Goal
Per Legal, to grant IP Information to a user we need to have them explicitly request it for anti-vandalism purposes. This can be done via a simple check-box/accept button in the interface where they acknowledge they need IP information for anti-vandalism work.
Once the user has acquired access to the IP information, they will continue to have access for all future cases unless either:
- they give up their own access in preferences
- there is a need for re-permissioning due to Legal reasons
The purpose for this task is to implement a way for the user to be able to acknowledge they need IP information access for anti-vandalism work.
Once the user has acknowledged that, we will store their username as having IP information access in the database (T263756). We will allow the user to revoke the permission in their preferences if they need to do so (T264151).
Spec
1. From Special:Preferences | 2. From the IP Information accordion |
- There are two conditions that need to be met before the IP Information accordion displays information for the user:
- User needs to enable the tool
- User needs to accept to the terms of the tool
- These are represented by two checkboxes in Special:Preferences, under the "User Profile tab" (see mock 1)
- 1. Show the IP Information tool on Special:Contributions page for IP addresses.
- 2. I agree to use this information for my patrolling and anti-vandalism work.
- The user cannot agree to the terms without enabling the tool. The second checkbox is disabled until the first checkbox is checked.
- If only the first checkbox is checked and the second one is unchecked, the user sees the agreement in the accordion on Special:Contribs (see mock 2). Once the user agrees to the terms, the preference is updated and the user can see the IP Information.
- If the feature is not enabled (neither preference is checked), the accordion does not appear on Special:Contribs.
- The IP Info popup does not appear anywhere unless both preferences are checked (tool is enabled and term have been agreed to).
Things to note (not part of this task):
- T&S/Legal reserve the right to revoke a user’s access permissions in case of abuse
- If a user’s permission is revoked by us, they should not be able to activate it again
- Legal would like us to capture who had access to IP Info at any given time in case an incident occurs
- There is a possibility that users might need to regain access periodically (TBD)
- There is a possibility that the wording on the agreement might change, based on Legal review.