Closed Bug 158353 (StopMorons!) Opened 23 years ago Closed 23 years ago

Disallow novice users (without bugzilla account) from use of Advanced Entry form

Categories

(bugzilla.mozilla.org :: General, enhancement)

Product:
bugzilla.mozilla.org
Component:
General
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED FIXED

People

(Reporter: bugzilla, Assigned: myk)

References

Details

Attachments

(1 file, 1 obsolete file)

Patch v.2
616 bytes, patch
Details | Diff | Splinter Review
Because novice users can use Advanced Entry Form, they bypass Bugzilla Helper and submit bugs that lack BuildID, Steps To Reproduce and other crucial information. Pleeease let's prevent them from bypassing that?
Alias: StopMorons!
Seems like this bug avoided everybody's attention, so I raize the priority in hope to attract some. People reporting "nytimes" mostfreq bug a few times a day are kinda annoying. :(
Severity: major → blocker
myk, asa: what's your view here? When we have the new guided template, should we allow access to the advanced form only to e.g. people with canconfirm? Gerv
Kai Lahmann <kl@3dots.de> says that he's working on a new page to replace current http://www.mozilla.org/quality/help/bugzilla-helper.html The main problem of the current one is the fact that the "Advanced Bug Entry Form" link is on top of the page, and most people don't read anything and just click on it. One of the solutions must be moving to the end of the document, and generally making it not so obvious, so people have to read stuff to pick it out, not just because it stands out. I beleive that revamping that page will reduce the number of bad reports greatly, but the solution proposed in this bug might still be helpful. For example, we can let the user see the Advanced Entry Form only after they submitted 2...5 bugs, and got a general idea on what info we need.
gerv has rewritten that page, and I blieve that myk was going to turn it on RSN. You'd want canconfirm, not canedit, if you did protect against this, though. I don't know if its such a big deal - just rearrange the links on the front page.
> Kai Lahmann <kl@3dots.de> says that he's working on a new page to replace > current http://www.mozilla.org/quality/help/bugzilla-helper.html Why on earth didn't he get in touch with its maintainer (me) before starting doing that? I've already rewritten it: http://bugzilla.mozilla.org/enter_bug.cgi?format=guided . Gerv
> I've already rewritten it: Wow, cool. Now we only need to replace the old helper with it...
I've noticed that the new Helper has been put to work. Let's see if it reduces a number of bad bugs reported. If it does, I will mark this WFM. ;)
Depends on: 163230
[RFE] is deprecated in favor of severity: enhancement. They have the same meaning.
Severity: blocker → enhancement
This is not WFM, in my opinion. See bug 157157 and bug 173311, for example. They both show up on Chimera's most duped list in the Bugzilla Helper, but that doesn't help when people by-pass the helper.
Henri: er... nobody said it was WFM. it's just been labelled as an enhancement rather than a bug, which I think is right, although it's an important enhancement :) Brant: if you're going to switch bugs to "enhancement" severity because [RFE] is deprecated, you could remove the [RFE] while you're at it :)
Summary: [RFE] Disallow novice users (without bugzilla account) to use Advanced Entry form. → Disallow novice users (without bugzilla account) from use of Advanced Entry form
I was referring to comment #7.
I put in a higher severity because it's REALLY annoying for me to dig through bad bugreports that would never happen if the Helper was the only option. Brant: please DO NOT strip [RFE]s from the summary! It's a good visual that makes RFEs stand out in the list immediately, just like red color for Criticals. Yes I know that RFEs are printed in italic, but it's a bad visual, it takes time for the eye to recognize the font, while [RFE] clearly stands out.
> Yes I know that RFEs are printed in italic, but it's a bad visual, it takes time > for the eye to recognize the font, while [RFE] clearly stands out. This is what user stylesheets are for. If you don't like it, change it. You have the power. Gerv
*** Bug 174606 has been marked as a duplicate of this bug. ***
How hard would it be to simply disallow people that can't CONFIRM bugs from using the Advanced form?
Not hard at all. See comment 2. :-) We're currently thinking about several things to control the bug problem, and this is one of them. Gerv
Is it appropriate to tie this role to the canconfirm role? This sort of tying together of roles is something I think we should be avoiding in the world of newgroups. Of course, bmo can use the same group for both roles, but that's a site customisation. Should there be a general way to place restrictions on specific formats? If not, how would we do this for this specific CGI/format? I hope the intention isn't to hardcode the format name into the CGI.
having more groups with fine grained controls over permissions is a wider issue and if that is to be solved first, this problem will exist until 2006... tying it to canconfirm is a workable solution that's easy to implement. in fact, merely shifting the link to the advanced form to a less prominent position would work fine, as suggested back in comment 4 - the problem is that people see the "report bug" link and use it before they get to see anything else.
I think automatic and silent conversion to format=guided if the user does not have canconfirm is the correct solution - it's a one-line change, which doesn't require us to e.g. mess with the "File a Bug" link in the footer and stuff like that. This would probably be a b.m.o.-specific customisation. format=guided isn't (yet) in the tree and, even then, a lot of sites will want the standard form for everyone. Gerv
> having more groups with fine grained controls over permissions is a wider > issue and if that is to be solved first, this problem will exist until > 2006... How is this a wide issue? You either tie it to canconfirm or you introduce a single new role that gets linked to a group. I don't see what's particularly complicated here. If we can't do it now we'll never be able to do it.
staff gave the go-ahead for this on b.m.o. yesterday, so I'll try and whip up a patch soon. I don't think this is appropriate for standard Bugzilla - does anyone disagree? Gerv
Attached patch Patch v.1 (obsolete) — Splinter Review
Here's the three-liner which forces people without canconfirm to use the guided format. Gerv
Blocks: 176570
Comment on attachment 103251 [details] [diff] [review] Patch v.1 >Index: enter_bug.cgi >=================================================================== >RCS file: /cvsroot/mozilla/webtools/bugzilla/enter_bug.cgi,v >retrieving revision 1.75 >diff -u -r1.75 enter_bug.cgi >--- enter_bug.cgi 1 Oct 2002 22:41:07 -0000 1.75 >+++ enter_bug.cgi 17 Oct 2002 23:04:26 -0000 >@@ -217,6 +217,10 @@ > > confirm_login() if (!(Param("usebuggroupsentry"))); > >+if (!UserInGroup("canconfirm")) { >+ $::FORM{'format'} = "guided"; >+} Nit: simpler as a single line: UserInGroup("canconfirm") || $::FORM{'format'} = "guided"; or... $::FORM{'format'} = "guided" if !UserInGroup("canconfirm"); r=myk This is a b.m.o-specific hack, I presume.
Attachment #103251 - Flags: first-review+
Attached patch Patch v.2Splinter Review
Nit fixed. Yes, this is a b.m.o.-specific hack. Gerv
Attachment #103251 - Attachment is obsolete: true
in that case -> mozilla.org
Assignee: myk → endico
Component: User Interface → Bugzilla: Other moz.org Issues
Product: Bugzilla → mozilla.org
QA Contact: matty → myk
Version: unspecified → other
.
Assignee: endico → myk
QA Contact: myk → endico
This is now up on b.m.o. Marking fixed. Gerv
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Thanks guys, I hope this wil greatly reduce the number of senseless bugreports. verified.
Status: RESOLVED → VERIFIED
It may be true that you can trust people with canconfirm to file noise bug reports. But, it is a logical error to then conclude that people not on canconfirm are incapable of filing signal bug reports. What is a noisy/bad bug report? Looking at the comments here, I see that dupes are one major complaint. Bugs that require version information and don't have them is another. So, great, you want to stop people from filing those noisy bugs. But speaking as someone who has a high signal/noise ratio on bugzilla but doesn't have (and doesn't care to have) canconfirm, I'm in the lurch here. And you set up the code so that I can't work around it either :-\
You don't get the point. People without canconfirm are still able to submit bugs; however, they're forced to go through the step-by-step Bugzilla helper, that will do at least something to prevent them from submitting stuff like bug 172634. What's so bad about it?
What's so bad is that I want to use the advanced form! Sure, I've filed a few dozers myself: http://bugzilla.mozilla.org/show_bug.cgi?id=172436 http://bugzilla.mozilla.org/show_bug.cgi?id=168748 but generally speaking my bugs are signal, not noise. My point in Comment #29 is that people here seem to have made the following logical leap: a) canconfirm => allow advanced form therefore, b) !canconfirm => !allow advanced form but as anyone who knows logic will know, that is not a valid logical statement (insert monty python skit here). It seems to me that what you want to do is "encourage" people to use the guided form. That's cool to me. But please add a backdoor so that I can use the advanced form.
Why I insisted on (!canconfirm => !allow advanced form) is, people without canconfirm were INTENTIVELY skipping the wizard! Last month, ALL the links from public places (i.e. mozilla.org "file a bug" start page link, Mozilla's QA->File a Bug main menu, etc) were pointing to a wizard, but about 40% of novice reporters were DELIBERATELY SKIPPING THE WIZARD, just to file garbage bugs! Disallowing them to do so is the only way to get rid of such garbage. And give me one good reason why you HAVE to use advanced form and not wizard? Please no "rteal man never uses wizards!" things. What can you achieve with advanced form you cant with wizard?
> But speaking as someone who has a high signal/noise ratio on bugzilla but > doesn't have (and doesn't care to have) canconfirm, This is your problem, right here. Canconfirm can be viewed as "permission to use the advanced form". Saying you don't care to have canconfirm is the same as saying you don't care to have this permission. Having canconfirm doesn't force you to become part of the QA team or do bug triage. It merely means the bugs you report are (by default) NEW, and that you can use the advanced form to report them. If you still want to report bugs as UNCONFIRMED, you can do that (it gives you a choice.) We choose to make people prove they can file good bugs before giving them this permission. That's fair enough. If you've filed loads of good bugs (and yes, we do get to define "good", but it's well-documented) then send me their URLs and I'll give you canconfirm. Gerv
Component: Bugzilla: Other b.m.o Issues → General
Product: mozilla.org → bugzilla.mozilla.org
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: