Page MenuHomePhabricator
Create Task
Maniphest T59073

Identity reverts and PendingChanges rejection
Closed, ResolvedPublic
Actions

Description

Author: westand

Description:
This follows from discussion at: https://en.wikipedia.org/wiki/Wikipedia_talk:STiki#Pending_changes_and_STiki

Assume an article is under pending changes protection. An IP user then makes a vandalism edit. If another user with 'reviewer' permissions issues a rollback command via the API, then all the PendingChanges annotation seems to occur properly, as the editor auto-accepts his own version.

It doesn't work this way if the edit is reverted without using rollback. For example in Huggle, STiki, and other tools we simulate rollback in software for: (1) those that don't have the native permission, and (2) when doing "good faith reverts/rollbacks" that should not be marked as "minor". In these cases, a reviewer can revert a pending changes revision, but their change is not auto-accepted, and they sit in the review queue.

This speaks to the larger issue that PendingChanges works well in the browser where there is a well-defined workflow, but it can be a bit challenging to integrate with existing anti-damage tools via the API. (See also some concern about "multi-user pending changes chains" in the above link).

How this should be resolved is an open question. Could a parameter be passed at edit time to force acceptance? Could the software better recognize identity reverts and treat them consistent with rollbacks?

Version: unspecified
Severity: normal

Details

Reference
bz57073

Related Objects

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 2:41 AM
bzimport added a project: MediaWiki-extensions-FlaggedRevs.
bzimport set Reference to bz57073.
bzimport created this task.Nov 14 2013, 8:09 PM
aaron added a comment.Nov 14 2013, 8:31 PM

Reverts of the last X edits can all be detected using the rev_sha1 column instead of relying on the old baseRevId params so much (which bots usually don't supply unlike people in browsers). It seems like improvements could be made then.

Platonides added a comment.Nov 14 2013, 8:33 PM

If it's just a matter of providing baseRevId, the tools can be changed to give them.

aaron added a comment.Nov 14 2013, 8:34 PM

(In reply to comment #2)

If it's just a matter of providing baseRevId, the tools can be changed to
give
them.

This too, since rev_sha1 cannot handle anything beyond straightforward reverts with no other changes.

gerritbot added a comment.Jan 10 2014, 5:51 PM

Change 106737 had a related patch set uploaded by Jackmcbarn:
Autoaccept reverts to the last stable revision

https://gerrit.wikimedia.org/r/106737

gerritbot added a comment.Jan 10 2014, 6:38 PM

Change 106737 merged by Aaron Schulz:
Autoaccept reverts to the last stable revision

https://gerrit.wikimedia.org/r/106737

Cenarium mentioned this in T89616: Autoreview of reverts should be separable from autoreview of edits.Feb 15 2015, 8:16 PM
Cenarium mentioned this in T133442: Auto-accept pending revision when user self-reverts to reviewed version.Dec 29 2016, 2:27 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL