I'm hoping for some feedback a MR I submitted for hyperkitty a few days
My initial goal was just to make it possible to hide private lists from the
index for users who don't have access. However I expanded the scope a bit
to also show private lists when sorting by popularity and activity IF the
user is subscribed (currently all private lists are hidden from those views
for all users).
In the MR the behavior is enabled via a Django setting and is off by
default. This mostly preserves the existing behavior, except I did make it
such that superusers always see all lists. It occurred to me though that it
may be desirable to have the "new" behavior be the default from a user
experience perspective. Anyway, I just wanted to get some feedback on the
approach as this is my first MR against mailman.
Someone has asked me about some adjustments mailman 2 related to what they think
they have to do for GDPR compliance.
One is to add some checkbox stuff to agree at subscription time that
you understand what info you're providing. I expect this could be
spliced in the same way CAPTCHAs are.
Another is to provide different views of what lists exist depending on
what IP address you're connecting from, so internal lists are only
visible on the internal network.
Has anyone done stuff like this? I think they're running 2.15,
probably possible to update to more recent versions of 2.x but 3.x is
not in the cards.
PS: I am definitely not looking for arguments about whether the GDPR
needs this. It's their money, they get to say what they want.