Last modified: 2014-11-17 09:21:05 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 13953 - Implement global user module (Wikimedia-wide user CSS/JS)
Implement global user module (Wikimedia-wide user CSS/JS)
Status: RESOLVED FIXED
Product: MediaWiki extensions
Classification: Unclassified
Extensions requests (Other open bugs)
unspecified
All All
: Low enhancement with 11 votes (vote)
: ---
Assigned To: Kunal Mehta (Legoktm)
: crosswiki
Depends on: 57891
Blocks: javascript css SWMT 64475
  Show dependency treegraph
 
Reported: 2008-05-05 03:08 UTC by Korg
Modified: 2014-11-17 09:21 UTC (History)
29 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Korg 2008-05-05 03:08:18 UTC
Please allow users to define a JavaScript or CSS subpage to be used on every Wikimedia wikis.

This would avoid the need to create (and then to update) a subpage on dozens of wikis.


For example, a user could specify in its preferences to use globally the subpage /monobook.js, or /global.css (in the case they want a style distinct from the local subpage /monobook.css).
The style defined globally should not be displayed if a local style file already exists.
Comment 1 Aryeh Gregor (not reading bugmail, please e-mail directly) 2008-05-05 13:29:35 UTC
Note that for JS, you can accomplish this easily enough, by using document.write( '<script type="text/javascript" src="..."></script>' ); or similar.  For CSS you can't, since imports need to go at the beginning of the document for some crazy reason, and user CSS is appended to the end of site CSS; you have to use JS to import the CSS too.  But it's more or less doable now, is the point, by anyone who wants it.  So not such a high priority compared to other CentralAuth things we want, IMO.
Comment 2 Korg 2008-05-06 13:24:04 UTC
> For CSS you can't, since imports need to go at the beginning of the
> document for some crazy reason, and user CSS is appended to the end of site
> CSS; you have to use JS to import the CSS too.

I can actually import an external file or subpage by using @import "... .css&action=raw&ctype=text/css";


> But it's more or less doable now, is the point, by anyone who wants it.
> So not such a high priority compared to other CentralAuth things we want, IMO.

I agree; it is not a problem if a user wants this on a few wikis, but it would be really useful to users monitoring multiple projects.
Comment 3 Aryeh Gregor (not reading bugmail, please e-mail directly) 2008-05-06 13:42:44 UTC
(In reply to comment #2)
> > For CSS you can't, since imports need to go at the beginning of the
> > document for some crazy reason, and user CSS is appended to the end of site
> > CSS; you have to use JS to import the CSS too.
> 
> I can actually import an external file or subpage by using @import "...
> .css&action=raw&ctype=text/css";

In IE, maybe.  Try it on a standards-compliant browser like Firefox and in my experience it will fail.  As the spec says:

"CSS 2.1 user agents must ignore any '@import' rule that occurs inside a block or after any valid statement other than an @charset or an @import rule."
http://www.w3.org/TR/CSS21/syndata.html#at-rules

Your user CSS file is appended to the end of the site CSS file, which in turn will commonly contain at least one valid statement, so last I checked, Firefox correctly ignores any @import in user CSS.  CSS3 has the same restriction, in the current draft for this component:

"Any @import rules must follow all @charset rules and precede all other at-rules and rule sets in a style sheet."
http://www.w3.org/TR/2003/WD-css3-syntax-20030813/#at-import
Comment 4 Korg 2008-05-06 15:32:32 UTC
(In reply to comment #3)
> In IE, maybe.  Try it on a standards-compliant browser like Firefox and in my
> experience it will fail.

It may not work in theory, but it works in practice :)

Please see for example:
* http://fr.wiktionary.org/wiki/Utilisateur:Korg/monobook.css
* http://meta.wikimedia.org/wiki/User:Korg/global.css

The CSS subpage is properly imported when using Firefox 2.0.0.14, Opera 9.27 or IE7.
Comment 5 Aryeh Gregor (not reading bugmail, please e-mail directly) 2008-05-06 16:20:44 UTC
No, I see, you're right.  I was misremembering how we do user CSS: it's as its own file, apparently, so it works fine.  I guess I had it confused with generated JavaScript, where we do concatenate various things.
Comment 6 Melancholie 2008-12-14 04:56:00 UTC
Referring to bug 16575#c1: See also 4547.

And see [[meta:User:Pathoschild/Scripts/SynchCrosswiki]] for a workaround service.
Comment 7 Charles Melbye 2009-02-19 22:19:37 UTC
Isn't this what the [[mediawiki:Extension:GlobalCssJs]] extension is?
Comment 8 Andrew Garrett 2009-03-12 05:28:47 UTC
Probably worth building into CentralAuth instead of enabling some random extension.

The extension on the wiki appears to use shared user tables, which is not what we use. We use the CentralAuth extension. Some kind of global preference would be required. The extension is therefore not suitable for Wikimedia.
Comment 9 Beau 2012-05-11 08:19:00 UTC
I have submitted Gerrit change #7274 for review.
Comment 10 PiRSquared17 2013-10-23 18:20:44 UTC
Can someone with the appropriate access please add 14759 to the "See also" field? Thanks.
Comment 11 Kunal Mehta (Legoktm) 2013-10-23 19:13:01 UTC
(In reply to comment #8)
> Probably worth building into CentralAuth instead of enabling some random
> extension.

If an extension can be written to work with both CentralAuth and shared user tables, that's a plus rather than adding more bloat to CentralAuth.

> The extension on the wiki appears to use shared user tables, which is not
> what
> we use. We use the CentralAuth extension. Some kind of global preference
> would
> be required. The extension is therefore not suitable for Wikimedia.

The extension could call a hook which CentralAuth ties into to check whether the user on meta == local user.
I don't know why a user preference would be required, we don't have one to turn on/off userjs/css. If a user wants it disabled, they just blank/delete the page.

The extension would probably need to be re-written to use ResourceLoader, moved to git, etc.
Comment 12 PiRSquared17 2013-10-27 23:40:40 UTC
(In reply to comment #9)
> I have submitted Gerrit change #7274 for review.

Are you still working on this?
Comment 13 Kunal Mehta (Legoktm) 2013-11-06 23:27:22 UTC
(In reply to comment #12)
> (In reply to comment #9)
> > I have submitted Gerrit change #7274 for review.
> 
> Are you still working on this?

I've picked up the patch and will attempt to finish it.

IMO this feature should live in its own extension. The only dependency that this has upon CentralAuth is whether user:a @ xxwiki === user:a @ yywiki. That can easily be a hook which CentralAuth interfaces with. Other comments would be appreciated :)
Comment 14 MZMcBride 2013-11-07 03:11:54 UTC
(In reply to comment #13)
> IMO this feature should live in its own extension. The only dependency that
> this has upon CentralAuth is whether user:a @ xxwiki === user:a @ yywiki.
> That can easily be a hook which CentralAuth interfaces with. Other comments
> would be appreciated :)

It's a matter of expectations:

* Would you expect anyone to want to install a GlobalBits script but not install CentralAuth?

* Would you expect when installing CentralAuth that it would include the ability to have global bits?

After framing it this way, I think I see your point. A separate extension probably makes sense. Pick an extension name? :-)
Comment 15 Krinkle 2013-11-07 16:48:55 UTC
I think this feature is small enough and sufficiently linked to CentralAuth that it doesn't make sense to split out.

The separate extension would be very small, and essentially only call the core ResourceLoader and LB/DB_Multi interface and the CentralAuth interface. So there would be no added value in separating it because it has no re-usable components. And the components it uses that are re-usable are already available for other extensions to depend on in core or CentralAuth.

I think we should either reject this feature, or add it to CentralAuth.

Also note that, like user and site css/js in core (wgAllowUserJs etc.), this is also behind a configuration flag. So any concerns an admin may have are addressed by that.
Comment 16 Kunal Mehta (Legoktm) 2013-11-07 17:29:19 UTC
(In reply to comment #15)

> The separate extension would be very small, and essentially only call the
> core
> ResourceLoader and LB/DB_Multi interface and the CentralAuth interface. So
> there would be no added value in separating it because it has no re-usable
> components. And the components it uses that are re-usable are already
> available
> for other extensions to depend on in core or CentralAuth.

Having a small extension that serves a specific purpose isn't a problem IMO.

If your wiki uses a shared user table, or any other non-CA global authentication configuration (LDAP possibly), then it's entirely re-usable. I'm not aware of what in core that offers this feature, nor any other extensions (excluding Skizzerz's extension mentioned above).

> I think we should either reject this feature, or add it to CentralAuth.

Rejecting this feature isn't an option ;)

> Also note that, like user and site css/js in core (wgAllowUserJs etc.), this
> is
> also behind a configuration flag. So any concerns an admin may have are
> addressed by that.

