Page MenuHomePhabricator
Create Task
Maniphest T70312

OAuth: Grant "High-volume editing" is confusing (does not provide "edit" right)
Closed, ResolvedPublic
Actions

Description

When an app asked for an authentication via Wikipedia for "High-volume editing" the first response is shock. Why would this supposedly read-only tool be needing this?

I assume the grant is for generic "bot". In this case for "noratelimit" and "apihighlimits". But please don't call it editing because it is incorrect (rate limit applies to edits, but also other non-edit actions; and apihighlimits only applies to queries, not edits), and simply wrong (this grant does not provide the "edit" right at all).

Details

Reference
bz68312
SubjectRepoBranchLines +/-
Clarify wording for high-volume grantsmediawiki/coremaster+5 -3
Clarify wording for high-volume grantsmediawiki/extensions/OAuthmaster+0 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to High.Nov 22 2014, 3:34 AM
bzimport added a project: MediaWiki-extensions-OAuth.
bzimport set Reference to bz68312.
bzimport added a subscriber: Unknown Object (MLST).
Krinkle created this task.Jul 21 2014, 6:37 AM
bd808 mentioned this in T75062: OAuth permission screen needs redesign for better usability and comprehension.Mar 6 2015, 2:47 AM
bd808 added a parent task: T75062: OAuth permission screen needs redesign for better usability and comprehension.
bd808 moved this task from Backlog to UI/UX on the MediaWiki-extensions-OAuth board.Mar 6 2015, 10:13 PM
Deskana closed this task as a duplicate of T91825: Improve text of OAuth authorization dialog.Mar 6 2015, 10:19 PM
bd808 moved this task from UI/UX to Archive on the MediaWiki-extensions-OAuth board.Mar 6 2015, 10:24 PM
Tgr reopened this task as Open.Jun 29 2015, 11:21 PM
Tgr lowered the priority of this task from High to Low.
Tgr updated the task description. (Show Details)
Tgr set Security to None.
Ricordisamoa subscribed.Jun 29 2015, 11:23 PM
Tgr subscribed.Jun 29 2015, 11:29 PM

The highvolume grant is bot + apihighlimits + noratelimit + markbotedits. Certain rights implying the application intends to do something that it actually does not is a problem in general, e.g. T94478 or T64298. But in that case it could indeed be avoided by improving the wording.

Tgr added a parent task: T91825: Improve text of OAuth authorization dialog.Jun 29 2015, 11:30 PM
Tgr removed a parent task: T75062: OAuth permission screen needs redesign for better usability and comprehension.Jun 29 2015, 11:48 PM
Tgr added a comment.Aug 25 2015, 9:51 PM

See T110249 for fixing the fundamental problem (no way to set noratelimits if the user does not have the right).

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 25 2015, 9:51 PM
jayvdb subscribed.Oct 7 2015, 5:02 AM
Danmichaelo subscribed.Jul 20 2016, 10:20 PM
Tgr added a parent task: T151516: Improve OAuth grant messages.Nov 24 2016, 4:32 AM
Tgr removed a parent task: T91825: Improve text of OAuth authorization dialog.Nov 24 2016, 4:36 AM
Krinkle awarded a token.Nov 24 2016, 9:26 PM
Krinkle unsubscribed.
Tgr moved this task from Archive to UI/UX on the MediaWiki-extensions-OAuth board.Mar 7 2017, 4:08 AM
Tgr added a project: Voice & Tone.Mar 7 2017, 5:07 AM
Aklapper removed subscribers: Anomie, wikibugs-l-list.Oct 16 2020, 5:03 PM
ExE-Boss subscribed.Jul 18 2021, 6:28 AM
Frostly claimed this task.May 16 2022, 8:50 AM
Frostly raised the priority of this task from Low to High.
Frostly added a project: User-Frostly.
Frostly subscribed.
In T70312#1573425, @Tgr wrote:

See T110249 for fixing the fundamental problem (no way to set noratelimits if the user does not have the right).

This is important as well, but I think a rename here is good too (the above would reduce the fraction of users that get this message, but for those who do, they still receive a unhelpful one).

gerritbot added a comment.May 16 2022, 8:51 AM

Change 791739 had a related patch set uploaded (by EpicPupper; author: EpicPupper):

[mediawiki/extensions/OAuth@master] Clarify wording for high-volume grants

https://gerrit.wikimedia.org/r/791739

gerritbot added a project: Patch-For-Review.May 16 2022, 8:51 AM
gerritbot added a comment.May 16 2022, 8:53 AM

Change 791739 abandoned by EpicPupper:

[mediawiki/extensions/OAuth@master] Clarify wording for high-volume grants

Reason:

Wrong repo; the message is in core

https://gerrit.wikimedia.org/r/791739

gerritbot added a comment.May 16 2022, 8:54 AM

Change 791740 had a related patch set uploaded (by EpicPupper; author: EpicPupper):

[mediawiki/core@master] Clarify wording for high-volume grants

https://gerrit.wikimedia.org/r/791740

Frostly moved this task from Backlog to For review on the User-Frostly board.May 16 2022, 8:56 AM
Legoktm subscribed.Jun 13 2022, 4:05 AM

Maybe we can put bot in parentheticals, since many wiki users would be looking for that specifically? e.g. "High-volume (bot) access".

Frostly added a comment.Jul 17 2022, 9:04 PM

Added parentheticals and fixed attribution.

gerritbot added a comment.Jan 13 2023, 4:49 AM

Change 791740 merged by jenkins-bot:

[mediawiki/core@master] Clarify wording for high-volume grants

https://gerrit.wikimedia.org/r/791740

ReleaseTaggerBot added a project: MW-1.40-notes (1.40.0-wmf.19; 2023-01-16).Jan 13 2023, 5:00 AM
Maintenance_bot removed a project: Patch-For-Review.Jan 13 2023, 5:30 AM
Frostly closed this task as Resolved.Jan 13 2023, 6:17 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits