Page MenuHomePhabricator
Create Task
Maniphest T424439

Log patrol actions in CheckUser
Closed, ResolvedPublicFeature
Actions

Description

Feature summary:
Although patrol actions are recorded in logging, they don't appear to leave any trace in the CheckUser logs. Without integration with CheckUser, we have to rely on other data points, which limits how thoroughly we can investigate potential misuse of the patrolling system.

This can be particularly problematic if a sockmaster is creative enough to know what they're doing…

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Log patrol events in CheckUsermediawiki/extensions/CheckUsermaster+71 -1
Hard deprecate the MarkPatrolledComplete hookmediawiki/coremaster+8 -8
Replace deprecated MarkPatrolledComplete hookmediawiki/extensions/PageTriagemaster+12 -19
Replace MarkPatrolledComplete with MarkPatrolledAuditmediawiki/coremaster+48 -2
PageTriage: Use PatrolManager over deprecated method callsmediawiki/extensions/PageTriagemaster+3 -3
Move PatrolLog::record to PatrolManagermediawiki/coremaster+68 -46
Rename CheckUserPrivateEventsHandler to CheckUserEventsHandlermediawiki/extensions/CheckUsermaster+50 -44
Customize query in gerrit

Related Objects

Event Timeline

XXBlackburnXx created this task.Apr 26 2026, 7:59 AM
Restricted Application added a project: Product Safety and Integrity. · View Herald TranscriptApr 26 2026, 7:59 AM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Johannnes89 subscribed.Apr 26 2026, 9:13 AM
Mbch331 subscribed.Apr 26 2026, 9:51 AM
Dreamy_Jazz edited projects, added: Essential-Work, Product Safety and Integrity (Sprint Tulip (Apr 13 - May 1)); removed: Product Safety and Integrity.Apr 26 2026, 9:59 AM
Dreamy_Jazz moved this task from Backlog to Ready on the Product Safety and Integrity (Sprint Tulip (Apr 13 - May 1)) board.
HakanIST subscribed.Apr 26 2026, 12:04 PM
SHB2000 subscribed.Apr 26 2026, 12:18 PM
Minorax moved this task from Inbox to CheckUser on the CheckUser board.Apr 26 2026, 1:47 PM
Minorax subscribed.
HakanIST added a comment.Apr 26 2026, 2:00 PM

+1, this would be a welcome addition to the toolset. Since autopatrol is already excluded (T184485), hooking into MarkPatrolledComplete and writing to cu_log_event like the existing LocalUserCreated handler should keep the overhead low.

Titore subscribed.Apr 27 2026, 12:28 AM
OKryva-WMF edited projects, added: Product Safety and Integrity (Sprint lily-of-the-valley (May 4 - May 22)); removed: Product Safety and Integrity (Sprint Tulip (Apr 13 - May 1)).May 1 2026, 8:02 AM
OKryva-WMF moved this task from Backlog to Ready on the Product Safety and Integrity (Sprint lily-of-the-valley (May 4 - May 22)) board.May 1 2026, 8:02 AM
Dreamy_Jazz claimed this task.May 1 2026, 12:02 PM
Dreamy_Jazz added a project: Wikimedia-Hackathon-2026.
gerritbot added a comment.May 1 2026, 1:04 PM

Change #1281490 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Rename CheckUserPrivateEventsHandler to CheckUserEventsHandler

https://gerrit.wikimedia.org/r/1281490

gerritbot added a project: Patch-For-Review.May 1 2026, 1:04 PM
Dreamy_Jazz added a comment.May 1 2026, 1:07 PM

MarkPatrolledComplete doesn't pass the associated log ID, so we will need to update that to pass it to the hook handlers

HakanIST added a comment.May 1 2026, 1:38 PM
In T424439#11879297, @Dreamy_Jazz wrote:

MarkPatrolledComplete doesn't pass the associated log ID, so we will need to update that to pass it to the hook handlers

Perhaps PatrolLog::record() could return the $logid instead of bool, so it can be forwarded to the hook directly?

gerritbot added a comment.May 1 2026, 2:18 PM

Change #1281507 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/core@master] Move PatrolLog::record to PatrolManager

https://gerrit.wikimedia.org/r/1281507

Dreamy_Jazz moved this task from Ready to Needs review on the Product Safety and Integrity (Sprint lily-of-the-valley (May 4 - May 22)) board.May 1 2026, 2:24 PM
Dreamy_Jazz moved this task from Backlog to Proposed Projects on the Wikimedia-Hackathon-2026 board.
gerritbot added a comment.May 1 2026, 3:14 PM

