-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bogus "projects I'm involved with" for short/simple user names #837
Comments
Note that the footer on the profile page says:
The first sentence is clearly not true. |
Pinging @BWPanda for comment? |
I believe there was talk about making this link to the GitHub Username field instead, but that hasn't happened yet. |
This applies to opi also - see https://backdropcms.org/account/opi - perhaps it shouldn't just look for the username as a string but as part of the url? Looking for
As @bugfolder pointed out, if someone's profile page says the individual is responsible but that is not true, then Backdrop CMS is providing misleading information, and could damage the reputation of someone by suggesting that they intentionally listed projects that they haven't been involved with.
Looks like it is there now: backdropcms.org/www/modules/custom/borg_profile/borg_profile.module Lines 16 to 29 in 344d6a4
If it was this instead, would that work? // Get the user's GitHub username from their GitHub social field (if set).
if (!empty($user->field_social)) {
$github_url = '';
foreach ($user->field_social[$user->langcode] as $service) {
if ($service['service'] == 'github') {
$github_url = $service['url'];
break;
}
}
if (!empty($github_url)) {
$username = $github_url;
} |
…ort/simple user names
Almost. We should include users whether they used http:// or https:// for their GH URL, so the attached PR strips off the protocol (i.e., it matches on "github.com/username"). Looks like it works with that change. |
Great stuff @bugfolder - I don't have anything setup to test, but what you've described sounds right and matches what is in the PR |
I realize that's still not ideal. To use the example above, |
So should only be a problem if they start contributing or are credited using their github user for a Drupal project or an embedded library. The only way around that would be to try to search for the name but only if followed by a space (it has been put as a plain url not behind text) or closing bracket - either it is in a markdown link or as a standalone address in brackets; I don't know if that is feasible? I still think what you've got is a massive improvement on what is currently there so if what I've suggested would be too complex then we should go with what you've done. |
Perhaps we should remove the list as it is now, and revisit a safer way to add this list. What about an entity-reference field (to project nodes), that is editable by the user? We could provide default values for the field -- maybe only on the edit form? Or maybe we can add a button on the edit form that would "search for relevant projects" to generate the default values? (using the same method as above) We knew that scanning the README file would be problematic, but I thought we would mainly be missing some projects (which seemed like an acceptable risk), rather than adding lots of projects, which seems ickier, somehow. |
I think I've found a safer way. The GH URL is used as the destination of a link, and the body field is rendered HTML. So they're always going to show up as A little local testing and it seems to work on the few accounts I've spot-checked. How about I go ahead and merge the (updated) PR, then folks can do more extensive checking, and if we're still finding bogosities, we can still remove the block. Incidentally, we could also change the footer to say
|
Or we could leave it at "Backdrop CMS is not responsible for, and does not guarantee the accuracy of this information." and lave it at that :D |
Yes please.
I love that word; I'm going to have to find way to use it in everyday conversation! |
Issue #837: Fix bogus "projects I'm involved with" for short/simple user names
Change is committed and deployed, footer updated (slightly reworded for streamlined readability). |
Thanks @bugfolder - seems to work well for the case mentioned above |
Issue #704 introduced a listing of "Projects I am/have been involved with" in user profiles, which is constructed by filtering projects based on whether their Body field contains the username.
The problem is that short/simple user names can lead to unintentionally long listings of projects. This came up when I noticed a user had a really long list of projects in their profile and I queried the user about some of them.
To avoid putting a real user's account in this bug report, I've created a demo user on the site whose account page is https://backdropcms.org/account/the. It's pretty clear why this user has been "involved" in so many projects.
The text was updated successfully, but these errors were encountered: