On Jul 11, 2011, at 8:11 AM, Ferenc Kovacs wrote: > On Mon, Jul 11, 2011 at 1:00 PM, Hannes Magnusson > <hannes.magnus...@gmail.com> wrote: >> On Mon, Jul 11, 2011 at 12:48, Ferenc Kovacs <tyr...@gmail.com> wrote: >>> On Mon, Jul 11, 2011 at 12:18 PM, Ferenc Kovacs <tyr...@gmail.com> wrote: >>>> On Mon, Jul 11, 2011 at 12:07 PM, Hannes Magnusson >>>> <hannes.magnus...@gmail.com> wrote: >>>>> On Mon, Jul 11, 2011 at 12:03, Hannes Magnusson >>>>> <hannes.magnus...@gmail.com> wrote: >>>>>> It is very hard to detect which "php group" a person belongs to, our >>>>>> karma system doesn't work like that. >>>>>> >>>>>> We can easily detect if an account is an php.net SVN account though. >>>>>> And the wiki can tell you if a person has write access to that specific >>>>>> page. >>>>>> >>>>>> Most external users have assigned "write" groups, "qa", "rfc", "web". >>>>>> These are the people who have requested access to these areas. >>>>>> >>>>>> I was under the impression the vote plugin respected the write >>>>>> permission acl to that page, so a user would need to have write karma >>>>>> to that namespace to be able to vote. >>>>>> Does it have no builtin functionality like that? >>>>> >>>>> Answering my own question; No, it doesn't. >>>>> http://www.dokuwiki.org/plugin:doodle2#authentication >>>>> >>>>> -Hannes >>>>> >>>> >>>> I checked the source, if the permissions are set correctly, then the >>>> required code change is minimal: >>>> in the php-wiki/dokuwiki/lib/plugins/doodle/syntax.php file we have to >>>> modify the render and castVote methods to check >>>> $this->isAllowedToEditEntry($fullname) and thats it. >>>> >>>> >>>> -- >>>> Ferenc Kovács >>>> @Tyr43l - http://tyrael.hu >>>> >>> >>> of course the explicit group checking would be better, because >>> currently we have votes under rfc namespace where some users have >>> write access as they proposed/wanted to propose some rfc but they >>> shouldn't . >> >> >> I think we should be able to differentiate the voters manually this time. >> But implementing those voting RFC rules before next time would be ideal. >> >> -Hannes >> > > after some discussion on irc, we agreed that for a quick fix for the > wiki we should only allow voting for the following groups: > - phpcvs : this is a fake group, every @php.net user is part of it. > - voting: this group isn't exists yet AFAIK, we should add everybody > to this who are allowed to vote, bu don't have svn account. > > my patch is on gist: https://gist.github.com/1076035 > if you think its fine, it could be commited, I don't have karma for the wiki. > > ps: I also allowed the wiki admins to access the voting features just in case.
Greetings, I didn't test it, but made the commit. What can go wrong? :) Also, I'm not sure how often the wiki pulls from SVN. And people have expressed different interpretations of the voting RFC regarding "who can vote" so I suspect this overall topic will persist.... However, the above changes have been made that hopefully fixes this bug. Regards, Philip -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