Change #1281524 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/core@master] Replace MarkPatrolledComplete with MarkPatrolledAudit

https://gerrit.wikimedia.org/r/1281524

gerritbot added a comment.May 1 2026, 3:19 PM

Change #1281525 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/core@master] Hard deprecate the MarkPatrolledComplete hook

https://gerrit.wikimedia.org/r/1281525

gerritbot added a comment.May 1 2026, 3:31 PM

Change #1281490 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Rename CheckUserPrivateEventsHandler to CheckUserEventsHandler

https://gerrit.wikimedia.org/r/1281490

gerritbot added a comment.May 1 2026, 3:52 PM

Change #1281531 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/PageTriage@master] PageTriage: Use PatrolManager over deprecated method calls

https://gerrit.wikimedia.org/r/1281531

gerritbot added a comment.May 1 2026, 3:54 PM

Change #1281507 merged by jenkins-bot:

[mediawiki/core@master] Move PatrolLog::record to PatrolManager

https://gerrit.wikimedia.org/r/1281507

ReleaseTaggerBot added a project: MW-1.47-notes (1.47.0-wmf.1; 2026-05-05).May 1 2026, 4:00 PM
gerritbot added a comment.May 1 2026, 4:08 PM

Change #1281535 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/PageTriage@master] Replace deprecated MarkPatrolledComplete hook

https://gerrit.wikimedia.org/r/1281535

gerritbot added a comment.May 1 2026, 7:51 PM

Change #1281524 merged by jenkins-bot:

[mediawiki/core@master] Replace MarkPatrolledComplete with MarkPatrolledAudit

https://gerrit.wikimedia.org/r/1281524

gerritbot added a comment.May 1 2026, 8:01 PM

Change #1281531 merged by jenkins-bot:

[mediawiki/extensions/PageTriage@master] PageTriage: Use PatrolManager over deprecated method calls

https://gerrit.wikimedia.org/r/1281531

gerritbot added a comment.May 1 2026, 8:43 PM

Change #1281617 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/CheckUser@master] Log patrol events in CheckUser

https://gerrit.wikimedia.org/r/1281617

gerritbot added a comment.May 1 2026, 8:52 PM

Change #1281535 merged by jenkins-bot:

[mediawiki/extensions/PageTriage@master] Replace deprecated MarkPatrolledComplete hook

https://gerrit.wikimedia.org/r/1281535

gerritbot added a comment.May 1 2026, 9:08 PM

Change #1281525 merged by jenkins-bot:

[mediawiki/core@master] Hard deprecate the MarkPatrolledComplete hook

https://gerrit.wikimedia.org/r/1281525

Dreamy_Jazz moved this task from CheckUser to Inbox on the CheckUser board.May 3 2026, 8:51 AM
Dreamy_Jazz moved this task from Needs review to QA in Prod on the Product Safety and Integrity (Sprint lily-of-the-valley (May 4 - May 22)) board.May 8 2026, 12:10 PM

I can QA in production that we start to see these entries appear

gerritbot added a comment.May 8 2026, 12:20 PM

Change #1281617 merged by jenkins-bot:

[mediawiki/extensions/CheckUser@master] Log patrol events in CheckUser

https://gerrit.wikimedia.org/r/1281617

Maintenance_bot removed a project: Patch-For-Review.May 8 2026, 12:31 PM
ReleaseTaggerBot edited projects, added: MW-1.47-notes (1.47.0-wmf.2; 2026-05-12); removed: MW-1.47-notes (1.47.0-wmf.1; 2026-05-05).May 8 2026, 1:00 PM
Dreamy_Jazz added a comment.May 13 2026, 1:20 PM

Entries exist in testwiki:

(testwiki)> select log_id, log_type, log_action from cu_log_event join logging on log_id = cule_log_id where log_type = 'patrol';
+--------+----------+------------+
| log_id | log_type | log_action |
+--------+----------+------------+
| 463097 | patrol   | patrol     |
| 463120 | patrol   | patrol     |
| 463155 | patrol   | patrol     |
+--------+----------+------------+
Dreamy_Jazz closed this task as Resolved.May 13 2026, 1:20 PM
Dreamy_Jazz moved this task from QA in Prod to Done on the Product Safety and Integrity (Sprint lily-of-the-valley (May 4 - May 22)) board.
FriedrickMILBarbarossa subscribed.Tue, May 26, 11:21 AM
FriedrickMILBarbarossa awarded a token.Tue, May 26, 12:35 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits