Date   

moderated Re: Protecting the original Owner from rogue co-Owners #suggestion

txercoupemuseum.org
 



On Feb 11, 2020, at 7:24 PM, West Coast Compañeros Staff <westcoastcompaneros@...> wrote:

From extensive discussions both on GMF and here on beta, I think there are three separate issues relating to ensuring the integrity and continuity of group administration.

The first issue is protecting groups from rogue Moderators who would usurp the functions of the Owner(s). (This issue would be resolved if Bruce's suggestion in is implemented.)

Agree.  

The second issue is protecting the original Owner from rogue co-Owners who are current;y able to depose and remove her/him, or even delete the group.

Agree.  It is important to keep in mind that we address group OWNERSHIP here, not LEADERSHIP.  Clarity, not democracy should be the primary goal(s).

If the wording of Bruce’s suggestion specifically and retroactively rescinded existing but unintended powers of current potential “rogue” moderators to demote existing founders or owners, much of the second issue “goes away”.  

Where there exist multiple owners, that person having made application for transfer of of said group(s) to Groups.io or founding said group on Groups.io automatically have PRIMARY “ownership”.  

A notice to all groups of these changes should be sent announcing a reasonable period for consideration/reconsideration of special circumstances [30 days?] after which agreement would be presumed.  Since these are all options originated here by Groups.ioGroups.io should and would have final say.

I would like to focus on the second issue in this topic. I suggest that it be addressed by creating a new Role that would be a unique instance of Owner. The name doesn't matter at this point. It could be Founder or just Owner* (Owner with an asterisk). The other Owner(s) in the group would be able to do everything except 1) demote, replace, or remove the Founder; 2) delete the group; or 3) designate a successor to the Founder. Those three functions would be reserved for the Founder.

A Founder may and often does step back at some point in time and allow “new management” to prove themselves.  A group "owner” appointed for such purpose would serve at the pleasure of the Founder.  At such time as the Founder desires to no longer be involved, a PRIMARY Owner should be designated, whether such be by appointment or via other group procedure independent of Groups.io.

In the case of newly created groups going forward, the Founder would be the group's creator. I realize that implementing this Role for existing groups could be more complicated. The general principle would be that the sole Owner of an existing group would automatically be promoted to Founder. Some cases with multiple owners would be straightforward, e.g., when the original creator is still functioning as one of the Owners. Where it would be messier is when there are multiple Owners and the original creator is no longer in the group.  One possibility would be for all other Owners to step down temporarily so that the designated successor, or one elected by the remaining Owners, would be the last existing Owner and automatically inherit the role of Founder. The other Owner(s) could then be reinstated.

I believe everything here adequately addressed with infinitely less complexity above.

<topic relocated>

The third issue is ensuring group continuity by a succession mechanism for transferring group ownership when the last existing owner is deceased, disabled, or missing in action. 

The third issue, dealing with the problem of a dead, disabled, or disappeared sole Owner or Founder (the 3Ds), should be taken up in a new topic.

The goal should be to make all of this as automated as possible, to minimize or eliminate the need for the involvement or intervention of Groups.io support.

Robert R.

Agree without reservation.  I have been discussing this with Robert and he has other commitments for the next day or so, so he suggested I post my suggestion on [beta] to address this third issue.

WRB
_._,_._,_


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

Michael Pavan
 

Duane,

On Feb 11, 2020, at 8:42 PM, Duane <txpigeon@...> wrote:

On Tue, Feb 11, 2020 at 07:09 PM, Michael Pavan wrote:
However this does not prevent a Moderator with "Remove Members (also allows access to the member list)" privileges from removing an Owner.
It should if there is no other owner. I believe Mark has it set up so that the last owner cannot be removed, nor remove themselves.
If there is more than one Owner, a Moderator can remove other Owner(s).
Some Owners may wish to have more than one Owner...

