This is unfortunately by necessity a breaking change to the soon-to-
be-removed mBlockreason from string to CommentStoreComment. Oh well.
Change-Id: Iac918def95fb0600f2d805d2d95732b280d8fd81
Temporary users are blocked if their IP address is listed in
$wgDnsBlacklistUrls or $wgSoftBlockRanges.
Bug: T343704
Change-Id: Ia3383bd10c3c6c35c586550b68f4af5f4659e815
Rate limits will automatically be checked by definitelyCan(),
authorizeRead() and authorizeWrite(). The authorize methods also
increment the counter.
UserAuthority tracks which limits have already been incremented during
the current request, to avoid duplicate increments caused by code that
still calls pingLimiter directly.
DEPLOY: Risky! We SHOULD not hit rate limits more often, but we might.
Rate limit metrics should be monitored closely, see
<https://grafana.wikimedia.org/d/8oA6CWr4z/mw-rate-limiting-overview>.
Bug: T310476
Depends-On: Iebd62b0487af9172edaeae41c9b31aaf2f20fd06
Change-Id: Ic349f03b7040343815b60b0a2c84a5780326c797
Replace all core calls to User::getQueryInfo() with an equivalent
SelectQueryBuilder.
Bug: T311866
Change-Id: Ib249a9d9098b1c09907a90607206edd8331bad3d
UserTest::testUserId() was failing when run alone, because getId() was
always fetched from the database following setId(), and the test does
not write it to the database.
It passed when run with other tests since more than 7 users were present
in the database since the last truncate. Adding 'user' to tablesUsed
makes the failure reproducible.
It makes sense for setId() to mark 'id' as loaded, by analogy with
UserFactory::newFromId(). The test failure seems valid.
Fixing it in clearInstanceCache() instead of setId() seems correct to
me. There are only two callers of clearInstanceCache() with
$reloadFrom set to a field name in core and WMF deployed extensions.
So, when clearInstanceCache() is called with the name of a field to
reload from, mark that field as already loaded.
Depends-On: Iabe011bf796016b357ab2a317b810bea2568a9f5
Change-Id: Ibbf753d318a376c7c5819930dd5669d0e44eda30
Just methods where adding "static" to the declaration was enough, I
didn't do anything with providers that used $this.
Initially by search and replace. There were many mistakes which I
found mostly by running the PHPStorm inspection which searches for
$this usage in a static method. Later I used the PHPStorm "make static"
action which avoids the more obvious mistakes.
Bug: T332865
Change-Id: I47ed6692945607dfa5c139d42edbd934fa4f3a36
Notable changes:
* In SqlBagOStuff::getConnectionFromServerInfo, only two loggers were
injected. The rest implicitly got a NullLogger due to being absent.
These are now effectively unsilenced.
* Database::__construct() required almost all parameters, even the
loggers. I've wanted to move some of DatabaseFactory into the ctor
here for a while. In order to make this change not a breaking
change, the new 'logger' parameter is optional with NullLogger as
default. This allowed some of the test cases, which were simply
passing NullLogger, to be fixed by passing nothing instead of
passing the new option name.
The Database class is behind a dozen layers of indirection for
real use, so this will still be injected just fine (DBF, LB, LBF,
MWLBF, etc.).
* In LegacyLogger, the handling for $wgDBerrorLog was previously
limited to DBConnection and DBQuery. This now includes errors
from other (generally, newer) parts of Rdbms as well, which were
previously missing.
This only affects sites (typically CI and dev setup) where
$wgDBerrorLog is used, as opposed to the more common
$wgDebugLogGroups by-channel configuration.
* TransactionProfiler gets its logger injected in a rather odd way,
via entrypoints (MediaWiki.php, ApiMain.php, and MaintenanceRunner)
as opposed to service wiring. This is kept as-is for now.
* In LBFactoryTest, in particular testInvalidSelectDBIndependent2,
there are cases that intentionally produce failures of which
the result is then observed. In CI we assert that dberror.log is
empty so instead of adding the missing logger fields to that
LBFactory instance, the only one set (replLogger) is removed.
