iBet uBet web content aggregator. Adding the entire web to your favor.
iBet uBet web content aggregator. Adding the entire web to your favor.



Link to original content: https://phabricator.wikimedia.org/T354730
⚓ T354730 Support creating items as not-logged-in user when TempAccounts is enabled
Page MenuHomePhabricator

Support creating items as not-logged-in user when TempAccounts is enabled
Closed, ResolvedPublic

Description

TempAccounts is currently enabled on beta, and it should be possible to create a new item without logging in. But visiting Special:NewItem on Beta and filling out the form results in the following error message:

2024-01-10-103541_1206x474_scrot.png (474×1 px, 34 KB)

On a local development system, this results in a stacktrace:

2024-01-10-103703_1399x854_scrot.png (854×1 px, 317 KB)

The How it works document explains a bit more about the changes necessary. Essentially, for this and for any other action we have previously exposed to anonymous / IP Users, we need to explicitly add support for TemporaryUsers to avoid this error.

QA Results - Wikidata Beta

Event Timeline

We should also check if the same is the case for creating new Properties and Lexemes. I assume yes.

NewProperty fails with a clear permission error because the action is not enabled for anonymous users on beta. But that may not be the case for all installations - trying the same on a local development wiki creates the stack trace again.

2024-01-10-111526_915x192_scrot.png (192×915 px, 21 KB)

whereas NewLexeme fails with an alert:

2024-01-10-111452_1218x622_scrot.png (622×1 px, 107 KB)

NewProperty fails with a clear permission error because the action is not enabled for anonymous users on beta. But that may not be the case for all installations - trying the same on a local development wiki creates the stack trace again.

2024-01-10-111526_915x192_scrot.png (192×915 px, 21 KB)

Thanks!
There could conceivably be Wikibase instances where Property creation is not restricted so we should probably check this still.

That patch is now pretty far out of WIP (edit: I’ve now attached it to this task as well), and due to the way it’s implemented, it also seems to work for special pages even though it mostly focuses on the API:

image.png (321×1 px, 58 KB)

(There’s still an open question on the patch that I’d like feedback from @dcausse or someone else on.)

Change 966585 had a related patch set uploaded (by Lucas Werkmeister (WMDE); author: Tchanders):

[mediawiki/extensions/Wikibase@master] Add temporary user support to most API modules

https://gerrit.wikimedia.org/r/966585

Picking this up into our “sprint” board, since I’ve already been working on it for the past few days. I think we’re pretty close to a mergeable version. (Note that this will not cover all API actions – merging / redirects will need a bit more work.)

Change 966585 merged by jenkins-bot:

[mediawiki/extensions/Wikibase@master] Add temporary user support to most API modules

https://gerrit.wikimedia.org/r/966585

The Gerrit changes got merged, but it’s still not working:

image.png (680×1 px, 75 KB)

The action you have requested is limited to users in one of the groups: Users, Temporary users.
Permission error

I think this is because the Beta config is outdated and hasn’t been updated for the recent-ish(?) change where we still expect $wgGroupPermissions['*']['edit'] to be true.

Change 992400 had a related patch set uploaded (by Lucas Werkmeister (WMDE); author: Lucas Werkmeister (WMDE)):

[operations/mediawiki-config@master] beta: Don’t prevent * from editing if IP masking enabled

https://gerrit.wikimedia.org/r/992400

Change 992400 merged by jenkins-bot:

[operations/mediawiki-config@master] beta: Don’t prevent * from editing if IP masking enabled

https://gerrit.wikimedia.org/r/992400

I was able to create an item in Special:NewItem with a temp user as seen as below. All browsers had similar results. This will be moved to Done. Thanks for all your work!

Status: ✅PASS
Environment: Wikidata Beta
OS: macOS Sonoma 14.2.1
Browser: Chrome 120, Firefox 121, Safari 17.2, Edge 120
Skins. Vector 2022
Device: MBA M2
Emulated Device:: n/a
Test Links:
Chrome: https://wikidata.beta.wmflabs.org/wiki/Q627105
Firefox: https://wikidata.beta.wmflabs.org/wiki/Q627104
Edge: https://wikidata.beta.wmflabs.org/wiki/Q627103
Safari: https://wikidata.beta.wmflabs.org/wiki/Q627102

✅AC1: https://phabricator.wikimedia.org/T354730

Create ItemWikiDataView HistoryComparison
2024-01-25_11-51-20.png (844×3 px, 325 KB)
2024-01-25_11-51-33.png (1×3 px, 398 KB)
2024-01-25_11-51-45.png (664×3 px, 322 KB)
2024-01-25_15-18-30.png (685×3 px, 192 KB)
Arian_Bozorg claimed this task.

This is all working for me, thanks so much!

Lucas_Werkmeister_WMDE added subscribers: Cparle, Tgr.

I’m afraid we have to reopen this (and other IP Masking tasks in Wikibase aren’t as done as we thought they were either). During discussions with @Tgr, @Tchanders and @Cparle in Slack, it turned out that we should redirect the user to the central login wiki (based on the TempUserCreatedRedirect hook, which CentralAuth interacts with) to ensure they’re centrally logged in as well.

For Special:NewItem and other special pages that already redirect the user on success, that should be straightforward enough – we just call the hook and adjust the redirect target accordingly. (The hook can be configured such that the resulting URL redirects to the title that we were going to redirect to anyways.) For special pages that don’t redirect the user on success (such as Special:RedirectEntity, T356149), we’ll have to add a new “success” state that the redirect URL can return back to (the page that shows “Q1 was redirected to Q2”), but that should be doable.

For interactive edits using the API, I’m not even sure what the UX should be. Suppose an anonymous user has started to edit a bunch of data on an item:

image.png (1×1 px, 267 KB)

Now they click one of the “publish” buttons, the API makes an edit, and returns a URL that we should redirect to. What do we do?

I think the options we have are:

  1. Redirect the user to that URL immediately.
    1. Just throw away the other edits they made prepared.
    2. Stash the other edits in the returntoquery and/or returntoanchor of the redirect URL, and hope it fits there (URLs have length limits after all).
    3. Stash the other edits server-side, and put some kind of identifier for that stash into the returntoquery and/or returntoanchor. But now we have to worry where that stash is stored server-side, when it expires, how to protect it against vandalism…
    4. Stash the other edits client-side (localStorage or similar).
  2. Wait until the other edits are done, then redirect the user. As far as I understand the purpose of the redirect, that should be fine-ish – it’s only needed for logging in on other wikis, additional edits on the same wiki should already use the temporary account anyway. But there’s a risk that the user will close the tab before finishing all the edits, and then the redirect never happens.
  3. Prevent the user from editing more than one thing at a time (if they’re not logged in), by disabling other “edit” buttons or similar.
  4. Don’t redirect at all. In that case, “your temp user identity will be irrecoverably limited to that single wiki” (@Tgr).

(For the record, I don’t think all of these solutions are realistic – they’re just theoretic options I can think of. 1.A and 5 are by far the easiest, and I have a feeling they’re almost the only realistic options if we don’t want to block IP Masking for longer than we’d like to. But it’s possible I’m being too pessimistic about how difficult the other options are to implement in the Wikibase UI.)

An alternative: Redirect user to login wiki when the user click edit, so user will have a temporary account when they are in the edit mode. Though (1) this will results in temporatry accounts with zero global activity and (2) this does not handle users who lost a session in edit mode.

Don’t redirect at all. In that case, “your temp user identity will be irrecoverably limited to that single wiki” (@Tgr).

I suspect this won't be popular for attribution and patrolling purposes, and it's not something we're recommending elsewhere.

I realise your team will want to figure this out, but for what it's worth, 1D sounds sensible to me:

Stash the other edits client-side (localStorage or similar).

I believe Editing-team and Community-Tech have done some work on autosave, in case it would be helpful to speak to them.

But there’s a risk that the user will close the tab before finishing all the edits, and then the redirect never happens.

Maybe we could build some way of tracking whether the session has been "merged" into a central session, and force a central login at the next opportunity if that isn't the case. Though it wouldn't help if they close the tab and then go to another wiki next. Also the way CentralAuth works, the "remember me" flag (which makes logins expire after a year, instead of after a day) is only set during central login - I'm not quite sure if that's the case for temp users, who are logged in locally in a special way, but we should check. If it does affect temp users then the UI messaging about the temp account after the edit will be very misleading.

There is also a chance that T348388: Use central login wiki for login (SUL3) will find a way to make central login in the background work, and then this would become a non-issue. I wouldn't bet on it though.

Change 995260 had a related patch set uploaded (by Lucas Werkmeister (WMDE); author: Lucas Werkmeister (WMDE)):

[mediawiki/extensions/Wikibase@master] Use onTempUserCreatedRedirect hook in redirecting special pages

https://gerrit.wikimedia.org/r/995260

For interactive edits using the API, I’m not even sure what the UX should be.

@Lydia_Pintscher, @ArthurTaylor and I discussed this situation now. Lydia said that, for new visitors who have never edited before, the situation of editing several data entries on the item at once should be quite uncommon; Arthur also pointed out that we can always add disabling other edit buttons later if we want. So we decided that:

  • For normal edits (mainly statements), just redirect away after the API request. (Option 1A above.) In practice, it should be quite rare for this to result in data loss.
    • If we get enough complaints, or otherwise see the need, we can later disable edit buttons for anonymous users after they start their first edit (Option 3 above). We also discovered that DiscussionTools does this even for logged-in users and regardless of IP Masking status – but we know that our power users would object if we did it for everyone.
  • For the legacy termbox, which makes a bunch of edits in rapid succession after clicking a single “save” button, redirect away after all those edits are done. (This is basically option 2 above, but with the difference that we’re not waiting for an indefinite amount of time until the user is done – we just wait until we’re done making all our API requests.)
  • The new mobile termbox (aka Termbox v2 and other names) makes a single edit, so we can redirect away just like for normal edits.
  • Option 4, not redirecting at all, is rejected, at least for code we’re responsible for. (WikibaseMediaInfo currently chooses this path, but should probably use one of the other options.)

Change 995260 merged by jenkins-bot:

[mediawiki/extensions/Wikibase@master] Use onTempUserCreatedRedirect hook in redirecting special pages

https://gerrit.wikimedia.org/r/995260