Page MenuHomePhabricator
Create Task
Maniphest T48557

[TUX] Can insert in translation editor from translation helper without translator rights
Closed, ResolvedPublic
Actions

Description

As a user without translator rights, it is possible to insert text from the translation helpers, even though the translation editor text area is read-only.

Steps to reproduce:

  1. Go to https://translatewiki.net/w/i.php?title=Special:Translate&group=ext-translate-0-all&language=fy&filter=!translated&action=translate as anonymous user
  2. Click a simple message

Observed:

  • Translation editor opens
  • Messaging is "You need permission to translate messages."
  • Textarea is read-only.

Continued steps:

  1. In the translation helper area, click "Use as translation" below "Beheer" (or whatever is suggested)

Observed:

  • String is inserted in editor, which remains read-only.

Expected:

  • Nothing should happen (or something else, but at least no string insertion in the editor).

Solutions

  • One way to fix this would be to update suggestionAdder in ext.translate.editor.helpers.js to check whether the textarea is readonly.
  • Add cursor: not-allowed for the section displaying Use as translation to avoid giving the user an impression that these are clickable.

Screenshot

image.png (625×1 px, 110 KB)

Details

Reference
bz46557
SubjectRepoBranchLines +/-
Disable translation helper for user without rightsmediawiki/extensions/Translatemaster+10 -1
Customize query in gerrit

Event Timeline

bzimport raised the priority of this task from to Low.Nov 22 2014, 1:18 AM
bzimport added a project: MediaWiki-extensions-Translate.
bzimport set Reference to bz46557.
bzimport added a subscriber: Unknown Object (MLST).
siebrand created this task.Mar 26 2013, 7:45 AM
Aklapper added a comment.Jun 19 2014, 1:05 PM

Going to the URL above without being logged in, I get
"The indicated group does not exist. Select a different message group."

Any other URL where this problem can be tested?

siebrand added a comment.Jun 19 2014, 1:48 PM

I've updated the URL. The first string "Translate" can be used for step 2.

Nikerabbit moved this task from Backlog to tux on the MediaWiki-extensions-Translate board.Jan 28 2015, 5:38 PM
Nikerabbit added a project: good first task.Dec 8 2020, 8:50 AM
Nikerabbit updated the task description. (Show Details)
Nikerabbit removed a subscriber: wikibugs-l-list.
abi_ updated the task description. (Show Details)Feb 15 2022, 8:27 AM
Wangombe changed the task status from Open to In Progress.Feb 15 2022, 10:58 AM
Wangombe claimed this task.
Wangombe added a project: Language-Team (Language-2022-January-March).
abi_ moved this task from Quarter Backlog to In Progress on the Language-Team (Language-2022-January-March) board.Feb 15 2022, 6:10 PM
gerritbot added a comment.Feb 21 2022, 8:39 AM

Change 764301 had a related patch set uploaded (by Wangombe; author: Wangombe):

[mediawiki/extensions/Translate@master] Disable translation helper for user without rights

https://gerrit.wikimedia.org/r/764301

gerritbot added a project: Patch-For-Review.Feb 21 2022, 8:39 AM
Wangombe moved this task from In Progress to In Review on the Language-Team (Language-2022-January-March) board.Feb 21 2022, 8:53 AM

One can no longer insert a translate suggestion into the translation editor without translator rights. I have added

cursor: not-allowed

when a user attempts to click on a translation suggestion to give a cue that the action is not possible/allowed without logging in

gerritbot added a comment.Feb 22 2022, 12:44 PM

Change 764301 merged by jenkins-bot:

[mediawiki/extensions/Translate@master] Disable translation helper for user without rights

https://gerrit.wikimedia.org/r/764301

ReleaseTaggerBot added a project: MW-1.38-notes (1.38.0-wmf.24; 2022-02-28).Feb 22 2022, 1:00 PM
Maintenance_bot removed a project: Patch-For-Review.Feb 22 2022, 1:10 PM
Nikerabbit moved this task from In Review to Recheck after deployment on the Language-Team (Language-2022-January-March) board.Mar 2 2022, 10:53 AM
Wangombe closed this task as Resolved.Mar 3 2022, 3:14 AM
Wangombe moved this task from Recheck after deployment to Done on the Language-Team (Language-2022-January-March) board.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits