Newsgroups: php.internals,php.webmaster
Path: news.php.net
Xref: news.php.net php.internals:53876 php.webmaster:11566
Return-Path: <tyra3l@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 93553 invoked from network); 11 Jul 2011 15:11:38 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 11 Jul 2011 15:11:38 -0000
Authentication-Results: pb1.pair.com smtp.mail=tyra3l@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=tyra3l@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.160.170 as permitted sender)
X-PHP-List-Original-Sender: tyra3l@gmail.com
X-Host-Fingerprint: 209.85.160.170 mail-gy0-f170.google.com  
Received: from [209.85.160.170] ([209.85.160.170:33922] helo=mail-gy0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 12/13-09103-7A21B1E4 for <internals@lists.php.net>; Mon, 11 Jul 2011 11:11:35 -0400
Received: by gyb13 with SMTP id 13so1734873gyb.29
        for <multiple recipients>; Mon, 11 Jul 2011 08:11:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type:content-transfer-encoding;
        bh=tSYbE+zQtuUhkpi4WR5kaoBCJ/F5n5K5GxFcxf15R3w=;
        b=AWXVbUF+NWOnc4HzgUKpS8nJUajnCmrxqgAsM5QT44vXIdDhixNeEAHqq6XYxSm/Q7
         vsamM+sAalgB5m0NW4Ei4OgRdZCr/glLNWEiOr1CYP0K1dXrXHL1jPx8dLWOmmE+EPs9
         6nR9Y7esZtdp24eduDxJPimJw6Pc2E4rCobOE=
MIME-Version: 1.0
Received: by 10.151.130.7 with SMTP id h7mr4000451ybn.366.1310397092655; Mon,
 11 Jul 2011 08:11:32 -0700 (PDT)
Received: by 10.147.38.17 with HTTP; Mon, 11 Jul 2011 08:11:32 -0700 (PDT)
In-Reply-To: <CADNQb0UmSPQPNrVCUe=inb5nGP4kBogZJV49iuP16dox0Fgg0w@mail.gmail.com>
References: <CAH-PCH40muSZ-9DAXVcRMC0gjQH2b1=CRmcBeL315jFZAwOs2g@mail.gmail.com>
	<4E1AB83A.6060801@sugarcrm.com>
	<CADNQb0Vg6vPg0k0YJ_23_VGfzSiQ70D2_ghJ-ke-SHnazaSa4w@mail.gmail.com>
	<CAEZPtU44LjWusp-+KWhaN50bmVLaAHXmttxOfFy=kyQAyp1Z0Q@mail.gmail.com>
	<CAEZPtU5AZ=14unupawXnwiB0gPYxoLwOFzj-LVHKF4qF+QaZfw@mail.gmail.com>
	<CADNQb0USw0y1jgnWWPkw8H+v73FQ_5HE815qAjBMA-gQ26J2GQ@mail.gmail.com>
	<CADNQb0W6zQTAnf_mwpbo-vLK5bUEzY5UwP_JxYZJvPDO62aAmQ@mail.gmail.com>
	<CAH-PCH4d+qJ35gvSFYGVaoTMSN0jLyAh1+tyLcNZKvBKdMujRg@mail.gmail.com>
	<CAH-PCH5pHJNpYJYZro0yM5xU+LiF=0yVVz1e2muyzgWVfoVAqg@mail.gmail.com>
	<CADNQb0UmSPQPNrVCUe=inb5nGP4kBogZJV49iuP16dox0Fgg0w@mail.gmail.com>
Date: Mon, 11 Jul 2011 17:11:32 +0200
Message-ID: <CAH-PCH5Fu_3HGVDnrA1+t0TrTkquR801SvGK6f+mKwL+6vgeSA@mail.gmail.com>
To: Hannes Magnusson <hannes.magnusson@gmail.com>
Cc: Pierre Joye <pierre.php@gmail.com>, Stas Malyshev <smalyshev@sugarcrm.com>, 
	php-webmaster <php-webmaster@lists.php.net>, PHP Internals <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] sudden spike in wiki registrations
From: tyra3l@gmail.com (Ferenc Kovacs)

On Mon, Jul 11, 2011 at 1:00 PM, Hannes Magnusson
<hannes.magnusson@gmail.com> wrote:
> On Mon, Jul 11, 2011 at 12:48, Ferenc Kovacs <tyra3l@gmail.com> wrote:
>> On Mon, Jul 11, 2011 at 12:18 PM, Ferenc Kovacs <tyra3l@gmail.com> wrote=
:
>>> On Mon, Jul 11, 2011 at 12:07 PM, Hannes Magnusson
>>> <hannes.magnusson@gmail.com> wrote:
>>>> On Mon, Jul 11, 2011 at 12:03, Hannes Magnusson
>>>> <hannes.magnusson@gmail.com> wrote:
>>>>> It is very hard to detect which "php group" a person belongs to, our
>>>>> karma system doesn't work like that.
>>>>>
>>>>> We can easily detect if an account is an php.net SVN account though.
>>>>> And the wiki can tell you if a person has write access to that specif=
ic page.
>>>>>
>>>>> Most external users have assigned "write" groups, "qa", "rfc", "web".
>>>>> These are the people who have requested access to these areas.
>>>>>
>>>>> I was under the impression the vote plugin respected the write
>>>>> permission acl to that page, so a user would need to have write karma
>>>>> to that namespace to be able to vote.
>>>>> Does it have no builtin functionality like that?
>>>>
>>>> Answering my own question; No, it doesn't.
>>>> http://www.dokuwiki.org/plugin:doodle2#authentication
>>>>
>>>> -Hannes
>>>>
>>>
>>> I checked the source, if the permissions are set correctly, then the
>>> required code change is minimal:
>>> in the php-wiki/dokuwiki/lib/plugins/doodle/syntax.php file we have to
>>> modify the render and castVote methods to check
>>> $this->isAllowedToEditEntry($fullname) and thats it.
>>>
>>>
>>> --
>>> Ferenc Kov=C3=A1cs
>>> @Tyr43l - http://tyrael.hu
>>>
>>
>> of course the explicit group checking would be better, because
>> currently we have votes under rfc namespace where some users have
>> write access as they proposed/wanted to propose some rfc but they
>> shouldn't .
>
>
> I think we should be able to differentiate the voters manually this time.
> But implementing those voting RFC rules before next time would be ideal.
>
> -Hannes
>

after some discussion on irc, we agreed that for a quick fix for the
wiki we should only allow voting for the following groups:
- phpcvs : this is a fake group, every @php.net user is part of it.
- voting: this group isn't exists yet AFAIK, we should add everybody
to this who are allowed to vote, bu don't have svn account.

my patch is on gist: https://gist.github.com/1076035
if you think its fine, it could be commited, I don't have karma for the wik=
i.

ps: I also allowed the wiki admins to access the voting features just in ca=
se.

--=20
Ferenc Kov=C3=A1cs
@Tyr43l - http://tyrael.hu