moderated Poll participation by non-account holders #suggestion

Tom U

Thanks for the constructive discussion of implementation.  I know that not every suggestion fits the intention of a system or may be easily implemented.

Yes, we are evaluating if the paid features provide value.  I suggested the poll partly as a way to test the value of that feature, but polling is not a critical feature.

For polls that I can imagine doing in my group, I have no problem with the responses being anonymous and unprotected.  There is little reason for someone to manipulate them and results are merely informative.  

I can also see the need for each respondent being authenticated.  Before submitting this request, I took a look at poll creation to see if there was an option to choose between those two modes.  P

My guess is that plan to identify with out authenticating that identity is subject to manipulation.  It is too complex for "I don't care who responds" and not secure enough for "I only want my authenticated users to respond."


Samuel Murrayy

On Mon, Jan 18, 2021 at 07:15 PM, Mark Fletcher wrote:
At first blush, Bruce's proposal makes sense to me, although I'd just add one change: just make the Vote Now link work the same way as an 'email me a login link' works now. It would automatically log you in if you weren't already logged in.

No, that would be terrible :-) because it means that if people forward this poll to other people, then those other people can log in to the original forwarder's account by clicking that link.

I can't think of a simple way to solve this problem.  Here is one workflow that might work (but it may be complex to implement):

If the "Vote now" button can be made account-specific (or unique for every e-mail that is sent), then if someone clicks the link, can identify the account holder even if the person is not logged in.  Then, when a person clicks the link, first checks if the browser is logged in, and if so, directs the person to the poll (without checking whether the account that is logged in is the same as the person who clicked the link).  If the browser is NOT logged in, then determines who the account holder is (from the link's unique ID) and then shows a page saying "Thanks for your interest in this poll.  Only group members may vote in this poll.  An e-mail has been sent to <your@...> to help confirm your identity.  If this is not your mail address, please visit *this* page to log in." (and the person is automatically sent a login link).

This would solve the issue of forwarding. If the mail is forwarded to someone who can also vote, and they are logged in, then that person will vote under their own name.  If the mail is forwarded to someone who can't vote, then that person will get the "thanks for your interest" message (and eventually figure out for themselves that they can't vote).

One downside is that the e-mail address of the person who forwarded the message is shown on the "thanks for your interest" page.  This is a potential privacy issue, since an account holder may forward the poll without realising that their e-mail address will be shown to any recipient of that forwarded poll.  One can make the "thanks for your interest" page *without* the person's e-mail address, but then you have to explain to the reader that they won't receive the login link if they're not the original recipient of the poll notification, and that's going to be complicated.