The alternative is to set 'logger' now, which would naturally
cause CI failures due to unexpected entries coming through to
non-mocked error log.
Bug: T320873
Change-Id: I7ca996618e41b93f488cb5c4de82000bb36e0dd3
The following User methods, deprecated in 1.38, have been removed:
* ::blockedBy
* ::getBlockId
Bug: T277511
Change-Id: I00e2fec4ababa3f9c12dee34c3d922d18e1c78d7
Move the User::isRegistered call into the function to let all callers
benefit from that check. This is more than an error check, it also is
business logic representing the effective default for unregistered users
which is non-obvious and benefits from being written down as part of
a central contract.
Update tests as the user must exists on the database to have
preferences.
Change-Id: Ibacdd642d03031d9659a821045788046f0187518
Add services and utilities for automatic creation of temporary user
accounts on page save, in order to avoid exposing the user's IP
address.
* Add $wgAutoCreateTempUser, for configuring the system
* Add TempUserConfig service, which interprets the config.
* Add TempUserCreator service, which creates users during page save as
requested by EditPage. With proxy methods to TempUserConfig for
convenience.
* Add table user_autocreate_serial. Table creation is necessary before
the feature is enabled but is not necessary before deployment of this
commit.
Bug: T300263
Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
This ensures that assertions work in a uniform way,
and provides meaningful messages in cause of failure.
Change-Id: Ic01715b9a55444d3df6b5d4097e78cb8ac082b3e
It seems some tests are fixed in the meantime without removing the
skipped part for this.
Bug: T195807
Follow-Up: I58261dd70eea3581803987a4a7739c7d55558f42
Change-Id: Ie883b7056cdd0cb6bec81c2f7e4ed54177b4ecb2
The following User methods, deprecated in 1.36, have been removed:
- ::isLoggedIn,
- ::getFirstEditTimestamp,
- ::getLatestEditTimestamp
Bug: T277511
Change-Id: I338ee9313e08bda8b22b683281dad3b0e616fd18
The following User methods, deprecated in 1.35, have been removed:
- ::isIP,
- ::isIPRange,
- ::isValidUserName,
- ::isUsableName,
- ::isCreatableName,
- ::getCanonicalName,
- ::addAutopromoteOnceGroups,
- ::getDefaultOptions,
- ::getDefaultOption,
- ::getOptions,
- ::getBoolOption,
- ::getIntOption,
- ::setOption
- ::listOptionKinds
- ::getOptionKinds,
- ::resetOptions,
- ::getEffectiveGroups,
- ::getAutomaticGroups,
- ::getFormerGroups
User::GETOPTIONS_EXCLUDE_DEFAULTS has been removed, since it is used only in the description of User::getOptions.
Bug: T277511
Depends-On: Ida05c22f81b30d9b46678e8ede3d531c38855d83
Change-Id: I72bbc2336f8ddbc66ce67226cd2d5baaa2f807d8
The following User methods, deprecated in 1.37, have been removed:
- ::resetIdByNameCache,
- ::getStubThreshold,
- ::matchEditTokenNoSuffix,
- ::changeableByGroup
- ::changeableGroups,
- ::isAllowUsertalk
ActorStore::clearCaches() has been removed, since User::resetIdByNameCache
has been removed. User::$mAllowUsertalk has been removed, since
User::isAllowUsertalk has been removed.
Bug: T277511
Change-Id: I608a5277924fc50cc3d9fca6ba958bc6d9c321d0
Flow hooks into ContribsPager, causing formatRow() to be called with
FormatterRow objects instead of stdClass objects. formatRow() is
expected to silently decline to format such objects, leaving formatting
up to a subsequent hook.
Instead of calling newRevisionFromRow with all warnings suppressed and
all exceptions caught, provide isRevisionRow() which determines whether
the row is valid. Thus, unexpected exceptions will be visible and the
code does not depend on details of how newRevisionFromRow() validates
its arguments.
Bug: T288563
Change-Id: Id0316886d770cd905897d515b3eb658a5875bd80
