On 3 Feb 2021 at 10:35, J_Catlady wrote:

Exactly, what Peter says. it's risk vs benefit. Huge risk, negligible
benefit. Not to mention: the opportunity cost of implementing more
worthwhile things.

Having just had my personal information publicly revealed on a hacked
forum I would agree. Nobody but the member himself should be able to
change email addresses.

Dave

http://davesergeant.com

Exactly, what Peter says. it’s risk vs benefit. Huge risk, negligible benefit. Not to mention: the opportunity cost of implementing more worthwhile things.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

I agree that Shal’s idea takes us in the right direction. But still not far enough. I’d get rid of it entirely.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

On Wed, Feb 3, 2021 at 01:22 PM, J_Catlady wrote:

Suppose I don’t like somebody in my group and I want access to all their subscriptions to do bad things. All I’d have to go is change the email address of their whole account.

I agree with J - I just don't think the risk outweighs the benefit to the users. Maybe I'm missing some key point about the value of this capability?

Pete

Actually since your fix, they can’t do it to me. So I csn see this leading to people artificially making themselves group owners in order to benefit from the enhanced security protection .   

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

This is a really good observation and I think the security risk applies not just to mods of groups. Suppose I don’t like somebody in my group and I want access to all their subscriptions to do bad things. All I’d have to go is change the email address of their whole account.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

On Wed, Feb 3, 2021 at 11:55 AM, Mark Fletcher wrote:

I have changed the feature so that you cannot change the email address of a member who is a moderator or owner of a group.

Mark -- Thanks. This has bothered me for awhile now.

Should I make other changes? Should the change only affect that one subscription? That is, if someone is subscribed to 2 groups, and the moderator of one of those groups changes that person's email address, should I then create a new Groups.io account, splitting off that one subscription?

Correct me if I'm mistaken, but I think the most common scenario behind the existing feature is when someone simply gets a new email address, leaving the old one inactive. In such a case, the current behavior -- having the change occur account-wide -- strikes me desirable. 

If the account was to be split into two, it raises the question of how to subsequently merge them...especially if the previous address is no longer accessible. Generally, it seems to me that if an account holder is struggling to change his own address, he isn't going to be any more adept at merging them.

A third option (which probably won't be popular but I'd like to throw out for consideration) is the elimination of this feature altogether. As group Owners, we cannot edit a subscriber's profile, but we can change their login credentials? That combo has never quite added up to me. 

Regards,
Bruce

On Wed, Feb 3, 2021 at 04:55 PM, Mark Fletcher wrote:

I have changed the feature so that you cannot change the email address of a member who is a moderator or owner of a group.

Is that an owner or mod of a main group only or does it include mods of subgroups which may be just members in a main group?

Should I make other changes? Should the change only affect that one subscription? That is, if someone is subscribed to 2 groups, and the moderator of one of those groups changes that person's email address, should I then create a new Groups.io account, splitting off that one subscription?

Along with the power to change someone's email address come the responsibility to use it wisely. I always get confirmation from the member in question that they understand that a change to their account address impacts all groups they are subscribed to.  Unless I get that confirmation, I don't make the change.  It can be lot less time and effort being able to make the change on behalf of someone than it is to recover the situation after their failed attempts.  It accounts are split based upon subscription I think that will generate confusion for some older members who will login with the wrong account for the group they want to interact with and wonder why they cannot access it.  Those are frequent questions on GMF.

Regards
Andy

Oh, you're right Andy, thanks for pointing that out!  I guess I'll create a new corrected submission.

On Wed, Feb 3, 2021 at 10:55 AM, Mark Fletcher wrote:

Should the change only affect that one subscription? That is, if someone is subscribed to 2 groups, and the moderator of one of those groups changes that person's email address, should I then create a new Groups.io account, splitting off that one subscription?

If you continue to allow email addresses to be changed, then I'd certainly prefer that it only effect one group.

Duane

Mark, I think I've said this in the past so I may be repeating myself.

I do not think I should have the ability to change anyone else's email address globally, if at all. I consider it just too much of a security risk. Members can do it themselves quite easily (I've provided folks with instructions a number of times). If they can't do it because they no longer have access to an email account, that's their issue to fix, not mine.

$.02,
Pete

Hi All,

Premium group owners have the ability to change the email addresses of their members. The email address is changed on the member's Groups.io account, so affects all their subscriptions. As was pointed out to me privately, this presents a security issue. If a member is an owner of another group, this feature provides the ability for a nefarious group owner to take over that other group, by changing the email address of the member to a new email address controlled by the baddie.

I have changed the feature so that you cannot change the email address of a member who is a moderator or owner of a group.

Should I make other changes? Should the change only affect that one subscription? That is, if someone is subscribed to 2 groups, and the moderator of one of those groups changes that person's email address, should I then create a new Groups.io account, splitting off that one subscription?

Thanks,
Mark

On Wed, Feb 3, 2021 at 05:45 AM, Christos G. Psarras wrote:

Even without the parentheses it would help catch if someone forgot to add a username on their profile, especially when working with a multi-mod group.

Do you mean Display Name given that the username field on a profile is not currently used by Groups.io?

Andy

Hi Mark,

It can be useful, if you add the user name as well in the mod notification text:

>>> setting these options in a different place.

Oh, I found another two admin spots that also set sub settings:

- When the mod clicks on the member's name on the member list and get their sub settings (among others).  If the sub part of that page is shared, when the "user" sub settings screen is done, it would take care of this too.

- Default Sub Settings. That one renders differently because of the isolated and collapsible AdvancedPrefs panel and needing to combine the settings into a single panel (Mark had already partially-done(started?) what we're currently suggesting, lol!) 
The same re-arranging treatment or shared include would be needed there.

Cheers,
Christos

On Tue, Feb 2, 2021 at 04:19 PM, Andy Wedge wrote:

I shouldn't need to load effectively dummy images when the album was created to contain member photos.

A single black pixel will work. Try the attached "photo" (119 bytes).

Regards,
Bruce

Mark,

Thanks for taking care of suggestion 1.

>>> What if a message is sent by a non member, and then later that person becomes a member? Does the badge stay on the message when viewing the website? And vice-versa, if a member sends a message and then leaves the group, should a badge be displayed then?

Here's one way it could be accomplished, UI part first.

We can use that unused area between the name and date.  It could be something like this for a Non-Member message:



It would stay there indefinitely unless that user becomes a member, in which case it would go away.

(Or possibly change it to a new badge, something like NEW or NeM "New Member", aptly colored and timed so it goes away after some time has passed since the user joined.  This would now becomes a "new group member" badge as other online forums use, the ones offering group status/standing badges and such; after some time, or maybe number of posts, it goes away)


If they leave, we display now something like XM, "Ex Member", "permanently"; that would help identify to readers messages posts from ex-members:


- If that user sends-in a NM message to the group and it gets approved, it would be shown with both Non- and Ex-member badges.

- If that user comes back, the Approve-member process would check to see if they have been a member before, in which case the normal "new user" designation would not be applied on their posts or displayed; technically they are a "new" member, but we wouldn't want their previous posts being shown with NEW next to them for a while, they just rejoined, like they never left.

This visual scheme could also be replicated in other areas like Files and Photos so it takes care of orphaned display issues.

If admins start complaining that the message looks like an xmas tree or something, a badge-display on/off checkbox can be added in group settings.

The nice long-term potential benefit of using the badges like that in the UI, is that if in the future it is decided to actually offer this type of membership status/standing badges (new user, experienced user, prolific poster, contributor, whatever), the infrastructure will already be there.  It could potentially even be extended to allow the mod to set that badge as a "functionality" badge, i.e. Chairman, Secretary, Officer, Treasurer, etc, so one could visually see in topic-expanded view who is what and how their message relates to their function.

If something like this is implemented, the NonMember badge, & possibly the ExMember as well, would be available to all groups, but all the extensibility stuff I mentioned could be paid-only groups, or paid upgrade feature.


Regarding the email part:

- Flag the mod's pending message notification: "A message was sent .... from non-member ...@... that needs to be approved.", bolded so it stands out.

(It could also be further tweaked to where it will alert the less-experienced mod whether a user is in both pending-member and pending-message queues:  "A message was sent .... from (pending) non-member ...@... that needs to be approved."  The same check could then be also added in the pending member notification email as well: "...@... (having pending messages) applied to join your group Practice-NEW@groups.io.  Or something like that)


As for identifying somehow in the email sent out that it was from a non-member, using a hashtag to indicate this could work, as it would be readily visible, and would also allow someone to view only non-member posts by clicking on the hashtag; but on the other hand, we are "modifying" the subject, and it would also require that hashtag to be actively (manually or automatically by code) deleted (or changed) from the archive by someone, so it would require more admin or implementation work, plus then you'd have the problem of someone replying to the original #nonmember tagged email, causing more headache...

Instead, we could identify the NM message by using the footers, something like this maybe:

------------------------------------------
View/Reply Online ... | Reply To Group | Reply To Sender | Follow This Topic | New Topic| .....
Your Subscription | Contact Group Owner | Unsubscribe [...@...]
Note: This message was sent to the group by a non-member.   (bolded or not)
------------------------------------------

Besides it being out of the way but still spottable, it also "replicates" the UI NM badge that goes away since that snippet would also go away after the person gets approved.  And also as in the UI equivalent, that line could also now serve for this "emailed badge(s)" functionality from now on, so it still replicates the UI, albeit not retroactively as the UI does, the snippet in the email case also can serve as a "historical" badge.

Finally, a mission creep statement: If we were to implement this and start showing the NM badge right now on the UI, it may be beneficial to also roll-in displaying the Mod or Owner (or Admin for both) badges like other forums do.

Cheers,
Christos