Lucas_Werkmeister_WMDE added a comment.
Most of the subtasks here are done, but I think there’s still a big open question about the rollout. In T343800 <https://phabricator.wikimedia.org/T343800>, we found that temporary accounts, once created on a wiki with IP Masking enabled, were also “logged in” and available on other wikis via CentralAuth, which worked well for us. But this has changed in the meantime (T342475 <https://phabricator.wikimedia.org/T342475>) – now, you’ll still be an IP on wikis that don’t have temporary accounts enabled. So what happens with cross-wiki edits now? - If IP Masking is enabled on Wikidata but not on a client wiki: Suppose an anonymous user makes an edit on Wikidata, with a temporary account. The edit affects a page on a client wiki, so it gets dispatched there, and added to the `recentchanges` table (type `RC_EXTERNAL`). Which actor do we assign this row to? - It can’t be the temporary account, because they’re not supposed to exist on the client wiki. - It can’t be the user’s IP address, because we don’t know it anymore (and shouldn’t leak it in any case). - I guess we could reassign all such edits to a system user or something? (But that still leaves the problem that it looks like a registered edit to the client wiki when it really isn’t, which IIUC was the main argument against just letting temporary accounts be shared via CentralAuth like they used to.) - Or some kind of special IP address(es), somewhere in a private network block? - If IP Masking is enabled on a client wiki but not on Wikidata: Suppose a user acquires a temporary account on a client wiki (e.g. with a normal edit), then edits Wikidata from the client wiki. What should happen? - I //think// there’s no actual scenario where this happens. The LinkItem widget is not available to unregistered users, including temporary accounts (see T351971 <https://phabricator.wikimedia.org/T351971>); the data bridge is currently broken (T354750 <https://phabricator.wikimedia.org/T354750>); some wikis have gadgets to edit Wikidata (e.g. WE-Framework <https://www.wikidata.org/wiki/Q22946134>), but temporary users won’t be able to enable them. - Even if there’s a way for anonymous users to edit Wikidata from a client wiki that I missed – it’s probably okay(ish) if the outcome is just “it doesn’t work”. Comparing these two alternatives, I wonder if we should just enable IP Masking on Wikidata last of all wikis, so that the first set of problems never applies… TASK DETAIL https://phabricator.wikimedia.org/T351968 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Lucas_Werkmeister_WMDE Cc: Lucas_Werkmeister_WMDE, Aklapper, Lydia_Pintscher, Danny_Benjafield_WMDE, Astuthiodit_1, karapayneWMDE, Invadibot, maantietaja, ItamarWMDE, Akuckartz, Nandana, kostajh, Lahi, Gq86, GoranSMilovanovic, QZanden, KimKelting, LawExplorer, JJMC89, _jensen, rosalieper, Scott_WUaS, Wikidata-bugs, aude, Mbch331, Ltrlg
_______________________________________________ Wikidata-bugs mailing list -- [email protected] To unsubscribe send an email to [email protected]
