Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorship & Access List #503

Open
29 of 37 tasks
edemaine opened this issue Jan 6, 2021 · 0 comments
Open
29 of 37 tasks

Authorship & Access List #503

edemaine opened this issue Jan 6, 2021 · 0 comments
Labels
enhancement major
Milestone
6.851

Comments

@edemaine
Copy link
Owner

edemaine commented Jan 6, 2021
edited

Redesign for access control (with significant input from dev team including Yevhenii, Alice, Ankur, Dylan, Marty):

  • authors mapping remains the ground truth of edits as reflected in history of edits, so recomputeAuthors will still do the right thing: map each user that is among the updators of some edit to the last updated date among these edits. (This makes backward compatibility easier, and makes it easy to remove and then re-add an author (e.g. accidental removal) without having to dive back into history.)
  • Every message has a coauthors list/array (like current authors, but no longer necessarily corresponding to diff sequence).
    • Being on this list implies full message access (like authors used to), regardless of flags.
    • Existing authors and @mentions will be converted into this during bootstrap process.
      • ...and bootstrap updates to coauthors tracking throughout history
    • New authors are also added to coauthors (via $addToSet).
    • Changes to coauthors should be tracked in diffs, and reported (as adds/removes) in notifications, just like @mentions would have been. This will encourage good behavior.
      • Perhaps special notification if you've been added or removed from authorship on a message by other people (i.e. by an edit that wasn't yours).
    • (Multikey) MongoDB index (Efficient access detection #149). Actually, unclear how an index would help here, except for author view, but is that worth optimizing? Likely being replaced by a search view.
    • authors no longer gives permission (replaced by coauthors)
    • @mentions no longer give permission!
    • @mentions no longer important in statistics view (at least with respect to zeroes -- but still might be interesting to draw)
    • @mentions no longer seem important for bottom message summary (next to coauthor count) -- remove? Or perhaps replace with links to @mentions to yourself?
    • Update MessageAuthor to show coauthors that haven't made explicit edits in history (Condense editor list #393)
  • In editing mode, at bottom, have boxed author list, and add a "+ Author" button or box
  • Authors have remove button, similar to tags. Useful for fixing mistakes (e.g. student edits an accidentally non-protected post and gains authorship, but see Protected/locked/restricted flag for messages #507).
    • Should have confirmation dialog / be inside the user hover (via click to popup instead of hover): UserLink popups #510
    • Superuser can remove any authorship
    • Allow people to remove their own authorship even if they edited (e.g. when fixing a typo, though don't necessary encourage this behavior as it's kinda micro-managing authorship).
    • Allow people to remove other coauthors that aren't authors (i.e. didn't literally edit the message). This lets scribes who accidentally added the wrong coauthor fix their mistake. Notifications about changes should encourage the right behavior.
    • This is where coauthors list can deviate from authors list, and why we don't want to give authors permission anymore (replacing with coauthors).
  • Maybe an Action / Coauthor button so spectators can easily add themselves to the coauthor list without entering editing mode, entering their name, and exiting editing mode?
  • Should there be an Action / Uncoauthor? (with similar confirmation dialog) No, terrible name, and seems like a rare action; if you need to fix a mistake, fine to go into Edit mode and remove your name there.
  • Every message has an access list/array.
    • Being on this list implies message access unless message is unpublished or deleted. This is effectively useless for public messages, but useful for private messages.
    • Should indicate access isn't effective for unpublished or deleted messages in access list UI.
    • Should be visible in message view, not just editing view.
    • (Multikey) MongoDB index (Efficient access detection #149). Actually, unclear how an index would help here...
    • New line in statistics view?
  • In editing mode of private message (or message with nonempty access list?), add another line of "The following people can also access the message:" [or will be able to once published/undeleted] with differently colored boxes or something.
  • Private messages get Reply All button which makes a reply with access list = parent's access list union parent's author list (but not synchronized). This makes it easy to have back-and-forth private discussions. Replaces Inherit permissions from parent #475.
  • ?? Reply None (or Reply to...), or Reply to Staff, or Reply to Authors with less permissions
  • Probably should be able to post private reply to a private message you're given access to, if you can see the private message (independent of thread permissions) -- or is this already the case? Yes, we already inherit from the parent; only forced by the root when the root says "private only".
  • @mentions should give suggestions for adding as author (if message is public or private) or access (if message is private). Usually you want a mentioned person to read the message you're mentioning them in, so this will help fix that error, but sometimes you don't, so it will also not force it.
  • Allow superusers to add non-group-members / arbitrary username strings in UserInput? This was possible with @mentions, but now it isn't possible. Superuser case is useful for prewriting a set of problems before inviting everyone to a group.
    • Should we allow anyone to do so too? Relevant in a write-only group (WriteOnly demo explicitly mentions you can add people via @mention), and I guess for users with global read access (but that seems less important).
  • Add hover help to "Coauthors" and "Additional access"
  • Maybe History view should show "shadow" edits: edits that are logged in authors but not coauthors
  • Perhaps disable removal of creator's authorship, except by superuser
  • Removing yourself as an author should also stop you from editing the message
  • Shouldn't show access list when message isn't private. (It's fine that the access list gets remembered in case it gets made private again, but it's weird to see "by ...; access to ..." in a public message.)
  • Unpublished private messages should maybe have "eventual access to" even when not in editing mode, so you know what will happen after "Action / Publish".

Replaces #177, #475, #149, #393
@edemaine edemaine modified the milestones: 6.849, 6.851 Jan 6, 2021
@edemaine edemaine mentioned this issue Jan 13, 2021
Closed
@edemaine edemaine changed the title Authorship Authorship & Access List Jan 13, 2021
@edemaine edemaine added the major label Jan 17, 2021
This was referenced Jan 17, 2021
Closed
Closed
Open
edemaine added a commit that referenced this issue Jan 21, 2021
@edemaine
Authorship & Access List major revamp (#503)
4ed4aca 
See #503 for lots about the new model: coauthors (vs. authors = actual
edits to the message) and access list replacing @mention permission.

Client: lots of changes especially when editing
* BelowEditor shows Coauthors always, and Access in private messages
  (and messages that somehow have Access set, e.g. formerly private)
* Input via react-bootstrap-typeahead
* History view shows authors that aren't coauthors (via 'also')
* Access shows suggestions for @mentions
* Reply All from private messages inherit accessibility from parent
* Action / Coauthor for quick way to add yourself as a coauthor
* More compact MessageAuthor formatting (fix #393)
* `text-help` class to indicate hoverable help

Lib: revamped permissions
* @mentions no longer grant any permissions (but bootstrap old data)
  -- no more regular expressions in standard queries!
* Coauthorship grants explicit read/write access in all cases
* Access list grants explicit read access if published and not deleted
* Fix `addRootsToQuery` to not add roots that the user didn't have
  access to (known but forgotten permissions bug), by $and'ing on
  permission query again.  We really only needed this when accessing
  the global group (which we now do via `maybeAddRootsToQuery`),
  so not a big performance impact most of the time.
* Live view now works in global group
* Fix `canEdit` to check visibility of message too; before, you could
  edit a message if you knew its ID even if it was e.g. private
  (and you had group-wide edit permission).  This would make you an
  author, which would let you see secret messages given their IDs.
* messageNew now correctly fails if specified parent doesn't exist.
* Notifications for changes to coauthors and access
* Import bug fix and support for `coauthors`
@edemaine edemaine removed the priority label Jan 21, 2021
edemaine added a commit that referenced this issue Jan 23, 2021
@edemaine
Statistics port to coauthors and React (#487, #503)
9707e8b 
* No longer care about @mentioned messages, so removed that dropdown.
* Also fix inconsistencies about deleted and unpublished messages
  being included (shouldn't have been).
This was referenced Jan 23, 2021
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement major
Projects
None yet
Milestone
6.851
Development

No branches or pull requests
1 participant
@edemaine