Page MenuHomePhabricator
Create Task
Maniphest T375086

Bring IP Info access permissions to parity with the IP Reveal feature
Open, In Progress, Needs TriagePublic
Actions

Description

Motivation

IP Info presently has two access levels:

  1. View-basic: Limited data access. Available to auto confirmed users and above.
  2. View-full: Complete data access. Available to admins and above.

This access permission structure was created when we did not have a notion of how the IP Reveal feature might work in the future.

Now we have an access policy for granting patrollers on a project access to IP addresses to combat vandalism. This group consists of users whose:

  • User account is a minimum of 6 months old
  • User account has made a minimum of 300 edits to the local project

It makes sense for this group of users to have access to IP Info view-full right so that they can access information that is useful to their patrolling workflows before they need to reveal the IP address itself.

Users who do not meet the above access policy are likely not patrollers and probably do not need IP-address related information for their work.

Proposed plan

With the above factors in mind, I propose we:

  • Remove ipinfo-view-basic right entirely and have just one access level ipinfo-view-full for the sake of simplicity
  • Allow anyone who meets the access policy for revealing IP addresses to be able to opt-in to viewing IP Info

Note: There is an open question about how would global opt-in for IP Info work. Let's tackle that in T298977: Investigate setting IPInfo user preferences as Global Preferences.

Details

SubjectRepoBranchLines +/-
Unify IPInfo access levelsmediawiki/extensions/IPInfomaster+106 -396
Unify IPInfo access levelsoperations/mediawiki-configmaster+24 -14
Customize query in gerrit

Related Objects
Search...

Event Timeline

Niharika created this task.Sep 18 2024, 2:39 PM
Niharika updated the task description. (Show Details)Sep 19 2024, 2:32 AM
kostajh added a project: Trust and Safety Product Sprint.Sep 25 2024, 2:44 PM
kostajh edited projects, added Trust and Safety Product Sprint (Sprint Beatboxing (Sept 16-27)), Temporary accounts (Blockers to minor pilot wiki deployment); removed Trust and Safety Product Sprint.Sep 26 2024, 10:19 AM
Niharika mentioned this in T356660: Unset IPInfo as a BetaFeature and make available by default.Sep 26 2024, 10:27 AM
sgrabarczuk subscribed.Sep 29 2024, 11:05 PM
mszabo changed the task status from Open to In Progress.Oct 7 2024, 2:12 PM
mszabo claimed this task.
mszabo moved this task from Priority Backlog to In Progress on the Trust and Safety Product Sprint (Sprint Beatboxing (Sept 16-27)) board.
mszabo edited projects, added Trust and Safety Product Sprint (Sprint Cello (Oct 7 - 18)); removed Trust and Safety Product Sprint (Sprint Beatboxing (Sept 16-27)).Oct 8 2024, 10:05 AM
mszabo moved this task from Priority Backlog to In Progress on the Trust and Safety Product Sprint (Sprint Cello (Oct 7 - 18)) board.
kostajh edited projects, added Trust and Safety Product Sprint (Sprint Accordion October 28 - November 15); removed Trust and Safety Product Sprint (Sprint Cello (Oct 7 - 18)).Oct 8 2024, 10:43 AM
mszabo edited projects, added Trust and Safety Product Sprint (Sprint Cello (Oct 7 - 18)); removed Trust and Safety Product Sprint (Sprint Accordion October 28 - November 15).Oct 8 2024, 12:48 PM
Niharika added a comment.Oct 10 2024, 5:15 PM

@mszabo Legal wants us to update the access policy for IP Info before the changes in this task go live. I'm going to work with them to update the policy but it may take some time. In the meantime feel free to keep working on this task but hold off on merging any changes into master.

Sidishandsome subscribed.Oct 11 2024, 1:50 PM
kostajh moved this task from Backlog to In progress on the Temporary accounts (Blockers to minor pilot wiki deployment) board.Oct 15 2024, 8:27 AM
kostajh subscribed.Oct 15 2024, 8:32 AM
In T375086#10218765, @Niharika wrote:

@mszabo Legal wants us to update the access policy for IP Info before the changes in this task go live. I'm going to work with them to update the policy but it may take some time. In the meantime feel free to keep working on this task but hold off on merging any changes into master.

@Niharika this task is marked as a blocker to minor pilot wikis, so ideally we are merging code before October 21. Are we able to merge changes?

kostajh edited projects, added Temporary accounts; removed Temporary accounts (Blockers to minor pilot wiki deployment).Oct 15 2024, 10:27 AM

We need some more time to finalize the access policy and proposed changes.

gerritbot added a comment.Oct 17 2024, 2:24 PM

Change #1081176 had a related patch set uploaded (by Máté Szabó; author: Máté Szabó):

[mediawiki/extensions/IPInfo@master] Unify IPInfo access levels

https://gerrit.wikimedia.org/r/1081176

gerritbot added a project: Patch-For-Review.Oct 17 2024, 2:24 PM
mszabo moved this task from In Progress to Needs review on the Trust and Safety Product Sprint (Sprint Cello (Oct 7 - 18)) board.Oct 17 2024, 9:03 PM
gerritbot added a comment.Oct 18 2024, 8:33 AM

Change #1081370 had a related patch set uploaded (by Máté Szabó; author: Máté Szabó):

[operations/mediawiki-config@master] Unify IPInfo access levels

https://gerrit.wikimedia.org/r/1081370

Niharika mentioned this in T373818: Guidance for discovery of IP Reveal feature.Oct 18 2024, 9:42 AM
Tchanders moved this task from Inbox to In progress on the Temporary accounts board.Oct 21 2024, 9:38 AM
Johannnes89 subscribed.Oct 21 2024, 5:58 PM
SCP-2000 subscribed.Sat, Oct 26, 1:06 AM
kostajh edited projects, added Trust and Safety Product Sprint (Sprint Accordion October 28 - November 15); removed Trust and Safety Product Sprint (Sprint Cello (Oct 7 - 18)).Mon, Oct 28, 11:04 AM
kostajh moved this task from Priority Backlog to Needs review on the Trust and Safety Product Sprint (Sprint Accordion October 28 - November 15) board.
kostajh changed the task status from In Progress to Stalled.Wed, Oct 30, 12:20 PM

Pending Legal review / approval.

Niharika changed the task status from Stalled to In Progress.Mon, Nov 4, 6:43 PM

We have now been unblocked by Legal with the relevant policy change being updated: https://foundation.wikimedia.org/wiki/Legal:IP_Information_tool_guidelines

mszabo added a comment.Mon, Nov 4, 9:03 PM

QA Notes

  • Verify that an user group with just the ipinfo right assigned has full access to the IP information tool, after accepting the data use agreement.
  • Verify that IP info access log entries in this setup are logged as full access, whereas historical entries logged before this change continue to differentiate between full and limited access.
kostajh mentioned this in T355393: Provide fallbacks when source is missing data.Fri, Nov 8, 3:41 PM
kostajh mentioned this in T355392: Confirm and update what information IPInfo users should be able to see.
Tchanders edited projects, added Trust and Safety Product Sprint (Sprint Gong (November 18 - December 6)); removed Trust and Safety Product Sprint (Sprint Accordion October 28 - November 15).Mon, Nov 18, 11:43 AM
Tchanders moved this task from Priority Backlog to Needs review on the Trust and Safety Product Sprint (Sprint Gong (November 18 - December 6)) board.
Tchanders edited projects, added Temporary accounts (Major pilot wiki deployment); removed Temporary accounts.Wed, Nov 20, 6:39 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits