[Phpmyadmin-devel] Access control for the error reporting server
dieter.adriaenssens at gmail.com
Sun Jul 21 13:16:30 CEST 2013
2013/7/21 Mohamed Ashraf <mohamed.ashraf.213 at gmail.com>:
> On Sun, Jul 21, 2013 at 11:36 AM, Dieter Adriaenssens
> <dieter.adriaenssens at gmail.com> wrote:
>> 2013/7/19 Mohamed Ashraf <mohamed.ashraf.213 at gmail.com>:
>>> On Mon, Jul 15, 2013 at 11:20 AM, Michal Čihař <michal at cihar.com> wrote:
>>>> Dne Thu, 11 Jul 2013 18:45:03 +0200
>>>> Mohamed Ashraf <mohamed.ashraf.213 at gmail.com> napsal(a):
>>>>> There are three levels of users that I can differentiate between in
>>>>> the error reporting system
>>>>> 1- A non logged in user
>>>>> 2- logged in user that does not have commit access to the phpmyadmin repo
>>>>> 3- logged in user with commit access to the phpmyadmin repo
>>>>> The system has a range of actions from viewing of error reports
>>>>> listing, full error reports to creating tickets on the error reporting
>>>>> system as well as changing the status of the report.
>>>>> do you need something to be for some privileged users or do you think
>>>>> that anyone should be able to do anything. should I require a login at
>>>>> any point or is there no use
>>>> The error report should not contain anything private, so I'd go with
>>>> completely open access. Something like http://oops.kernel.org/
>>> do you want complete access to submit reports to the sourceforge
>>> ticket system as well as changing the report status as well as marking
>>> reports as related.
>> I'd say yes here, following Michal's example of kernel bugs.
>> I'm a bit reluctant regarding the submission into the soruceforge
>> tracker, as it might get flooded, if people start pushing their error
>> reports without checking if they are related/identical to other
> we can use github authentication so as to add a small barrier to this
> step. The user doesn't need to have commit access but just have some
> login credentials with github. we will use his public github profile
> info to get his name so it may help us with logging who did the
> submission into sourceforge.
Seems fine. Having the sourceforge account would be better, but
mapping the the github account with the sourceforge account will be
very difficult, if not impossible.
More information about the Developers