Michael


moderated Re: Protecting the original Owner from rogue co-Owners #suggestion

Charles Roberts
 

FWIW, several years ago I joined a Yahoo group with a dead Owner and four Moderators, three of which inactive.  The active Moderator promoted me to Moderator.  I petitioned Yahoo for help.  They had me set up a Poll and have Members vote. I did and I won, gave Yahoo the results, and they promoted me to Owner which I currently am in the migrated group over to Gio.  Without that action by Yahoo management, the Gio version of the group would probably not exist today.  Automation is nice, but EVERYTHING should not be done that way.

On Feb 11, 2020 8:24 PM, West Coast Compañeros Staff <westcoastcompaneros@...> wrote:
From extensive discussions both on GMF and here on beta, I think there are three separate issues relating to ensuring the integrity and continuity of group administration.

The first issue is protecting groups from rogue Moderators who would usurp the functions of the Owner(s). (This issue would be resolved if Bruce's suggestion in #24127 is implemented.) The second issue is protecting the original Owner from rogue co-Owners who are current;y able to depose and remove her/him, or even delete the group. The third issue is ensuring group continuity by a succession mechanism for transferring group ownership when the last existing owner is deceased, disabled, or missing in action.

I would like to focus on the second issue in this topic. I suggest that it be addressed by creating a new Role that would be a unique instance of Owner. The name doesn't matter at this point. It could be Founder or just Owner* (Owner with an asterisk). The other Owner(s) in the group would be able to do everything except 1) demote, replace, or remove the Founder; 2) delete the group; or 3) designate a successor to the Founder. Those three functions would be reserved for the Founder.

In the case of newly created groups going forward, the Founder would be the group's creator. I realize that implementing this Role for existing groups could be more complicated. The general principle would be that the sole Owner of an existing group would automatically be promoted to Founder. Some cases with multiple owners would be straightforward, e.g., when the original creator is still functioning as one of the Owners. Where it would be messier is when there are multiple Owners and the original creator is no longer in the group.  One possibility would be for all other Owners to step down temporarily so that the designated successor, or one elected by the remaining Owners, would be the last existing Owner and automatically inherit the role of Founder. The other Owner(s) could then be reinstated.

The third issue, dealing with the problem of a dead, disabled, or disappeared sole Owner or Founder (the 3Ds), should be taken up in a new topic.

The goal should be to make all of this as automated as possible, to minimize or eliminate the need for the involvement or intervention of Groups.io support.

Robert R.


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

Duane
 

On Tue, Feb 11, 2020 at 07:09 PM, Michael Pavan wrote:
However this does not prevent a Moderator with "Remove Members (also allows access to the member list)" privileges from removing an Owner.
It should if there is no other owner.  I believe Mark has it set up so that the last owner cannot be removed, nor remove themselves.

Duane


moderated Protecting the original Owner from rogue co-Owners #suggestion

West Coast Compañeros Staff
 

From extensive discussions both on GMF and here on beta, I think there are three separate issues relating to ensuring the integrity and continuity of group administration.

The first issue is protecting groups from rogue Moderators who would usurp the functions of the Owner(s). (This issue would be resolved if Bruce's suggestion in is implemented.) The second issue is protecting the original Owner from rogue co-Owners who are current;y able to depose and remove her/him, or even delete the group. The third issue is ensuring group continuity by a succession mechanism for transferring group ownership when the last existing owner is deceased, disabled, or missing in action.

I would like to focus on the second issue in this topic. I suggest that it be addressed by creating a new Role that would be a unique instance of Owner. The name doesn't matter at this point. It could be Founder or just Owner* (Owner with an asterisk). The other Owner(s) in the group would be able to do everything except 1) demote, replace, or remove the Founder; 2) delete the group; or 3) designate a successor to the Founder. Those three functions would be reserved for the Founder.

In the case of newly created groups going forward, the Founder would be the group's creator. I realize that implementing this Role for existing groups could be more complicated. The general principle would be that the sole Owner of an existing group would automatically be promoted to Founder. Some cases with multiple owners would be straightforward, e.g., when the original creator is still functioning as one of the Owners. Where it would be messier is when there are multiple Owners and the original creator is no longer in the group.  One possibility would be for all other Owners to step down temporarily so that the designated successor, or one elected by the remaining Owners, would be the last existing Owner and automatically inherit the role of Founder. The other Owner(s) could then be reinstated.

The third issue, dealing with the problem of a dead, disabled, or disappeared sole Owner or Founder (the 3Ds), should be taken up in a new topic.

The goal should be to make all of this as automated as possible, to minimize or eliminate the need for the involvement or intervention of Groups.io support.

Robert R.


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

Michael Pavan
 

Good proposal.

However this does not prevent a Moderator with "Remove Members (also allows access to the member list)" privileges from removing an Owner.


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

West Coast Compañeros Staff
 

On Mon, Feb 10, 2020 at 12:09 PM, Mark Fletcher wrote:
I suggest that the existing "Set Moderator Privileges" flag should not allow a Moderator to edit the Role field. Promoting/demoting people to/from Moderator or Owner strikes me as an Owner function.
Bruce's suggestion neatly takes care of the first of three related issues that have been, and continue to be, discussed at great length in the GMF group. As such, I strongly support Bruce's suggestion.

(The first issue is protecting groups from rogue Moderators who would usurp the functions of the Owner(s). The second issue is protecting the "real Owner" from rogue co-Owners who would depose and remove her/him, or even delete the group. The third issue is ensuring group continuity by a succession mechanism for transferring group ownership when the last existing owner is deceased, disabled, or missing in action.)

I don't want to hijack Bruce's thread, so I will start a new topic where we can work on the second issue. The third issue is the trickiest and messiest, but any comprehensive solution will need to deal with it.

Robert R.


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

Janis
 

I am 100% in favor of Bruce's suggestion.  
If an owner is worried about sudden unexpected death, tgey can choose a few moderators and privileges of each and the group can still function.  The only orivileges moderators need are approving messages and,  if you wish, approving membership requests and/or inviting new members if you wish the group to have new members after you are gone.   If you have the group set up to function without you, then moderators do not need any special privileges.

Moderators should never be able to mess with owner status or functions.  


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

Bärbel Stephenson
 

No :)

On 02/10/20 20:09, Mark Fletcher wrote:
On Mon, Feb 10, 2020 at 12:03 PM Bruce Bowman <bruce.bowman@...> wrote:
I suggest that the existing "Set Moderator Privileges" flag should not allow a Moderator to edit the Role field. Promoting/demoting people to/from Moderator or Owner strikes me as an Owner function.

This makes sense. Any objections?

Thanks,
Mark 


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

 

Mark -
I concur with Shal's comments. I would like to have a moderator that can approve members, and if necessary, promote others to moderators. However I have seen such a situation where a person has abused authority given them, and so am hesitant to risk having a moderator that might try to remove an owner and put themselves in that place.

Dano

----- Original Message -----

Mark,

I concur with Lena, Chris, J, and Linda: that permission should extend
to promoting members and demoting mods, but it should not permit any
changes to/from the Owner role.

Nor should it (or any other moderator permission) allow a moderator to
change an Owner's subscription settings (or should I say membership
settings).

Shal


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

 

Mark,

I suggest that the existing "Set Moderator Privileges" flag should
not allow a Moderator to edit the Role field.

This makes sense. Any objections?
I concur with Lena, Chris, J, and Linda: that permission should extend to promoting members and demoting mods, but it should not permit any changes to/from the Owner role.

Nor should it (or any other moderator permission) allow a moderator to change an Owner's subscription settings (or should I say membership settings).

Shal


moderated removing followed by banning has inconsistent results from simply banning, which also removes #bug

 

(Taken from the thread about display names in banning/removing, now that I would classify it as a bug:)

It seems intuitive that removing and then banning a member should have the same results as just banning them, since banning also removes the member.  But they are not.

This applies to members whose display name has been changed in a group from their default (system-wide) display name to a group-specific display name.

If (case 1) you first remove a member and then ban them: 
  • the display name in their historical member record from their banned-page history is their default display name
  • the display name in the past members list is their group-specific display name
  • the display name in the banned list is their default display name
But if (case 2) you simply ban the member (which also results in their removal), the display names shown in all three places are the group-specific name. The system does not "forget" that name, and revert to the default name, simply because the member was removed first and then banned rather than being removed as part of the banning.

