User Story
As an anonymous editor,
I want to be notified a temporary account will be created on my behalf
So that I do not have to reveal my personal information to edit a Wiki
Acceptance Criteria
- Show an updated notice when the editor starts editing
- Notice displayed for both Wikitext & Visual Editor
- After the edit is saved, anonymous user should view notice for temporary account username
- Temporary accounts should have “Preferences” disabled
- Temporary accounts should be cross-wiki compatible
- Temporary accounts should enable cross-wiki notifications
Some answered questions
- Are we able to prevent anyone from signing up with the temporary account format of "~ ... ~"? Yes
- How many usernames currently contain "~" or "~...~"? 673 accounts that begin and end with a tilde. (Begins with tilde 1078).
- What will happen to usernames with this format? We can change them on their behalf. Captured here > T300265: [IP Masking] Inform username accounts prefixed with "*"
Proposed internal interface
// Skin $tum = MediaWikiServices::getInstance()->getTempUserManager(); if ( $tum->isAutoCreateAction( 'edit' ) ) { // Show edit tab } else { // Show view source tab } // Changes lists if ( $tum->isTempUser( $user ) ) { $classes[] = 'temp-user'; } // Permissions public function getUserImplicitGroups( ... ) { ... if ( !$tum->isTempUser( $user ) ) { $groups[] = 'permanent'; //? $groups[] = 'nontemp'; //? $groups[] = 'onymous'; //? } } // Page save // Before edit constraints if ( $tum->isAutoCreateAllowed( 'edit', $anonUser ) ) { // notify constraints that creation will be attempted } elseif ( !$anonUser->isAllowed( 'edit' ) ) { // not allowed return Status::newFatal( ... ); } // Before PageUpdater $status = $tum->createUser(); $user = $status->getUser(); // After save, CentralAuth will need to redirect to login.wikimedia.org for cookie-setting
Config
// Defaults $wgAutoCreateTempUser = [ 'enabled' => false, 'actions' => [ 'edit' ] 'genPattern' => '*Unregistered $1*' 'matchPattern' => '*$1', 'serialProvider' => [ 'type' => 'local' ], 'serialMap' => [ 'type' => 'plain-numeric' ], ]; $wgSharedTables[] = 'user_autocreate_serial'; // Typical wiki config $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['user']['edit'] = true; $wgGroupPermissions['*']['createaccount'] = true; // otherwise no actions are enabled // Production $wgAutoCreateTempUser['enabled'] = true; $wgAutoCreateTempUser['serialProvider'] = 'centralauth';
Database
CREATE TABLE user_autocreate_serial ( uas_shard INT PRIMARY KEY NOT NULL, uas_value INT NOT NULL ); -- SQL flavoured pseudocode -- in reality this would be done in PHP BEGIN; SET n = 8; SET r = FLOOR(RAND() * @n) UPDATE user_autocreate_serial SET uas_value=uas_value 1 WHERE uas_shard=@r; SELECT uas_value * @n @r AS value FROM user_autocreate_serial WHERE uas_shard=@r; COMMIT;
With n=1, r=0, IDs grow monotonically. With n>1 the IDs are not allocated in order, but a global lock is avoided.
Probably no need for altering the user table if we reserve a username prefix. We can just use the prefix for permissions and display.