Page MenuHomePhabricator
Create Task
Maniphest T32018

Require some user groups to have a periodically confirmed valid email address
Open, LowestPublicFeature
Actions

Description

Author: rd232

Description:
We currently have [[Manual:$wgEmailConfirmToEdit]] as an option to require users to supply an email address in order to edit. Per https://secure.wikimedia.org/wikipedia/en/wiki/Wikipedia:Village_pump_%28proposals%29/Account_security, it would be useful to be able to control this per user group or per user right. For example, if the sysop user group is configured to require a verified email address, then sysop user rights would not be available to a member of the group if that member doesn't have a verified email address.

Version: unspecified
Severity: enhancement

Details

Reference
bz30018

Related Objects

Event Timeline

bzimport raised the priority of this task from to Lowest.Nov 21 2014, 11:48 PM
bzimport added a project: MediaWiki-General.
bzimport set Reference to bz30018.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Jul 22 2011, 8:58 PM
MarkAHershberger added a comment.Jul 25 2011, 10:54 PM

forgive my ignorance, but couldn't you just avoid making people a sysop if they didn't have a verified email? Or is the intent here to remove fumble-fingered mistakes?

bzimport added a comment.Jul 26 2011, 10:41 AM

rd232 wrote:

There's relatively little benefit to making people provide a verified email address at one point time. On long-lasting wikis, verification might have been 5-10 years ago. The aim of this bug is to make user rights dependent on a verified email address *on an ongoing basis*. So for example if the user removes the email address, or replaces it with another but doesn't verify it, the user rights associated with their user group are automatically suspended, until a verified email address is provided, when they're automatically re-enabled. This would be more useful if there are situations where the "verified" status of an existing email address can be automatically revoked (eg if emails to the user bounce); I'm not sure if that's the case but if it isn't that's a separate issue.

I should note that this bug is partly because of a desire to use email notifications to enhance security, which is obviously dependent on a current email address. (A "verified" email address may not be current, but it's the best proxy available at the moment.) See also Bug 26227 - "Notify user by email when password changed"; Bug 29856 - "Email notification when verified email address is changed or removed"; and Bug 29857 - "Welcome back email notification after renewed account activity".

bzimport added a comment.Jul 29 2011, 2:24 AM

happy.melon.wiki wrote:

I believe we already have an 'emailconfirmed' implicit usergroup. The simplest way of implementing this would be to implement the opposite, an 'emailunconfirmed' group. Then $wgRevokePermissions['emailunconfirmed'][<perm>] revokes the right when the user is unverified. This also seems to have the best aesthetic of fine-grained control over which permissions are affected by the feature.

bzimport added a comment.Jul 29 2011, 9:33 AM

rd232 wrote:

That sounds good, but it should be "noemailconfirmed", since we're not just interested in cases of "email address exists, but isn't confirmed" but also "no email address given".

duplicatebug added a comment.Nov 11 2012, 12:01 PM

For autopromote the condition APCOND_EMAILCONFIRMED is available.

bzimport added a comment.Apr 29 2013, 3:17 PM

rd232 wrote:

(In reply to comment #5)

For autopromote the condition APCOND_EMAILCONFIRMED is available.

Yes, I think that does the requested feature for autoconfirmed users, because of the way autoconfirmed status is checked every time user rights are verified (http://www.mediawiki.org/wiki/Manual:$wgAutopromote). So that's something. But that's special to that pseudo-group and can't easily be extended to others.

Qgil added a comment.Apr 30 2014, 6:51 AM

A year later...

How relevant is this problem today? How good is the solution proposed? How complex the potential solution?

duplicatebug unsubscribed.Dec 13 2014, 11:36 AM
Nemo_bis added a project: OKR-Work.Mar 13 2016, 10:14 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 13 2016, 10:14 AM
Aklapper removed a subscriber: wikibugs-l-list.Apr 12 2020, 9:55 AM
Krinkle renamed this task from Add support for userrights, usergroups or autopromotion dependent on having a continous or periodic confirmed email address to Require some user groups to have a periodically confirmed valid email address.Apr 12 2020, 10:58 PM
Krinkle edited projects, added MediaWiki-User-management, Security-Team; removed OKR-Work, MediaWiki-General.
Krinkle moved this task from Backlog to User rights on the MediaWiki-User-management board.
Krinkle unsubscribed.
chasemp edited projects, added Security, Platform Engineering; removed Security-Team.Apr 13 2020, 3:07 PM
Pchelolo moved this task from Inbox to Feature Requests to Review on the Platform Engineering board.Apr 13 2020, 4:21 PM
DannyS712 subscribed.Apr 13 2020, 5:26 PM
TheresNoTime subscribed.Dec 10 2021, 7:12 PM
Legoktm subscribed.Dec 11 2021, 7:29 PM

I think the implementation of this should be similar to T150562: Be able to force OATHAuth for certain user groups. If having a confirmed email is a requirement for group membership, you lose that membership when your email becomes unconfirmed (manual removal, BounceHandler, etc.) and you automatically regain it when your email is confirmed again.

STei-WMF subscribed.Dec 15 2021, 10:38 AM
Aklapper changed the subtype of this task from "Task" to "Feature Request".Feb 4 2022, 11:02 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL