[Python-Dev] Summary of Tracker Issues

skip at pobox.com skip at pobox.com
Tue May 15 16:07:38 CEST 2007

    >> On Mon, May 14, 2007, "Martin v. L?wis" wrote:
    >>> Skip(?):
    >>>> In the meantime (thinking out loud here), would it be possible to
    >>>> keep search engines from seeing a submission or an edit until a
    >>>> trusted person has had a chance to approve it?
    >>> It would be possible, but I would strongly oppose it. A bug tracker
    >>> where postings need to be approved is just unacceptable.
    >> Could you expand this, please?  It sounds like Skip is just talking
    >> about a dynamic robots.txt, essentially.  Anyone coming in to the
    >> tracker itself should still see everything.

    Martin> I must have misunderstood Skip then - I thought he had a scheme
    Martin> in mind where an editor would have approve postings before they
    Martin> become visible to tracker users; the tracker itself cannot
    Martin> distinguish between a search engine and a regular (anonymous)
    Martin> user.

Okay, let me expand. ;-)

I didn't mean do dynamically update robots.txt.  I meant to modify
Roundup to restrict view of items which have not yet been explicitly
or implicitly approved.

I envision three classes of users:

    1. People with no special credentials (I include anonymous users
    such as search engine spiders in this class)

    2. Tracker admins (Erik, Aahz, Martin, me, etc)

    3. Other trusted users (include admins in this group - they are
    the root of the trust network).

Anyone can submit an item or edit an item, however, if that person is
not trusted, their submissions need to be approved by a trusted user
before they are made visible to the unwashed masses in group 1.  Also,
such users will not be able to see any unapproved items.  (That
thwarts the desire of the spammers for visibility - search engine
spiders will not know their submissions exist, and anonymous users
will just get 404 responses when they try to access unapproved
attachments or submissions.)

The intent is that this would be done by modifying Roundup.  True,
initially, lots of submissions would be held for review, but I think we
would fairly quickly expand the trust network to a larger, fairly static
group of users.  Once someone adds Guido to the trust network, any pending
and future modifications of his will be visible to the world.  Once trusted,
Guido can extend the trust network himself, by, for example adding Georg to
the network.  Also, once trusted, a user would see everything and would be
able to approve individual submissions.

Again, as I indicated, I was thinking out loud.  I don't think this is
a trivial undertaking.  I suspect the approach might work for a number
of similar systems (Trac, MoinMoin, etc), not just Roundup though.


More information about the Python-Dev mailing list