Parsoid should support passing on an authenticated user's read right (when MW API supports that)
Closed, ResolvedPublic

Description

[Very much a longer-term enhancement.]

Parsoid doesn't currently have support for passing on an authenticated user's read right when fetching the wikitext (because the API doesn't support that yet).


Version: unspecified
Severity: enhancement

bzimport added a project: Parsoid.Via ConduitNov 22 2014, 1:21 AM
bzimport set Reference to bz44483.
Jdforrester-WMF created this task.Via LegacyJan 29 2013, 8:44 PM
GWicke added a comment.Via ConduitJan 30 2013, 11:35 PM

Passing on the cookie header from the VisualEditor extension to Parsoid and then from Parsoid back to the API might be enough to enable this. Definitely worth a try.

Jdforrester-WMF added a comment.Via ConduitFeb 7 2013, 3:25 AM
  • Bug 44313 has been marked as a duplicate of this bug. ***
gerritbot added a comment.Via ConduitSep 21 2013, 9:12 AM

Change 85414 had a related patch set uploaded by GWicke:
WIP Bug 44483: Forward Cookie header to API

https://gerrit.wikimedia.org/r/85414

Krinkle added a comment.Via ConduitSep 24 2013, 12:03 PM

Random idea:

Could Parsoid be made private (already is, though last I checked it still has a public IP) and use an internal API instead of the public API. Then the responsibility for user rights lays in MediaWiki land, and when the request is in Parsoid we can assume it is authenticated and thus Parsoid can have unrestricted access.

GWicke added a comment.Via ConduitOct 8 2013, 7:27 PM

(In reply to comment #4)

Random idea:

Could Parsoid be made private (already is, though last I checked it still
has a
public IP) and use an internal API instead of the public API. Then the
responsibility for user rights lays in MediaWiki land, and when the request
is
in Parsoid we can assume it is authenticated and thus Parsoid can have
unrestricted access.

That is what we'll have to do in the longer term once we store HTML. Parsoid might not even be involved in that case, only the content API / storage is. See https://www.mediawiki.org/wiki/User:GWicke/Notes/Storage for the current WIP on that.

gerritbot added a comment.Via ConduitOct 16 2013, 11:24 PM

Change 85414 merged by jenkins-bot:
Bug 44483: Forward Cookie header to API

https://gerrit.wikimedia.org/r/85414

GWicke added a comment.Via ConduitOct 16 2013, 11:29 PM

Cookies are now forwarded, and caching is disabled if a cookie is set. Closing this bug as fixed. A content API will have to do its own auth.

gerritbot added a comment.Via ConduitOct 22 2013, 1:10 AM

Change 91111 had a related patch set uploaded by Jforrester:
Support private wikis by forwarding Cookie: headers to Parsoid

https://gerrit.wikimedia.org/r/91111

GWicke added a comment.Via ConduitOct 22 2013, 10:04 PM

Closing again.

gerritbot added a comment.Via ConduitNov 5 2013, 7:00 PM

Change 91111 merged by jenkins-bot:
Support private wikis by forwarding Cookie: headers to Parsoid

https://gerrit.wikimedia.org/r/91111

Add Comment

Column Prototype
This is a very early prototype of a persistent column. It is not expected to work yet, and leaving it open will activate other new features which will break things. Press "\" (backslash) on your keyboard to close it now.