Page MenuHomePhabricator
Create Task
Maniphest T31216

Use suppressed-by-default entries in the deletion log instead of suppression log when suprress-deleting pages
Open, MediumPublic
Actions

Assigned To
None
Authored By
Raymond
May 31 2011, 1:31 PM
Tags
Referenced Files
F3279243: pasted_file
Jan 24 2016, 8:02 PM
Subscribers
1234qwer1234qwer4
Aklapper
Bawolff
DerHexer
JEumerus
Krenair
Legoktm
View All 16 Subscribers
Tokens
"Dislike" token, awarded by MGChecker."Dislike" token, awarded by Morten_Haan."Heartbreak" token, awarded by Luke081515."Dislike" token, awarded by MarcoAurelio.

Description

Deletion of a page with "Suppress data from administrators as well as others" (known as oversight) does not create an (hidden) entry in the public deletion log.

If oversight was overdone, the oversighter can remove the oversight bit per revision but still no entry in the public deletion log is visible.

Solution: Create an entry in the deletion log and hide it with the same action. Now it would be possible to unhide the deletion log entry in case of an error.

Version: unspecified
Severity: normal

Details

Reference
bz29216

Related Objects

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 11:35 PM
bzimport added a project: MediaWiki-Revision-deletion.
bzimport set Reference to bz29216.
bzimport added a subscriber: Unknown Object (MLST).
Raymond created this task.May 31 2011, 1:31 PM
Krenair subscribed.Feb 22 2015, 5:37 AM

So instead of having a suppression log, you propose putting everything into the deletion log as suppressed entries?

DerHexer subscribed.Apr 4 2015, 12:00 AM
Krenair renamed this task from Deletion of a page with "Suppress data from administrators as well as others" does not create an entry in the deletion log to Kill suppression log, move to using suppressed-by-default entries in the deletion log..Apr 4 2015, 1:01 AM
Krenair set Security to None.
Krenair removed a subscriber: Unknown Object (MLST).
Nemo_bis subscribed.Apr 26 2015, 5:50 PM

Does this relate to T19053?

Krenair added a comment.Sep 21 2015, 9:28 PM

I don't think so.

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 21 2015, 9:28 PM
Legoktm added a project: Stewards-and-global-tools.Oct 27 2015, 4:58 PM
Trijnstel added a comment.Dec 18 2015, 2:43 PM

I don't see the need for this proposed change. It can only confuse people and there is no reason why non-oversighters should see that an oversighter did something. I propose to decline this request.

Krenair added a comment.Dec 18 2015, 5:27 PM

I'd prefer to do it both in terms of transparency (showing that there is oversighter activity going on is not private in itself) and also to get rid of one or two annoying special cases in the code for that particular log. I'm not going to decline it.

Trijnstel added a comment.Dec 21 2015, 12:16 AM

"and also to get rid of one or two annoying special cases in the code for that particular log" - what do you mean? The fact we have a suppression log is good, imho. I mean, where else should you put suppression actions without having others access to it? Is this only about a suppression where one deletes+suppress a page at the same time?

Krenair added a comment.Dec 22 2015, 5:40 PM

IIRC there's a couple of cases where we have to check for that log specifically, and this isn't really extendable to other logs.

In T31216#1894107, @Trijnstel wrote:

The fact we have a suppression log is good, imho. I mean, where else should you put suppression actions without having others access to it?

In the deletion log with auto-suppression of the log entry itself controlling access to the private parts of the entries. In practice this might make the log more difficult to read and audit though.

In T31216#1894107, @Trijnstel wrote:

Is this only about a suppression where one deletes+suppress a page at the same time?

Don't think so.

MarcoAurelio subscribed.Jan 24 2016, 2:47 PM

I am not sure if I agree with this change. Create a (log action removed) log entry in the deletion log looks useless for me. If we, for example, delete a page with suppression and we later notice that the OS was a mistake, a page restoring would fix it. The log will be viewable by OS.

Restricted Application added a subscriber: JEumerus. · View Herald TranscriptJan 24 2016, 2:47 PM
MarcoAurelio awarded a token.Jan 24 2016, 2:48 PM
lfaraone subscribed.Jan 24 2016, 8:02 PM

There're also usability concerns — we'd need to make it non-annoying for Oversighters to view the log of recent suppressions.

E.g. here's what a suppressed deletion log entry looks like for me as an Oversighter on testwiki:

pasted_file (319×904 px, 60 KB)

So to view that log entry, I need to check the box next to it, then "Change visibility of selected revisions".

We could just show suppressed log entries to oversighters without any action on their part. But in general, we only show suppressed information to oversighters after they've taken explicit action to do so; this makes it harder for them to accidentally disclose sensitive content to e.g. a non-oversighter who's over-shoulder.

Luke081515 awarded a token.Jan 24 2016, 9:06 PM
Luke081515 subscribed.
Morten_Haan awarded a token.Jan 24 2016, 9:08 PM
MGChecker awarded a token.Jan 24 2016, 9:09 PM
MGChecker subscribed.
MarcoAurelio mentioned this in T47064: Create block log entries on HideUser blocks.Jan 24 2016, 9:47 PM
MarcoAurelio removed a parent task: T43492: [DO NOT USE] Steward, global sysop and SWMT tasks bugs (tracking) [superseded by #Stewards-and-global-tools].Jan 11 2017, 11:39 PM
Matanya moved this task from Untriaged to Low priority on the Stewards-and-global-tools board.Apr 19 2017, 8:24 PM
Thryduulf subscribed.Oct 15 2018, 12:14 PM
Meno25 unsubscribed.Nov 23 2018, 7:35 AM
1234qwer1234qwer4 renamed this task from Kill suppression log, move to using suppressed-by-default entries in the deletion log. to Use suppressed-by-default entries in the deletion log instead of suppression log when suprress-deleting pages.Nov 2 2022, 3:21 PM
1234qwer1234qwer4 subscribed.Nov 2 2022, 3:23 PM
In T31216#1898651, @Krenair wrote:
In T31216#1894107, @Trijnstel wrote:

Is this only about a suppression where one deletes+suppress a page at the same time?

Don't think so.

Actually the task description clearly states

Deletion of a page with "Suppress data from administrators as well as others"

and describes a relevant problem. I've retitled the task to reflect that more clearly, though. (No opinion on the proposal itself.)

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL