There seems to be some concern around our current policy of not allowing anonymous users to report issues, and especially not allowing registered users to report/edit/comment on tickets by default.
We've had several people speak out in favour of changing this, arguing it would be for the best of the community. As a first step I propose that we give all registered users the editor_group permissions: TICKET_CREATE TICKET_EDIT_DESCRIPTION TICKET_MODIFY (which implies commenting permissions) WIKI_CREATE WIKI_MODIFY This would be done immediately and before implementing http://trac.edgewall.org/wiki/SpamFilter or similar unless someone volunteers to do so soon. Any objections? Cheers, Joe On 16 April 2013 17:17, Olemis Lang <[email protected]> wrote: > On 4/16/13, Joachim Dreimann <[email protected]> wrote: > > On 16 April 2013 16:34, Ryan Ollos <[email protected]> wrote: > >> On Thu, Apr 11, 2013 at 9:01 AM, Joachim Dreimann < > >> [email protected]> wrote: > >> > [...] > >> > >> Yes, I think that we should be concerned that our barrier to posting an > >> issue or other contribution may be too high at the moment. If I came to > >> the > >> site and couldn't immediately register and create a ticket, I may go > away > >> and never report the issue. > >> > > > > I am very concerned by this and would probably do the same as you. In > fact > > I may not even bother to register. If registration is required I usually > > look for a project twitter account and send them a tweet reporting the > bug. > > > > I second that . I've been concerned about this for a long while . In > my real life connected experience > > 1. I do not fill sign up forms in web sites . That's what > OpenId is for . Bloodhound has been the exception > since many years ago . > 2. Forbid users to send us bug reports is something I > do not understand . The way I see it users are contributing > back to us . That makes no sense to me . IMO authenticated > users should be granted with permissions to > interact with the i.a.o/bh web site . > > > If they reply to me with something like "Thanks, but we won't take action > > unless you resubmit via our website after registration" I know they value > > process over action and will avoid dealing with them in future. > > > > Definitely sure . Besides *they* are deliberately wasting your time > ... I'd rather send them a message saying «welcome to the new open web > fellows» > > > > >> > >> I'll look into what we might do and propose some additional suggestions > >> as > >> part of the work on #503. > >> > >> The guys who setup trac-hacks felt that registration was even too high > of > >> a > >> barrier, so it's possible to create an anonymous ticket on that site. > >> That > >> comes with other problems that I won't go into here, but I'll just say > >> that > >> spam is not a significant problem on trac-hacks.org, even though we are > >> still running a very old version of SpamFilterPlugin. I monitor the RSS > >> feed for both trac-hacks.org and trac.edgewall.org and see only a dozen > >> or > >> so instances of spam per week on each site; sometimes more, sometimes > >> none. > >> Cleaning up the spam on the former doesn't take up much of my time - I > >> just > >> spend a few minutes reviewing the RSS feed each morning and delete any > >> spam > >> that has come through. > >> > > > > I also review ticket changes / user registrations for spam. I haven't > seen > > any evidence of it in significant numbers. That includes spam > registrations > > that our current system doesn't prevent. > > > > I would grant every new registration permissions to create and comment on > > tickets by default and try to catch out bots using some basic techniques > > that users would never see (ie no captcha). > > > > fwiw + > right now it's incredibly important for us to attract user interest > than dealing with «non-significant» spamming threats . > > -- > Regards, > > Olemis. > -- Joe Dreimann | *User Experience Designer* | WANdisco<http://www.wandisco.com/> @jdreimann <https://twitter.com/jdreimann> * * *Join one of our free daily demo sessions on* *Scaling Subversion for the Enterprise <http://www.wandisco.com/training/webinars>* THIS MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL, PROPRIETARY, AND MAY BE PRIVILEGED. If this message was misdirected, WANdisco, Inc. and its subsidiaries, ("WANdisco") does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of WANdisco, unless the author is authorized by WANdisco to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by WANdisco. Although WANdisco operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
