[Phpmyadmin-devel] Access control for the error reporting server
Mohamed Ashraf
mohamed.ashraf.213 at gmail.com
Sun Jul 21 13:41:52 CEST 2013
On Sun, Jul 21, 2013 at 1:16 PM, Dieter Adriaenssens
<dieter.adriaenssens at gmail.com> wrote:
> 2013/7/21 Mohamed Ashraf <mohamed.ashraf.213 at gmail.com>:
>> On Sun, Jul 21, 2013 at 11:36 AM, Dieter Adriaenssens
>> <dieter.adriaenssens at gmail.com> wrote:
>>> 2013/7/19 Mohamed Ashraf <mohamed.ashraf.213 at gmail.com>:
>>>> On Mon, Jul 15, 2013 at 11:20 AM, Michal Čihař <michal at cihar.com> wrote:
>>>>> Hi
>>>>>
>>>>> Dne Thu, 11 Jul 2013 18:45:03 +0200
>>>>> Mohamed Ashraf <mohamed.ashraf.213 at gmail.com> napsal(a):
>>>>>
>>>>>> There are three levels of users that I can differentiate between in
>>>>>> the error reporting system
>>>>>> 1- A non logged in user
>>>>>> 2- logged in user that does not have commit access to the phpmyadmin repo
>>>>>> 3- logged in user with commit access to the phpmyadmin repo
>>>>>>
>>>>>> The system has a range of actions from viewing of error reports
>>>>>> listing, full error reports to creating tickets on the error reporting
>>>>>> system as well as changing the status of the report.
>>>>>>
>>>>>> do you need something to be for some privileged users or do you think
>>>>>> that anyone should be able to do anything. should I require a login at
>>>>>> any point or is there no use
>>>>>
>>>>> The error report should not contain anything private, so I'd go with
>>>>> completely open access. Something like http://oops.kernel.org/
>>>>
>>>> do you want complete access to submit reports to the sourceforge
>>>> ticket system as well as changing the report status as well as marking
>>>> reports as related.
>>>
>>> I'd say yes here, following Michal's example of kernel bugs.
>>> I'm a bit reluctant regarding the submission into the soruceforge
>>> tracker, as it might get flooded, if people start pushing their error
>>> reports without checking if they are related/identical to other
>>> reports.
>> we can use github authentication so as to add a small barrier to this
>> step. The user doesn't need to have commit access but just have some
>> login credentials with github. we will use his public github profile
>> info to get his name so it may help us with logging who did the
>> submission into sourceforge.
>
> Seems fine. Having the sourceforge account would be better, but
> mapping the the github account with the sourceforge account will be
> very difficult, if not impossible.
why would it be better to check for a sourceforge account rather than
a github account.
>
>
> --
> Kind regards,
>
> Dieter Adriaenssens
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Phpmyadmin-devel mailing list
> Phpmyadmin-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
--
Mohamed Ashraf
More information about the Developers
mailing list