GW2 Wiki English Mirror:Requests for technical administration/Enable temporary accounts

From GW2 Wiki English Mirror
Jump to navigationJump to search

Enable temporary accounts

Title
Enable temporary accounts
Applicability
Applies to MW 1.39 onwards, considered stable from MW 1.45.
Type
Amendment of LocalSettings.php
Reason
Reduce visbility of a user's IP address information + therefore improve privacy.
It is proposed that the following lines are added to LocalSettings.php (supplementing the default values as defined on mw:Manual:$wgAutoCreateTempUser).
As discussed with ArenaNet, it is proposed to enable this at the same time as the upcoming MW 1.43 upgrade.
$wgAutoCreateTempUser['enabled'] = true;
$wgAutoCreateTempUser['genPattern'] = '~Temporary User $1';
The first line enables the feature. The second line changes the default "temporary user" from appearing as purely '~2026 123456' (tilde, year, then sequential number per year) and will instead appear as '~Temporary User 2026 123456' (which serves to be a bit more visually obvious to distinguish from named permanent users).
Links
mw:Trust and Safety Product/Temporary Accounts
mw:Trust and Safety Product/Temporary Accounts/For developers
mw:Manual:$wgAutoCreateTempUser
Possible pitfalls
As noted on #Updating AbuseFilter filters, "Conditions that implicitly check for IPs/anonymous users (e.g. via user_age or user_groups) may not work. Instead, use the new user_type variable which can return one of the following: named, temp, ip, external, unknown", this will likely affect one or more of our AbuseFilter configurations.
  • The following filters will require updating: 16 (anon userpage), 9 (ip userpage - consider merging with 16 tbh), 37 (anon editor content removal).
Similarly any wiki custom JS will require a review
  • Believe none affected (mw.user)
For MW 1.43+: Per #Updating AbuseFilter permissions, Bureaucrats may need to check who is allocated the "abusefilter-access-protected-vars" and "abusefilter-protected-vars-log" permissions - data on mw:Extension:AbuseFilter#User rights suggests no action should be required (i.e. all sysops look to be granted these permissions by default) but this is worth checking.