign
Closed, ResolvedPublic
Actions

Description

Description Currently, the ISA Tool allows only the campaign creator (campaign manager) to edit and update a campaign. This creates a single point of failure: if the campaign manager becomes inactive or unavailable, tool maintainers and owners cannot update campaign details. To address this, we need to introduce a Superuser mechanism using a soft allowlist, without making any database schema changes. Superusers are trusted maintainers whose usernames are defined in a configuration-based allowlist. These users should have the same campaign-editing permissions as a campaign manager and be able to update any campaign, regardless of ownership.

Domain Coding (Backend / Authorization)

Difficulty Difficult

Implementation Requirements

  1. Superuser Allowlist (No DB Changes) Introduce a soft allowlist of usernames, defined via: Application config, or Environment variable (preferred) Example: ISA_SUPERUSERS = ["Username1", "Username2"] No database migrations or schema changes are allowed.
  1. Centralized Permission Logic
    • Implement a helper function such as:
def can_manage_campaign(user, campaign):
    return (user and (user.id == campaign.manager_id or user.username in SUPERUSER_ALLOWLIST))
  • Avoid duplicating permission checks across routes
  1. Update Campaign Edit / Update Routes Replace existing checks that only allow campaign managers. Ensure:
    • Campaign managers retain existing permissions.
    • Superusers can edit and update any campaign.
    • Unauthorized users are blocked.
  1. Security Constraints
    • No UI or API should allow users to modify the superuser list.
    • Superuser list should be editable only by maintainers via config or environment variables.
    • Prevent privilege escalation.

Expected Outcome

  • Superusers can edit and update any campaign.
  • Campaign managers can still edit their own campaigns.
  • Regular users cannot edit campaigns they do not manage.
  • No database schema changes are introduced.
  • Permission logic is explicit, readable, and maintainable.

Acceptance Criteria

  • A user listed in the superuser allowlist can update any campaign.
  • A campaign manager can update their own campaign.
  • A regular user cannot update campaigns they do not manage.
  • No database migration is required.
  • Existing campaign functionality remains unaffected.

Setup Notes
Superuser usernames may be defined via environment variables or app configuration.
Testing should cover:

  • Campaign manager access
  • Superuser access
  • Unauthorized access

Event Timeline

Swayam_Agrahari created this task.Dec 13 2025, 7:23 PM
Swayam_Agrahari updated the task description. (Show Details)Dec 15 2025, 8:32 AM
Gopavasanth subscribed.Dec 15 2025, 12:14 PM
This comment was removed by Gopavasanth.
Gopavasanth claimed this task.Dec 16 2025, 7:18 AM
Gopavasanth added a project: WMA-HackChallenge-2025.
CodeReviewBot added a project: Patch-For-Review.Dec 16 2025, 7:19 AM

gopavasanth opened https://gitlab.wikimedia.org/toolforge-repos/isa/-/merge_requests/33

Enhanced campaign management by adding ISA superuser checks

CodeReviewBot added a comment.Dec 16 2025, 8:53 PM

swayamagrahari merged https://gitlab.wikimedia.org/toolforge-repos/isa/-/merge_requests/33

Enhanced campaign management by adding ISA superuser checks

Swayam_Agrahari closed this task as Resolved.Dec 16 2025, 8:55 PM
Swayam_Agrahari moved this task from Incoming features to Merged on the ISA board.

Hey @Gopavasanth thanks for the pr, it is one of the important features we were looking forward, great work : )
Status: Accepted✅

Swayam_Agrahari moved this task from Backlog to Completed on the WMA-HackChallenge-2025 board.Dec 16 2025, 8:55 PM
Maintenance_bot removed a project: Patch-For-Review.Dec 16 2025, 9:32 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits