Page MenuHomePhabricator
Create Task
Maniphest T62616

Annotations from anonymous users can't be edited/deleted
Closed, DeclinedPublic
Actions

Description

Author: gabriel.birke

Description:
Annotations from anonymous users are stored with user id 0. However, the code for updating/deleting annotations checks for user id identity so even logged in users can only edit their own comments. This could result in undeleteable, uneditable offensive comments all over the wiki.

My proposal for this would be new permissions named "updateannotation" and "deleteannotation" assigned to the sysop user by default. These permissions would allow to bypass the "only update/delete your own annotation" restriction.

Version: unspecified
Severity: normal
See Also:
T54156: History for annotations
T56246: Logging for deleted annotations

Details

Reference
bz60616

Related Objects

Event Timeline

bzimport raised the priority of this task from to Low.Nov 22 2014, 2:56 AM
bzimport added a project: MediaWiki-extensions-Annotator.
bzimport set Reference to bz60616.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Jan 30 2014, 11:23 AM
Mattflaschen-WMF added a comment.Jan 31 2014, 5:49 AM

I think this makes sense. It fits the general naming convention (e.g. editusercss vs. editmyusercss).

Related note, until bug 52156 is fixed, there is no history or undeletion (which are quite important on a wiki).

gerritbot added a comment.Feb 3 2014, 10:04 AM

Change 110932 had a related patch set uploaded by Chiborg:
New permissions for update/delete of annotations

https://gerrit.wikimedia.org/r/110932

Liuxinyu970226 mentioned this in T54156: History for annotations.Mar 16 2017, 3:04 PM
Liuxinyu970226 updated the task description. (Show Details)
Liuxinyu970226 mentioned this in T56246: Logging for deleted annotations.
Liuxinyu970226 edited subscribers, added: Aklapper; removed: wikibugs-l-list.
MarcoAurelio closed this task as Declined.Mar 21 2018, 12:47 PM
MarcoAurelio subscribed.

Declining per T189753: Archive the Annotator extension. The extension is no longer maintained and has been archived.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL