Page MenuHomePhabricator
Create Task
Maniphest T339821

Update CampaignsUserMailer to use core's EmailUser when available
Open, Needs TriagePublic
Actions

Description

For T317223, we copied large bits of the email code in core so that we could modify it as needed. Once core's EmailUser becomes stable and ready to use (T265541), we should simply use its method and add our own permission checks on top of it.

Acceptance criteria

  • Copied code removed from CampaignsUserMailer where possible
  • Replace ValidateTarget method in CampaignsUserMailer with EmailUser->ValidateTarget
  • Replace ValidateSender method in CampaignsUserMailer with EmailUser->ValidateSender
  • Confirm that CampaignEvents specific code is maintained.

Details

SubjectRepoBranchLines /-
Use EmailUser class for permission checkingmediawiki/extensions/CampaignEventsmaster 37 -25
Customize query in gerrit

Related Objects
Search...

Event Timeline

Daimona created this task.Jun 18 2023, 5:14 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 18 2023, 5:14 PM
MHorsey-WMF updated the task description. (Show Details)Oct 3 2023, 1:25 PM
Daimona claimed this task.Oct 3 2023, 8:17 PM
Daimona edited projects, added Campaign-Tools (Campaign-Tools-Current-Sprint); removed Campaign-Tools.
Daimona added a comment.Oct 9 2023, 5:34 PM

We are currently using an old copy of core's emailing code for the following three things: target validation, sender validation, actual sending of the email. In particular:

  • Target validation would be easy to migrate now: EmailUser::validateTarget works exactly the same as our CampaignsUserMailer::validateTarget. The problem here is that EmailUser::validateTarget is still @internal, and that's because it's still unclear where that method should belong. That's also the only thing left to do in T265541, but until that's done, we can't migrate it.
  • As for sender validation: our copy of the code already calls User::canSendEmail, which uses EmailUser as of r921367. The replacement here is not 1:1 though: EmailUser ratelimits the sendemail right, but we need to ratelimit campaignevents-email-participants. Adding our ratelimit check should be easy enough. Removing core's check is harder, but maybe doable with the onPingLimiter hook. Note: just like core, we will need a method for the simple permission check and one for actually authorizing the action.
  • Sending the email: the code in core is similar to what we need. There are a few differences though:
    • sendEmailUnsafe calls validateTarget. But in our case, target validation must be synchronous, whereas the email sending shouldn't (it's in a job). Duplicating the call shouldn't have any side effects. But also, given what I wrote above about ::validateTarget, it's still unclear how this code will evolve in core.
    • Core adds a footer about the email being sent via Special:EmailUser. We don't want this, and we may actually want a custom footer instead (T348043). Could be resolved by adding a method to EmailUser to replace/suppress/add the footer.
    • Core also adds a line to the footer linking to Special:Mute. I believe we want this.

All in all, it looks like the core side still needs a couple tweaks before we can use it.

Daimona moved this task from Upcoming / refining 💡 to Development In Progress 💻 on the Campaign-Tools (Campaign-Tools-Current-Sprint) board.Oct 9 2023, 9:02 PM
ifried added a parent task: T348043: Add footer text to emails from organizers.Oct 10 2023, 3:30 PM
Daimona added a subtask: T265541: Make class SpecialEmailUser a real special page and move all helper functions to their own service.Oct 23 2023, 1:03 AM
Daimona moved this task from Backlog to Tech debt on the CampaignEvents board.Nov 10 2023, 6:02 PM
Daimona edited projects, added Campaign-Tools; removed Campaign-Tools (Campaign-Tools-Current-Sprint).Dec 14 2023, 3:33 PM
gerritbot added a comment.Apr 23 2024, 3:48 PM

Change #1023063 had a related patch set uploaded (by Daimona Eaytoy; author: Majavah):

[mediawiki/extensions/CampaignEvents@master] Use EmailUser class for permission checking

https://gerrit.wikimedia.org/r/1023063

gerritbot added a project: Patch-For-Review.Apr 23 2024, 3:48 PM
gerritbot added a comment.Apr 23 2024, 4:01 PM

Change #1023063 merged by jenkins-bot:

[mediawiki/extensions/CampaignEvents@master] Use EmailUser class for permission checking

https://gerrit.wikimedia.org/r/1023063

ReleaseTaggerBot added a project: MW-1.43-notes (1.43.0-wmf.3; 2024-04-30).Apr 23 2024, 5:00 PM
Maintenance_bot removed a project: Patch-For-Review.Apr 26 2024, 6:20 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits