When AbuseFilter prevents a user from creating an account, it is currently impossible for CUs to associated the IP and the user. Here is in example: * IP 1.2.3.4 tries to created the account User:FailedToCreate and this action is prevented by the abuse filter. * If you query 1.2.3.4, you will see this in the CU results * But of course, you don't know which IP to query. * If you query FailedToCreate you get an error saying the account doesn't exist (which is fair) * Without the abusefilter-private right, you have know way to associate FailedToCreate and 1.2.3.4 to each other. WMF has not given the `abusefilter-private` right to its CUs, because if a CU had that right and would use it to lookup the IP of a user associated with this type of abuse log entry, there would be no way to log the CU's action. WMF would like all CU actions to be logged, so other CUs can monitor it. Two steps need to be taken: 1. Make it possible to log the CU actions, should they be given the `abusefilter-private` right (see T152934) 1. Ad this right to the list of rights CUs hold on WMF wikis (this task)

When AbuseFilter prevents a user from creating an account, it is currently impossible for CUs to associated the IP and the user. Here is in example: * IP 1.2.3.4 tries to created the account User:FailedToCreate and this action is prevented by the abuse filter. * If you query 1.2.3.4, you will see this in the CU results * But of course, you don't know which IP to query. * If you query FailedToCreate you get an error saying the account doesn't exist (which is fair) * Without the abusefilter-private right, you have no way to associate FailedToCreate and 1.2.3.4 to each other. WMF has not given the `abusefilter-private` right to its CUs, because if a CU had that right and would use it to lookup the IP of a user associated with this type of abuse log entry, there would be no way to log the CU's action. WMF would like all CU actions to be logged, so other CUs can monitor it. Two steps need to be taken: 1. Make it possible to log the CU actions, should they be given the `abusefilter-private` right (see T152934) 1. Ad this right to the list of rights CUs hold on WMF wikis (this task)

When AbuseFilter prevents a user from creating an account, it is currently impossible for CUs to associated the IP and the user. Here is in example: * IP 1.2.3.4 tries to created the account User:FailedToCreate and this action is prevented by the abuse filter. * If you query 1.2.3.4, you will see this in the CU results * But of course, you don't know which IP to query. * If you query FailedToCreate you get an error saying the account doesn't exist (which is fair) * Without the abusefilter-private right, you have knowno way to associate FailedToCreate and 1.2.3.4 to each other. WMF has not given the `abusefilter-private` right to its CUs, because if a CU had that right and would use it to lookup the IP of a user associated with this type of abuse log entry, there would be no way to log the CU's action. WMF would like all CU actions to be logged, so other CUs can monitor it. Two steps need to be taken: 1. Make it possible to log the CU actions, should they be given the `abusefilter-private` right (see T152934) 1. Ad this right to the list of rights CUs hold on WMF wikis (this task)