Non-NDA users cannot access graphite.wikimedia.org
Open, NormalPublic

Description

Author: metatron

Description:
As in https://www.mediawiki.org/wiki/Wikimedia_Labs/Tool_Labs/Roadmap_en#Overview_of_available_features_in_Tool_Labs

Logs / Statistics

Webserver page view/visit statistics: https://graphite.wikimedia.org/ (requires Labs account) ...

I cannot access though having a labs account and entering credentials as requested by site:

A user name and password are being requested by https://graphite.wikimedia.org. The site says: "WMF Labs (use wiki login name not shell)"


Version: unspecified
Severity: normal
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=60112

Details

Reference
bz54713
bzimport raised the priority of this task from to Normal.
bzimport set Reference to bz54713.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Sep 27 2013, 4:21 PM

Works for me with my labsconsole.wikimedia.org / gerrit.wikimedia.org / wikitech.wikimedia.org account - I can log in.

Does anybody else have this problem?

Works for me, I can get to https://graphite.wikimedia.org/dashboard/ after entering username and password.

<YuviPanda|away> andre: aude IIRC it requires you to be in a specific LDAP group
<YuviPanda|away> that says you are from the wmf
<aude> ok, so then we need the wmde group made
<YuviPanda|away> yeah
<aude> also, ori-l gave me a Icinga link that i cant see
errr ishmael.wikimedia.org
can't see either
<YuviPanda> yeah, tied to the same group
<YuviPanda> andre
: you can search for '[Ops] providing restricted tools to a wider audience ' in the ops list for the last known conversation about this

I'm not in the wmf group too, and can't log in to the site with my labs account.

ori added a comment.Dec 19 2013, 8:18 PM

We'd really like to make this completely public, but our Graphite setup has never had a security review, so we can't do it just yet. As an interim solution, we may be able to expand the access criteria so that they include volunteers that have signed an NDA. But because this is a security consideration, the decision is not mine to make.

Until we get a security review done, giving NDA users access is not a problem. I'll be working on the review in Feb most likely.

csteipp: any update?

I have not been able to get to this yet, sorry.

(In reply to Ori Livneh from comment #5)

As an interim
solution, we may be able to expand the access criteria so that they include
volunteers that have signed an NDA. But because this is a security
consideration, the decision is not mine to make.

This was done in Gerrit change 152928 it seems

So can we mark this as fixed?

Se4598 added a comment.Oct 7 2014, 2:32 PM

(In reply to Alex Monk from comment #10)

So can we mark this as fixed?

No, this bug is about allowing public access, after the necessary security review has been done. Currently only wmf, ops and NDA users have access.

'nda' group = non-WMF staff. I'm changing this bug so it's about allowing public access instead.

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 20 2015, 1:05 AM
csteipp added a subtask: Restricted Task.Aug 20 2015, 4:05 PM
csteipp closed subtask Restricted Task as Resolved.Oct 27 2015, 11:27 PM
Krinkle set Security to None.
Krinkle removed a subscriber: wikibugs-l-list.
Dzahn added a comment.May 25 2016, 6:39 PM

@metatron when looking at T108546 would you consider this ticket a duplicate ?