Page MenuHomePhabricator
Create Task
Maniphest T313906

🌶️ Authenticate and authorize as mediawiki user when making PATCH requests to REST API statement routes
Closed, ResolvedPublic
Actions

Description

As a gadget author I would like the user changing statements using the gadget to be authenticated so that they could be credited to the changes they make.
As a gadget author I would like the user changing statements using the gadget to be authorized so that the wiki's editing restrictions are not violated.

Bearer-token based authentication using Authorization HTTP header should be used.

The following requests should also authenticate and authorize the mediawiki user:
PATCH /entities/items/{item_id}/statements/{statement_id}
PATCH /statements/{statement_id}

Details

SubjectRepoBranchLines +/-
REST: Add authorization check to PatchItemStatementmediawiki/extensions/Wikibasemaster+90 -38
Customize query in gerrit

Related Objects
Search...

Event Timeline

Jakob_WMDE created this task.Jul 27 2022, 12:54 PM
Silvan_WMDE moved this task from Backlog to Sprint 12 on the Wikibase Product Platform (v1) board.Aug 25 2022, 1:40 PM
Silvan_WMDE edited projects, added Wikibase Product Platform (v1) (Sprint 12); removed Wikibase Product Platform (v1).
Silvan_WMDE removed a project: Story.
Silvan_WMDE renamed this task from Authenticate and authorize as mediawiki user when making PATCH requests to REST API statement routes to 🌶️ Authenticate and authorize as mediawiki user when making PATCH requests to REST API statement routes.Aug 25 2022, 1:44 PM
Jakob_WMDE claimed this task.Sep 12 2022, 3:39 PM
Jakob_WMDE moved this task from To Do to Doing on the Wikibase Product Platform (v1) (Sprint 12) board.
gerritbot added a comment.Sep 13 2022, 9:47 AM

Change 831828 had a related patch set uploaded (by Jakob; author: Jakob):

[mediawiki/extensions/Wikibase@master] REST: Add authorization check to PatchItemStatement

https://gerrit.wikimedia.org/r/831828

gerritbot added a project: Patch-For-Review.Sep 13 2022, 9:47 AM
Jakob_WMDE moved this task from Doing to Peer Review on the Wikibase Product Platform (v1) (Sprint 12) board.Sep 13 2022, 9:56 AM
gerritbot added a comment.Sep 13 2022, 3:10 PM

Change 831828 merged by jenkins-bot:

[mediawiki/extensions/Wikibase@master] REST: Add authorization check to PatchItemStatement

https://gerrit.wikimedia.org/r/831828

Maintenance_bot removed a project: Patch-For-Review.Sep 13 2022, 3:30 PM
ReleaseTaggerBot added a project: MW-1.40-notes (1.40.0-wmf.2; 2022-09-19).Sep 13 2022, 4:00 PM
Ollie.Shotton_WMDE moved this task from Peer Review to Done on the Wikibase Product Platform (v1) (Sprint 12) board.Sep 14 2022, 10:44 AM
WMDE-leszek closed this task as Resolved.Oct 14 2022, 12:51 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits