IP Info presents some information which may cause some level of risk to certain users depending on their location. To mitigate this we want to show the more sensitive information only to trusted user groups.
- There is a need for varying levels of access to ip info. Implement ipinfo-view-basic and ipinfo-view-full rights with the following viewing permissions:
- Connection method
- Connection owner
- Static / Dynamic
- Number of users on this IP
- Block information
- Contributions information
- All basic information
- Complete Location
- IP Info should check for and gate the information as necessary.
- If a user only has the "basic" access, they will not be able to see the other information. It will completely disappear from the display. There is no indication to the end user that they are viewing a limited version of the information available.
Who sees what? (MVP version, subject to change in the future)
- Basic: can be accessed by all registered users
- Full: accessible to these user-groups: sysop, bureaucrat, checkuser, oversight, steward
Things to note:
- The rights may be split based on already assigned user groups. see T292624: Investigate and document necessary IP Info viewing rights for more detail.
- In the post-IP-Masking world, there will be a new user right which will be assigned to certain users which allows them to view IPs. When this right will be given, the ipinfo-view-full right will be also implicitly given to these users.