If split out to another extension, there is no need for a feature flag, you either enable the extension or you don't.
Comment 17 MZMcBride 2013-11-07 20:25:16 UTC
(In reply to comment #15)
> I think this feature is small enough and sufficiently linked to CentralAuth
> that it doesn't make sense to split out.

Sufficiently linked in what ways?
Comment 18 Gerrit Notification Bot 2013-11-07 23:37:23 UTC
Change 7274 had a related patch set uploaded by Krinkle:
(bug 13953) Allow global user CSS/JS.

https://gerrit.wikimedia.org/r/7274
Comment 19 Chris Steipp 2013-11-20 00:31:32 UTC
I agree with Krinkle, I think this module is small enough that it can live in CentralAuth without a problem. I'd be happy to see it merged into that extension.
Comment 20 Chris Steipp 2013-11-20 01:05:43 UTC
(In reply to comment #19)
> I agree with Krinkle, I think this module is small enough that it can live in
> CentralAuth without a problem. I'd be happy to see it merged into that
> extension.

With the caveat that this really should be part of the (mythical) central code repository, which is currently wanted by lots of people, but not on anyone's roadmap. If/when that happens, it should be easy to convert to that system, and I think that should be easy with the design in this patch.
Comment 21 MZMcBride 2013-11-22 00:02:10 UTC
(In reply to comment #19)
> I agree with Krinkle, I think this module is small enough that it can live in
> CentralAuth without a problem.

It's not a matter of whether it's problematic, per se, it's a matter of whether it's expected behavior. As I laid out in comment 14, I think putting this code into the CentralAuth extension probably defies reasonable user expectations.
Comment 22 Kunal Mehta (Legoktm) 2013-11-22 07:38:01 UTC
(In reply to comment #19)
> I agree with Krinkle, I think this module is small enough that it can live in
> CentralAuth without a problem. I'd be happy to see it merged into that
> extension.

I agree that it can live in CentralAuth with no problems, but I don't believe it's best for it to live there.

On Uncyclopedia we use shared user tables, and we'd also like to have global JS/CSS. Installing CentralAuth just to get that feature makes no sense at all.

Making a separate extension work with CentralAuth is pretty simple, as can been seen at Gerrit change #94837.

That said, I'd like to see this deployed by the end of the year so I'd rather not waste time bikeshedding over where the code will live, and I can copy it into a separate extension for non-WMF usage.
Comment 23 Chris Steipp 2013-11-22 23:26:19 UTC
(In reply to comment #22)
> (In reply to comment #19)
> > I agree with Krinkle, I think this module is small enough that it can live in
> > CentralAuth without a problem. I'd be happy to see it merged into that
> > extension.
> 
> I agree that it can live in CentralAuth with no problems, but I don't believe
> it's best for it to live there.

Totally agree :)

> 
> That said, I'd like to see this deployed by the end of the year so I'd rather
> not waste time bikeshedding over where the code will live, and I can copy it
> into a separate extension for non-WMF usage.

If it's part of CentralAuth, I'm pretty sure we can get it rolled out. If it a separate extension, I'm not sure. If it was based on the code that's in the current patch, I would pass the security review pretty much right away. The rest of the process may take some work.
Comment 24 Kunal Mehta (Legoktm) 2013-11-26 19:45:26 UTC
(In reply to comment #23)

> If it's part of CentralAuth, I'm pretty sure we can get it rolled out. If it
> a
> separate extension, I'm not sure. If it was based on the code that's in the
> current patch, I would pass the security review pretty much right away. The
> rest of the process may take some work.

I9329573da7d4f2af60515ef32b3b64bb769e3755 is what it looks like in a separate extension.

Deploying a new extension takes some more time, but I think doing it correctly is more important. This bug has been open for 5+ years, waiting a bit more is fine. Now that the code is written, I just don't want to get it stuck on bikeshedding where the code should live.

@Krinkle: Is deploying it in a separate extension okay for you?
Comment 25 Krinkle 2013-12-02 21:38:35 UTC
(In reply to comment #16)
> (In reply to comment #15)
> 
> If your wiki uses a shared user table, or any other non-CA global
> authentication configuration (LDAP possibly), then it's entirely re-usable.
> I'm
> not aware of what in core that offers this feature, nor any other extensions
> (excluding Skizzerz's extension mentioned above).
> 
> > I think we should either reject this feature, or add it to CentralAuth.
> 
> Rejecting this feature isn't an option ;)
> 

What I meant is, if this is small enough that it doesn't need an extension (e.g. can be done with LocalSettings), then we'd reject it as a feature in CentralAuth, but just document how to enable it using mediawiki core features in your LocalSettings.

(In reply to comment #17)
> (In reply to comment #15)
> > I think this feature is small enough and sufficiently linked to CentralAuth
> > that it doesn't make sense to split out.
> 
> Sufficiently linked in what ways?

It needs a pointer to the 'central' wiki and a way to resolve that reference in the site matrix. I thought this was CentralAuth feature. Though SiteMatrix is indeed a CentralAuth feature, it looks like wgLocalDatabases and (Multi)-SiteConfiguration are actually core features, so it isn't really linked to CentralAuth in any way other than the ability to verify that the user's account is confirmed on both wikis. That's the only thing the patch had that is CentralAuth specific. If we move this else where, we should still somehow enforce that (perhaps through a hook that CentralAuth can use to communicate with this other extension, when one has both installed).

(In reply to comment #21)
> It's not a matter of whether it's problematic, per se, it's a matter of
> whether it's expected behavior. As I laid out in comment 14 [..]
> into the CentralAuth extension probably defies reasonable user expectations.

(In reply to comment #14)
> (In reply to comment #13)
> It's a matter of expectations:
> 
> 1) Would you expect anyone to want to install a GlobalBits script but not
> install CentralAuth?
> 
> 2) Would you expect when installing CentralAuth that it would include the
> ability to have global bits?
> 
> After framing it this way, I think I see your point. A separate extension
> probably makes sense. Pick an extension name? :-)

Though I mind it being in a separate extension, I'm pretty sure the question to both questions is "Yes, but..". 1) Yes, though perhaps not just CentralAuth. As pointed out, there are other ways to set up wiki farms. But each one probably comes with small details that need to be handled specifically to make it work correctly. For example, in the case of CentralAuth we need the global user module to take into account that the user has a local account on both wikis involved. Even if we move this to a separate extension, we still need something in CentralAuth that will tab into this other extension to enforce that.

And given that the amount of code to create global user modules is so small, I figured it wouldn't be worth it. We might as well document that bit code, advocate its use and implement it in CentralAuth as primary example + the CentralAuth specific bits, and then people using other ways to set up wiki farms can copy the same example and implement their bits as well.

Again, I'm fine with it being an extension, but it will still need some local settings tuning, and hooks with CentralAuth.

(In reply to comment #20)
> (In reply to comment #19)
> > I agree with Krinkle, I think this module is small enough that it can live in
> > CentralAuth without a problem. I'd be happy to see it merged into that
> > extension.
> 
> With the caveat that this really should be part of the (mythical) central
> code repository, which is currently wanted by lots of people [..]

What central code repository are you talking about? I suspect you might refer to the concept of a central wiki for one or more of templates, gadgets and lua modules. This does not overlap with global user modules and would be hard or inappropriate to utilise for this purpose I think.

(In reply to comment #23)
> If it's part of CentralAuth, I'm pretty sure we can get it rolled out. If it
> a separate extension, I'm not sure. 

The separate extension already existed, and is now being rewritten. It will be using similar methods, but will require proper extension review nonetheless as it isn't a straight copy from the patch (and couldn't be).

(In reply to comment #24)
> @Krinkle: Is deploying it in a separate extension okay for you?

I'm okay with us reviewing, maintaining and deploying this as a separate extension.
Comment 26 Gerrit Notification Bot 2013-12-12 04:14:27 UTC
Change 7274 abandoned by Legoktm:
Implement global user CSS/JS module

Reason:
Being pursued as a separate extension, most of the code was moved to I9329573da7d4f2af60515ef32b3b64bb769e3755

https://gerrit.wikimedia.org/r/7274
Comment 27 Kunal Mehta (Legoktm) 2013-12-12 04:15:33 UTC
Bug 57891 is tracking enabling the GlobalCssJs extension on Wikimedia wikis.
Comment 28 Gerrit Notification Bot 2014-08-23 18:10:09 UTC
Change 154432 had a related patch set uploaded by MZMcBride:
Enable GlobalCssJs on all CentralAuth wikis minus loginwiki

https://gerrit.wikimedia.org/r/154432
Comment 29 Gerrit Notification Bot 2014-08-26 15:04:10 UTC
Change 154432 merged by jenkins-bot:
Enable GlobalCssJs on all CentralAuth wikis minus loginwiki

https://gerrit.wikimedia.org/r/154432

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links