Change registrations to be disabled by default for new servers

[ClearlyClaire]

Existing servers which have never changed from the defaults will have closed registrations on update.

This also adds a short notice instructing admins to set up a moderation team before opening registrations.

[ClearlyClaire]

Of note, this version of the PR will possibly turn registrations off for existing servers who have been running with open registrations. This is arguably a surprising change, and possibly an unwelcome one. Should we write it so that servers currently running on default settings are kept to open registrations?

EDIT: Changed to switch to open registrations if no setting has been saved to the database. Note that I'm not still 100% sure that's what we want, and also this would open registrations for instances which have disabled registrations by editing config/settings.yml rather than through the admin interface (I don't think there are a lot, but I'm sure they exist).

EDIT2: added a comment in config/settings.yml to get the attention of anyone who would have overridden this

[hatclub]

Of note, this version of the PR will possibly turn registrations off for existing servers who have been running with open registrations. This is arguably a surprising change, and possibly an unwelcome one. Should we write it so that servers currently running on default settings are kept to open registrations?

EDIT: Changed to switch to open registrations if no setting has been saved to the database. Note that I'm not still 100% sure that's what we want, and also this would open registrations for instances which have disabled registrations by editing config/settings.yml rather than through the admin interface (I don't think there are a lot, but I'm sure they exist).

EDIT2: added a comment in config/settings.yml to get the attention of anyone who would have overridden this

Is it not better that it defaults to closed where there is no obviously explicit preference and there's a note in the changelogs to prompt people to check and re-open if they really want it to still be wide open?

I get the desire to avoid "creating work" for a larger group of admins but otoh it feels like defaulting to secure is better than risking even one instance inadvertently opening (spam, financial cost, instances filling disks and breaking, etc), and will ensure people who aren't paying attention or don't understand what the change means end up with a closed instance which is probably better for everyone?

[vmstan]

Of note, this version of the PR will possibly turn registrations off for existing servers who have been running with open registrations. This is arguably a surprising change, and possibly an unwelcome one. Should we write it so that servers currently running on default settings are kept to open registrations?

EDIT: Changed to switch to open registrations if no setting has been saved to the database. Note that I'm not still 100% sure that's what we want, and also this would open registrations for instances which have disabled registrations by editing config/settings.yml rather than through the admin interface (I don't think there are a lot, but I'm sure they exist).

EDIT2: added a comment in config/settings.yml to get the attention of anyone who would have overridden this

I'm confused why we would switch people to open after the update that changes the default for new installs to closed, or do I misunderstand what happens. If there was no setting in the database it would have already been open, and we're just preserving that?

[ThisIsMissEm]

I'd definitely like to see closed by default or approval by default — if this temporarily affects admins during upgrade, if they upgrade, then they can always change to open or approval based registration.

We could also do a notice in the admin dashboard if no option is stored in the database maybe?

[ClearlyClaire]

If there was no setting in the database it would have already been open, and we're just preserving that?

That is what this migration does!

[hatclub]

If there was no setting in the database it would have already been open, and we're just preserving that?

That is what this migration does!

Unless they had previously edited settings.yml to close it rather than setting it in the DB, right?

I do not think risking opening registrations for any admin who consciously closed them, vs closing them for admins who never indicated an explicit preference to opt in to open registrations, is better?

[ClearlyClaire]

Unless they had previously edited settings.yml to close it rather than setting it in the DB, right?

In this case, the admin would face a merge conflict, and the line where this has been changed has a comment explicitly calling out the migration.

[ClearlyClaire]

Changed to remove the migration and not preserve the setting if it has never been changed from the default (that is, existing instances that are open by virtue of not having changed the default setting, will have closed registrations on update).

[ThisIsMissEm]

@ClearlyClaire could we actually change this such that open registration isn't even an option if moderator count is less than say 3 mods?

[ClearlyClaire]

@ClearlyClaire could we actually change this such that open registration isn't even an option if moderator count is less than say 3 mods?

I'm not very comfortable with this idea, as open registrations may mean a lot of different things based on e.g. EMAIL_DOMAIN_ALLOWLIST. I don't want to rush a change with such an arbitrary restriction.

[ThisIsMissEm]

@ClearlyClaire could we actually change this such that open registration isn't even an option if moderator count is less than say 3 mods?

I'm not very comfortable with this idea, as open registrations may mean a lot of different things based on e.g. EMAIL_DOMAIN_ALLOWLIST. I don't want to rush a change with such an arbitrary restriction.

Perhaps we should split this off into a separate issue discussion?

[Saiv46]

LGTM, admin panel would need overhaul anyway