Enabling Extension:ConfirmAccount

Tue Jul 3 21:37:59 UTC 2012

On 07/03/2012 05:32 PM, Karsten 'quaid' Wade wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 07/03/2012 11:22 AM, Dave Neary wrote:
>> Hi all,
>>
>> I just tried to create an account for the oVirt wiki and was kind
>> of surprised that to do so I had to contact someone who already had
>> an account. It seems like everyone who has an account can add new
>> users, so it looks like this is basically a spam avoidance policy.
>> Is that right?
> Yes, I implemented it initially so we wouldn't have a wide open
> gateway when there wasn't a community of wiki watchers.
>
> Conversations on this list have been around other automagic that
> doesn't work because spammers work around it.
>
>> If that's the case, I'd like to suggest enabling the
>> ConfirmAccount extension
>> http://www.mediawiki.org/wiki/Extension:ConfirmAccount - which can
>> be configured to ask users for a username & email address, and
>> their bio/reasons for wanting to have an account. The request is
>> then added to a moderation queue, and anyone who is in the
>> Bureaucrat role can approve the account creation request.
>>
>> To the user, this fits within the expected intimacy gradient. I
>> plan on blogging about the intimacy gradient which I talked about
>> in my Ignite talk at teh Red Hat Summit last week, I'll point
>> people there then - the basic idea is that you should not require
>> people to have private communications to get access to a
>> semi-public resource like a wiki account. In this case, you're
>> making the request via a web page, and although the end result is
>> the same (a human checks if you're a human), to the user it
>> provides the same level of indirection as a Mailman subscription
>> page.
> Overall, seems like a reasonable solution. It doesn't resolve the need
> for manual intervention, but it puts it in to a system that prevents
> people from falling between the cracks and makes things easy for all
> involved.
>
> A problem I have with the current "ask someone to make you an account"
> system is that it caters to the type of people who "just do it" - are
> confident and comfortable asking around for help, for permission, etc.
> I presume that is only 50% or less of the entire human population, so
> by default the current system is unfriendly to more than half the
> people who come across it.
>
> I'm not sure the current system fits in with your description, though
> - - there is a moment where it could be public or private. Under the
> current system, the best place to ask for a wiki account is IRC or the
> arch@ mailing list, since you'll get a fast response and it's quite
> public. But being able to go private at least means some portion of
> the 50%+ of the population that is less comfortable with asking around
> for permission ... well, they might not find it so uncomfortable to
> privately ask a perceived leader for a wiki key.
>
> I presume the ConfirmAccount has a public queue that only Bureaucrat's
> can resolve?
>
> That makes it public, but now we have a greater restriction on who can
> confirm accounts. Right now, anyone with an account can confirm, but
> under ConfirmAccount we'll have to designate and cultivate
> Bureaucrats, yes?
Assuming someone knows they could create one.  I didn't know I could 
create accounts until today.  I assumed it was limited to wiki admin's. 
Then again I never checked.

Thanks
Robert
>
> - - Karsten
> - -- 
> Karsten 'quaid' Wade, Sr. Analyst - Community Growth
> http://community.redhat.com .^\ http://TheOpenSourceWay.org
> @quaid (identi.ca/twitter/IRC) \v. gpg: AD0E0C41
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iD8DBQFP82Tb2ZIOBq0ODEERAsoBAJ41ZFmdA6L434yiAnwPPRDycp0jwwCfUE6y
> WcaCCp2a6YyK4o6XGU46Vew=
> =pGmu
> -----END PGP SIGNATURE-----
> _______________________________________________
> Infra mailing list
> Infra at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/infra