Change Details

Quoting the "Things to note (not part of this task)" section of {T264150} (emphasis my own): > * **T&S/Legal reserve the right to revoke a user’s access permissions in case of abuse** > * If a user’s permission is revoked by us, they should not be able to activate it again > * Legal would like us to capture who had access to IP Info at any given time in case an incident occurs > * **There is a possibility that users might need to regain access periodically (TBD)** > * **There is a possibility that the wording on the agreement might change, based on Legal review.** In the interest of keeping the #ip_info MVP simple, we should create a maintenance script to satisfy the emphasised requirements above. === AC * When I run `php /path/to/mediawiki/extensions/IPInfo/maintenance/revokeUserAccess.php --target=... --actor=...` then the user's access to the tool is revoked and the action is logged. * The user is not allowed to activate the feature again.

==== Background Quoting {T292755}: > From {T264150} only: > * T&S/Legal reserve the right to revoke a user’s access permissions in case of abuse > * If a user’s permission is revoked by us, they should not be able to activate it again > * There is a possibility that users might need to regain access periodically **(TBD)** > While estimating {T291854}, we also discussed: > * The user's access should be revoked across all wikis In the interest of keeping the #ip_info MVP simple, we should create a maintenance script to satisfy the emphasised requirements above. === AC Running `php /path/to/mediawiki/extensions/IPInfo/maintenance/revokeUserAccess.php --target=... --actor=...` [] Revokes the user's access to the tool [] Logs the action to the ipinfo log [] The user is not allowed to activate the feature again ==== Notes 1. Revoking the user's access to the tool is equivalent to adding the user to the group created in {T296085} 2. You can programatically add a user to a group using `\MediaWiki\User\UserGroupManager::addUserToGroup`

Quoting the "Things to note (not part of this task)" section of {T264150} (emphasis my own):==== Background > * **Quoting {T292755}: > From {T264150} only: > * T&S/Legal reserve the right to revoke a user’s access permissions in case of abuse** > * If a user’s permission is revoked by us, they should not be able to activate it again > * Legal would like us to capture who had access to IP Info at any given time in case an incident occurs* There is a possibility that users might need to regain access periodically **(TBD)** > * **There is a possibility that users might need to regain access periodically (TBD)**While estimating {T291854}, we also discussed: > * **There is a possibility that the wording on the agreement might change, based on Legal review.*** The user's access should be revoked across all wikis In the interest of keeping the #ip_info MVP simple, we should create a maintenance script to satisfy the emphasised requirements above. === AC * When I runRunning `php /path/to/mediawiki/extensions/IPInfo/maintenance/revokeUserAccess.php --target=... --actor=...` `php /path/to/mediawiki/extensions/IPInfo/maintenance/revokeUserAccess.php --target=... --actor=...`[] Revokes the user's access to the tool [] Logs the action to the ipinfo log [] The user is not allowed to activate the feature again then the user's access to the tool is revoked and the action is logged.==== Notes * The user is not allowed to activate the feature again.1. Revoking the user's access to the tool is equivalent to adding the user to the group created in {T296085} 2. You can programatically add a user to a group using `\MediaWiki\User\UserGroupManager::addUserToGroup`