Page MenuHomePhabricator
Create Task
Maniphest T47469

The <Centralauth-error-locked> message sucks and needs improvement
Open, MediumPublic
Actions

Description

The <Centralauth-error-locked> message sucks and needs improvement - it currently reads:

You cannot edit because your account is locked.

This compares poorly to <Globalblocking-blocked> in terms of giving users somewhere to go:

Your IP address $5 has been blocked on all wikis by $1 ($2). The reason given was "$3". The block $4.

(This is being changed right now anyway.)

Version: unspecified
Severity: normal
See Also:
T59866: Causes "Incorrect password entered" error when the account is globally locked
T62607: Add lock reason (from log) or [[Special:CentralAuth/$1]] ($1=username) link to 'centralauth-login-error-locked' message.

Details

Reference
bz45469
SubjectRepoBranchLines +/-
Locally override Centralauth-error-lockedmediawiki/extensions/WikimediaMessagesmaster+3 -0
Customize query in gerrit

Related Objects
Search...

View Standalone Graph
This task is connected to more than 200 other tasks. Only direct parents and subtasks are shown here. Use View Standalone Graph to show more of the graph.
StatusSubtypeAssignedTask
· · ·
InvalidNoneT40638 [DO NOT USE] Interface messages needing rewording or documentation and other issues with existing messages [superseded by #Voice_&_Tone]
OpenNoneT47469 The <Centralauth-error-locked> message sucks and needs improvement
· · ·

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 1:29 AM
bzimport added projects: MediaWiki-extensions-CentralAuth, I18n.
bzimport set Reference to bz45469.
bzimport added a subscriber: Unknown Object (MLST).
Jdforrester-WMF created this task.Feb 27 2013, 1:00 AM
PiRSquared17 added a comment.Dec 2 2013, 6:08 PM

(In reply to comment #0)

The <Centralauth-error-locked> message sucks and needs improvement - it
currently reads:

You cannot edit because your account is locked.

This compares poorly to <Globalblocking-blocked> in terms of giving users
somewhere to go:

Your IP address $5 has been blocked on all wikis by $1 ($2). The reason

given
was "$3". The block $4.

(This is being changed right now anyway.)

Does the extension even give an error when logging in? I think it's just the incorrect passwd message.

MZMcBride added a comment.Dec 15 2013, 3:06 AM

James: should this bug continue to be assigned to you?

MZMcBride added a comment.Jan 6 2014, 2:14 AM

(In reply to comment #2)

James: should this bug continue to be assigned to you?

Bump.

And did https://gerrit.wikimedia.org/r/98568 fix this bug? Can someone check?

PiRSquared17 added a comment.Feb 27 2014, 3:19 AM

(In reply to MZMcBride from comment #3)

(In reply to comment #2)

James: should this bug continue to be assigned to you?

Bump.

And did https://gerrit.wikimedia.org/r/98568 fix this bug? Can someone
check?

This bug is about Centralauth-error-locked, not Centralauth-login-error-locked. Also, that did not include any detailed info like the reason for being locked.

PiRSquared17 added a comment.Feb 27 2014, 3:19 AM

(In reply to James Forrester from comment #0)
Are you still working on this?

Nemo_bis added a comment.Feb 27 2014, 8:55 AM

(In reply to PiRSquared17 from comment #4)

This bug is about Centralauth-error-locked, not
Centralauth-login-error-locked. Also, that did not include any detailed
info like the reason for being locked.

Can you submit a patch please?

PiRSquared17 added a comment.Feb 27 2014, 4:27 PM

(In reply to Nemo from comment #6)

(In reply to PiRSquared17 from comment #4)

This bug is about Centralauth-error-locked, not
Centralauth-login-error-locked. Also, that did not include any detailed
info like the reason for being locked.

Can you submit a patch please?

This is nontrivial, like bug 61548. The lock reasons are not stored in a central location currently. Using the current scheme, we would need to query every wiki (since locks can be from any wiki). Perhaps it would be better to create a central location for the globalauth logs or at least the current locks (maybe in globaluser table?).

James, are you still interested in this?

Nemo_bis added a comment.Feb 27 2014, 4:30 PM

There is a bug about restricting changes of global groups rights and membership to the central wiki; there is probably also one for locks. If that's a requirement for this bug, let's add it to blockers and get all of them done at once.

PiRSquared17 added a comment.Mar 1 2014, 3:47 PM

A temporary fix would be to only look on the "central wiki", and just give the current message if it's not found there.

(In reply to Nemo from comment #8)

There is a bug about restricting changes of global groups rights and
membership to the central wiki; there is probably also one for locks. If
that's a requirement for this bug, let's add it to blockers and get all of
them done at once.

Ticket link?

werdna unsubscribed.Dec 10 2014, 5:27 PM
Liuxinyu970226 subscribed.May 7 2015, 2:10 AM
Legoktm added a project: Stewards-and-global-tools.Oct 27 2015, 4:58 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 27 2015, 4:58 PM
jrbs added a project: Voice & Tone.Oct 30 2015, 12:02 AM
jrbs subscribed.
Nemo_bis added a comment.Oct 30 2015, 12:54 PM

Not a matter of tone but of availability of correct details to the local wiki.

Nemo_bis removed a project: Voice & Tone.Oct 30 2015, 12:54 PM
Nemo_bis set Security to None.
MarcoAurelio removed a subscriber: wikibugs-l-list.Apr 18 2016, 9:18 AM
Restricted Application added a subscriber: JEumerus. · View Herald TranscriptApr 18 2016, 9:18 AM
MarcoAurelio removed a parent task: T43492: [DO NOT USE] Steward, global sysop and SWMT tasks bugs (tracking) [superseded by #Stewards-and-global-tools].Jan 11 2017, 11:39 PM
Liuxinyu970226 mentioned this in T62607: Add lock reason (from log) or [[Special:CentralAuth/$1]] ($1=username) link to 'centralauth-login-error-locked' message..Mar 16 2017, 2:55 PM
Liuxinyu970226 updated the task description. (Show Details)
Matanya moved this task from Untriaged to Low priority on the Stewards-and-global-tools board.Apr 19 2017, 8:20 PM
gerritbot subscribed.Feb 21 2018, 9:04 PM

Change 413248 had a related patch set uploaded (by Gerrit Patch Uploader; owner: Gerrit Patch Uploader):
[mediawiki/extensions/WikimediaMessages@master] Locally override Centralauth-error-locked

https://gerrit.wikimedia.org/r/413248

gerritbot added a project: Patch-For-Review.Feb 21 2018, 9:04 PM
Bugreporter subscribed.Aug 3 2019, 2:32 PM
This comment was removed by Bugreporter.
gerritbot added a comment.Sep 28 2020, 10:27 AM

Change 413248 abandoned by MarcoAurelio:
[mediawiki/extensions/WikimediaMessages@master] Locally override Centralauth-error-locked

Reason:
No longer required.

https://gerrit.wikimedia.org/r/413248

gerritbot added a comment.Sep 28 2020, 10:28 AM

Change 413248 restored by MarcoAurelio:
[mediawiki/extensions/WikimediaMessages@master] Locally override Centralauth-error-locked

https://gerrit.wikimedia.org/r/413248

Aklapper added a project: Voice & Tone.May 24 2021, 9:37 PM
Pppery edited projects, added Patch-Needs-Improvement; removed Patch-For-Review.Apr 1 2023, 8:14 PM
taavi merged a task: T62607: Add lock reason (from log) or [[Special:CentralAuth/$1]] ($1=username) link to 'centralauth-login-error-locked' message..Jul 23 2023, 5:03 PM
taavi added subscribers: admin, Pedrowenbre, Estherbrien and 4 others.
Bugreporter added a comment.EditedJul 23 2023, 11:32 PM

Note there are two MediaWiki message.

  1. MediaWiki:Centralauth-login-error-locked is displayed when someone tries to login a locked account. The message is overrided in WMF production in T216347: Changing globally locked message across Wikimedia wikis: see https://en.wikipedia.org/wiki/MediaWiki:Centralauth-login-error-locked for the message and you can also reproduce the message by trying to log in using username "test" and arbitrary password.
  2. MediaWiki:Centralauth-error-locked if someone tries to do some specific non-login action via a locked account. I am not sure what can be done using an account without login. This message is not overrided in WMF production.

Neither of messages provides a field to display performer or lock reason.

Bugreporter mentioned this in T17294: Allow blocking of global accounts.Sep 23 2023, 2:48 PM
Base subscribed.Dec 30 2023, 1:54 AM

I am confused, locked accounts cannot login, how can they try to edit as that account? The only action that they can try to attempt other than login that I can think of is probably to reset their password (and I am not sure if that is allowed and whether it should be allowed). Is there something else? Perhaps someone can tell more from actually reading the code.

Bugreporter moved this task from Backlog to Global account management (lock/hide/suppress) on the MediaWiki-extensions-CentralAuth board.Jan 17 2024, 12:58 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL