On 07/03/2012 05:32 PM, Karsten 'quaid' Wade wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/03/2012 11:22 AM, Dave Neary wrote:
Hi all,
I just tried to create an account for the oVirt wiki and was kind of surprised that to do so I had to contact someone who already had an account. It seems like everyone who has an account can add new users, so it looks like this is basically a spam avoidance policy. Is that right? Yes, I implemented it initially so we wouldn't have a wide open gateway when there wasn't a community of wiki watchers.
Conversations on this list have been around other automagic that doesn't work because spammers work around it.
If that's the case, I'd like to suggest enabling the ConfirmAccount extension http://www.mediawiki.org/wiki/Extension:ConfirmAccount - which can be configured to ask users for a username & email address, and their bio/reasons for wanting to have an account. The request is then added to a moderation queue, and anyone who is in the Bureaucrat role can approve the account creation request.
To the user, this fits within the expected intimacy gradient. I plan on blogging about the intimacy gradient which I talked about in my Ignite talk at teh Red Hat Summit last week, I'll point people there then - the basic idea is that you should not require people to have private communications to get access to a semi-public resource like a wiki account. In this case, you're making the request via a web page, and although the end result is the same (a human checks if you're a human), to the user it provides the same level of indirection as a Mailman subscription page. Overall, seems like a reasonable solution. It doesn't resolve the need for manual intervention, but it puts it in to a system that prevents people from falling between the cracks and makes things easy for all involved.
A problem I have with the current "ask someone to make you an account" system is that it caters to the type of people who "just do it" - are confident and comfortable asking around for help, for permission, etc. I presume that is only 50% or less of the entire human population, so by default the current system is unfriendly to more than half the people who come across it.
I'm not sure the current system fits in with your description, though - - there is a moment where it could be public or private. Under the current system, the best place to ask for a wiki account is IRC or the arch@ mailing list, since you'll get a fast response and it's quite public. But being able to go private at least means some portion of the 50%+ of the population that is less comfortable with asking around for permission ... well, they might not find it so uncomfortable to privately ask a perceived leader for a wiki key.
I presume the ConfirmAccount has a public queue that only Bureaucrat's can resolve?
That makes it public, but now we have a greater restriction on who can confirm accounts. Right now, anyone with an account can confirm, but under ConfirmAccount we'll have to designate and cultivate Bureaucrats, yes? Assuming someone knows they could create one. I didn't know I could create accounts until today. I assumed it was limited to wiki admin's. Then again I never checked.
Thanks Robert
- - Karsten - -- Karsten 'quaid' Wade, Sr. Analyst - Community Growth http://community.redhat.com .^\ http://TheOpenSourceWay.org @quaid (identi.ca/twitter/IRC) \v. gpg: AD0E0C41
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iD8DBQFP82Tb2ZIOBq0ODEERAsoBAJ41ZFmdA6L434yiAnwPPRDycp0jwwCfUE6y WcaCCp2a6YyK4o6XGU46Vew= =pGmu -----END PGP SIGNATURE----- _______________________________________________ Infra mailing list Infra@ovirt.org http://lists.ovirt.org/mailman/listinfo/infra