Page MenuHomePhabricator

Identity reverts and PendingChanges rejection
Closed, ResolvedPublic

Description

Author: westand

Description:
This follows from discussion at: https://en.wikipedia.org/wiki/Wikipedia_talk:STiki#Pending_changes_and_STiki

Assume an article is under pending changes protection. An IP user then makes a vandalism edit. If another user with 'reviewer' permissions issues a rollback command via the API, then all the PendingChanges annotation seems to occur properly, as the editor auto-accepts his own version.

It doesn't work this way if the edit is reverted without using rollback. For example in Huggle, STiki, and other tools we simulate rollback in software for: (1) those that don't have the native permission, and (2) when doing "good faith reverts/rollbacks" that should not be marked as "minor". In these cases, a reviewer can revert a pending changes revision, but their change is not auto-accepted, and they sit in the review queue.

This speaks to the larger issue that PendingChanges works well in the browser where there is a well-defined workflow, but it can be a bit challenging to integrate with existing anti-damage tools via the API. (See also some concern about "multi-user pending changes chains" in the above link).

How this should be resolved is an open question. Could a parameter be passed at edit time to force acceptance? Could the software better recognize identity reverts and treat them consistent with rollbacks?


Version: unspecified
Severity: normal

Details

Reference
bz57073

Event Timeline

bzimport raised the priority of this task from to Normal.Nov 22 2014, 2:41 AM
bzimport set Reference to bz57073.
bzimport created this task.Nov 14 2013, 8:09 PM
aaron added a comment.Nov 14 2013, 8:31 PM

Reverts of the last X edits can all be detected using the rev_sha1 column instead of relying on the old baseRevId params so much (which bots usually don't supply unlike people in browsers). It seems like improvements could be made then.

If it's just a matter of providing baseRevId, the tools can be changed to give them.

aaron added a comment.Nov 14 2013, 8:34 PM

(In reply to comment #2)

If it's just a matter of providing baseRevId, the tools can be changed to
give
them.

This too, since rev_sha1 cannot handle anything beyond straightforward reverts with no other changes.

Change 106737 had a related patch set uploaded by Jackmcbarn:
Autoaccept reverts to the last stable revision

https://gerrit.wikimedia.org/r/106737

Change 106737 merged by Aaron Schulz:
Autoaccept reverts to the last stable revision

https://gerrit.wikimedia.org/r/106737