No reliable way to detect when an API edit is disallowed by the abuse filter
Closed, ResolvedPublic

Description

I set up an abuse filter on testwiki that warns the user with the MediaWiki message "snorkel-abuse" and also disallows the action. When triggering this filter using the API (action=edit) I get this:

<?xml version="1.0"?><api><edit code="snorkel-abuse" info="Hit AbuseFilter: TTO&#039;s test filter" warning="Don&#039;t create snorkel pages" result="Failure" /></api>

The only way to test for AbuseFilter being hit appears to be to check whether the "info" parameter starts with the string "Hit AbuseFilter". This seems a bit hackish.

The spam blacklist manages to do better than this, providing its own spamblacklist attribute on the <edit> element. AbuseFilter should be able to do better too.

Details

Reference
bz55460
bzimport raised the priority of this task from to Normal.
bzimport set Reference to bz55460.
bzimport added a subscriber: Unknown Object (MLST).
TTO created this task.Oct 8 2013, 8:45 AM
TTO set Security to None.
TTO removed a subscriber: wikibugs-l-list.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 10 2016, 4:39 AM
Jay8g added a subscriber: Jay8g.Apr 4 2016, 5:15 AM

I solved a similar issue for TitleBlacklist (T115258) a while ago with 97b433286dc086ea5261b1b88736600b5454887f. The same approach should work here.

Krinkle added a subscriber: Krinkle.
Krinkle removed a subscriber: Krinkle.Feb 4 2018, 6:09 PM
matmarex removed a subscriber: matmarex.Apr 5 2018, 5:15 PM
matmarex updated the task description. (Show Details)Apr 5 2018, 5:20 PM
matmarex closed this task as Resolved.Apr 5 2018, 5:24 PM
matmarex claimed this task.

I actually fixed this soon after my last comment in 2016, with patch https://gerrit.wikimedia.org/r/295314 (T137961). You can now check for the abusefilter-disallowed error code (and abusefilter-warning for warnings).

Error message when edit is blocked with AbuseFilter looks like this now:

JSON
{
    "edit": {
        "code": "abusefilter-disallowed",
        "message": {
            "key": "abusefilter-disallowed",
            "params": [
                "Test filter disallow",
                3
            ]
        },
        "abusefilter": {
            "id": 3,
            "description": "Test filter disallow",
            "actions": [
                "disallow"
            ]
        },
        "info": "Hit AbuseFilter: Test filter disallow",
        "warning": "This action has been automatically identified as harmful, and therefore disallowed.\nIf you believe your action was constructive, please inform an administrator of what you were trying to do.\nA brief description of the abuse rule which your action matched is: Test filter disallow",
        "result": "Failure"
    }
}
XML
<?xml version="1.0"?>
<api>
  <edit code="abusefilter-disallowed" info="Hit AbuseFilter: Test filter disallow" warning="This action has been automatically identified as harmful, and therefore disallowed.&#10;If you believe your action was constructive, please inform an administrator of what you were trying to do.&#10;A brief description of the abuse rule which your action matched is: Test filter disallow" result="Failure">
    <message key="abusefilter-disallowed">
      <params>
        <param>Test filter disallow</param>
        <param>3</param>
      </params>
    </message>
    <abusefilter id="3" description="Test filter disallow">
      <actions>
        <_v>disallow</_v>
      </actions>
    </abusefilter>
  </edit>
</api>