Further, although you can't make an argument that the log entries for the two processes should be the same (because they are different), it is problematic that the entries in the two cases not only refer to different processes but also refer to the same member (or past member) with two different names, which can be confusing in trying to read the logs. With removal and then banning, you see "X was removed" and then "Y was banned," where X and Y are the same person. With banning, you see just see "X was banned." I would not call this inconsistent, as with the inconsistent member-history and list results; but it seems to result from the inconsistency in the member-history results, since in the case of remove-then-ban, the system substitutes the default display name for the group-specific display name in the member history page.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

 

I think that a moderator “with privileges” should be able to promote ( or perhaps also demote) other members and mods. Just not be able to demote an owner and probably not be able to make themselves or others owners. But having  the ability to add additional moderators when needed is an important function of a mod who may be primary group manager and/or acting as an owner “backup”. Yahoo did get one thing right imo, in allowing a setting where “ full privileged mods” can do everything but delete the group and remove the current owner. In other words please preserve the ability for mods to appoint new mods, ie “change role “ of members when needed. Linda N


moderated Re: Edit photo ownership proposal #suggestion

West Coast Compañeros Staff
 

On Mon, Feb 10, 2020 at 12:03 PM, Bruce Bowman wrote:
If the "current" owner is not in the group, I'd prefer that this box contain something like "-- none selected --".
I support Bruce's overall suggestion, but I would use Duane's refined wording from GMF :
"I think either the original owner should be shown (preferred) or it should say unassigned."
That approach also affirms the comment made by Charles Roberts: "The original author should be maintained."

Robert R.


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

 

On Mon, Feb 10, 2020 at 02:39 PM, Lena wrote:
I have a moderator with all privileges. I don't want to make her an owner. But if I'm hit with a bus, I want her to be able to make new moderators with all privileges, and so on.
I have the exact same issue. 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

Chris Jones
 

On Mon, Feb 10, 2020 at 08:09 PM, Mark Fletcher wrote:
This makes sense. Any objections?
Only a fairly minor one; AIUI the main problem is that moderators with set moderator permissions can promote themselves to owners and demote the real owners. That is clearly wrong. At the same time I can see that on occasions it might be helpful if a moderator can appoint another one or edit another moderator's permissions, perhaps to cover an unforseen event that left a group short of moderation effort.

But it's not a show - stopper concern.

Chris


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

 

I have a moderator with all privileges. I don't want to make her an owner. But if I'm hit with a bus, I want her to be able to make new moderators with all privileges, and so on.


moderated Re: use either User Name or Display Name consistently in banning/banned list and removal/past members list #suggestion

 

The bottom line seems to be that if you are going to ban a member, you better know it at the time you remove them. That's because if you remove first and later ban, you get the display name mismatch described here. But if you simply ban, which removes the member too, the system does not "forget" their group-specific display name, and it uses that for all log entries. Banning alone (rather than removing first, banning second) also does not replace their group-specific display name with their default display name in their historical member page.

I submit that this is an inconsistency. It should not matter whether you remove first and ban later, or OTOH simply ban. The results should be the same.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Restrict "Set Moderator Privileges" Permission #suggestion #done

Gilbert Coville
 

On Feb 10, 2020, at 12:09 PM, Mark Fletcher <markf@corp.groups.io> wrote:

On Mon, Feb 10, 2020 at 12:03 PM Bruce Bowman <@BruceBowman> wrote:
I suggest that the existing "Set Moderator Privileges" flag should not allow a Moderator to edit the Role field. Promoting/demoting people to/from Moderator or Owner strikes me as an Owner function.
This makes sense. Any objections?

Thanks,
Mark
Would it be possible to have a separate Moderator permission for “Set Role (including the ability to promote a moderator to owner)”? This way the ability would be retained, but be more explicit.

Gilbert


moderated Re: Site updates #changelog

 

Caught another one: when you try to direct add a banned member, the error message says "banned subscriber"
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu