Op Dinsdag 10-07-2007 om 18:22 uur [tijdzone +0300], schreef Mikelis Zalais: > Hi! >
Hi Mikelis > How would I secure my Pootle translation project from vandals? > > Should I manualy give "translate" permission to all the people I > trust and leave the default user with only "suggest" permission? Or > can I somehow register or activate only people I trust? What is the > suggested practice in these cases? > We changed the default permissions a few versions ago to not allow translating (but to allow suggestions). It will differ for different projects. I would say you should do an assessment of your goals and risks: if you want to invite as many people as possible and really build your team of translators, I would say you can reasonably safely enable translation for all registered users. Currently most teams on the WordForge Pootle server allow any registered user to translate (I have disabled that for some teams on request). This might mean that you want to build a separate review phase in, where you can change the rights to only allow certain trusted users to make changes. I usually review the differences when I commit the translations. There has only occasionally been vandalism, and I would say we probably have quite a busy server. If you experience vandalism, or you perceive bad translations as a big risk, you can enable users individually. Of course, this puts more of an administrative burden on the server administrator, but as soon as the language administrator for a project is found and appointed, this work can be delegated. There is no single rule to determine the best approach. If you are setting up a new server without existing translators and teams, I would simply enable translation rights while you find out who you can trust. Inspecting the quality checks can already give you _some_ indication even for languages that you can't read. If you have existing teams that might not want to move to Pootle or they feel weary of quality with a web based translation system, you can perhaps change the permissions for those languages only, while allowing more open access for the teams where you are still looking for translators. I would also like to hear if somebody has a different opinion. > What does "Compile PO file" permission mean? > > thanks, > Mik This permission determines whether somebody is allowed to build the binary .mo file of the translation. Pootle also has the functionality to build an SDF file from an OpenOffice.org translation project, and this can be _very_ resource intensive, so limiting the users that can allow this is necessary in such a case. For normal gettext projects it shouldn't be a problem to allow people to compile the PO file to .mo files. If you are translating a non-gettext project with PO files (or something like documentation where no .mo file can be used anywhere) you might want to disable it simply to avoid confusion for users. I hope this helps :-) Friedel ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Translate-pootle mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/translate-pootle
