Page MenuHomePhabricator
Create Task
Maniphest T309325

Cross-team review of Geolocation API proposal
Closed, ResolvedPublic
Actions

Description

Status as of 2022-08-24

We are ready to move forward with contacting Pelias (@vyuen) and starting the contracting process (@ldelench_wmf). Security review will continue in parallel.

Background/Goal

Now that T305705 is complete and a proposal has been drafted, we will solicit review from:

  • Legal
  • Trust & safety policy
  • Security
  • Site Reliability Engineering (SRE)

Out of scope for this task:

  • Budget approval & any necessary contracting with geolocation provider
  • Implementation of the geolocation API
User stories
  • As a Campaigns team member, I want to ensure that our recommended approach of setting up a proxy to Pelias web service has been reviewed & commented on by Legal, Trust & Safety Policy, Security, and SRE so that I have a more complete understanding of risks & recommended next steps.
  • As a campaign organizer, I would like to be able to easily enter the address of my in-person event.
  • As a campaign participant, I would like to be able to quickly know where the in-person event is taking place.
Considerations
  • Once we start using a geocoding library, there may be backwards compatibility issues with existing events (e.g. someone entered an invalid address or country, or in a format that the library does not recognize), and this could be very problematic. Therefore, we should decide on a geolocation API provider in parallel with our V0 build, even though it will not actually be implemented until V1 (target: October 2022).
Development considerations

MUST HAVE

  • Being able to filter events by country, city, and region.
  • Show only relevant info in the event page bar; e.g., the building name

NICE TO HAVE

  • Provide address autocompletion when creating/updating a registration
  • Show events happening nearby (users would need to opt-in)
  • Show where the event is happening on a map
Acceptance criteria
  • Reviews are complete:
    • Legal - via email
    • T&S Policy - via email
    • Security T309410
    • SRE T312677
Open questions
  • What timeline should we expect for reviews?
    • Legal: done
    • Trust & safety policy: done
    • Security: July-Sept 2022 (in progress)
    • Site Reliability Engineering (SRE): done
Resolved questions
  • Just curious what the technical reasons are for choosing Pelias over MaxMind, for which the WMF already has a license.
    • AIUI, MaxMind only provides geolocation info for IPs, but we don't need data about IPs. Also, we would need some additional features (listed at T305705#7841090) that MaxMind doesn't seem to offer.

Related Objects
Search...

Event Timeline

ldelench_wmf created this task.May 26 2022, 3:49 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 26 2022, 3:49 PM
ldelench_wmf moved this task from Backlog to To be Estimated/Discussed on the Campaigns-Product-Team board.May 26 2022, 3:49 PM
ldelench_wmf added a project: Campaign-Registration.
ldelench_wmf added a subtask: T305705: [spike] Investigation on which geolocation API.May 26 2022, 3:54 PM
ldelench_wmf closed subtask T305705: [spike] Investigation on which geolocation API as Resolved.May 26 2022, 3:57 PM
ldelench_wmf mentioned this in T305705: [spike] Investigation on which geolocation API.
ldelench_wmf moved this task from Backlog to V1 (MVP) on the Campaign-Registration board.May 26 2022, 3:59 PM
ldelench_wmf moved this task from To be Estimated/Discussed to Campaign-Tools-Sprint-14 on the Campaigns-Product-Team board.May 26 2022, 4:42 PM
ldelench_wmf edited projects, added Campaigns-Product-Team (Campaign-Tools-Sprint-14); removed Campaigns-Product-Team.
ldelench_wmf updated the task description. (Show Details)May 27 2022, 5:10 PM
ldelench_wmf updated the task description. (Show Details)May 27 2022, 5:16 PM
ldelench_wmf added a subtask: Restricted Task.May 27 2022, 7:13 PM
ldelench_wmf updated the task description. (Show Details)May 27 2022, 7:20 PM
ldelench_wmf moved this task from Ready 🎬 to Review/Feedback 💬 on the Campaigns-Product-Team (Campaign-Tools-Sprint-14) board.May 27 2022, 7:22 PM

Requests for review have been submitted on 27 May:

  • Legal: email
  • Trust & Safety: email
  • Security: T309410
ldelench_wmf changed the status of subtask Restricted Task from Open to Stalled.Jun 13 2022, 2:04 PM
ldelench_wmf updated the task description. (Show Details)Jun 13 2022, 7:37 PM
ldelench_wmf edited projects, added Campaigns-Product-Team (Campaign-Tools-Sprint-15); removed Campaigns-Product-Team (Campaign-Tools-Sprint-14).Jun 13 2022, 7:40 PM
ldelench_wmf moved this task from Ready 🎬 to Review/Feedback 💬 on the Campaigns-Product-Team (Campaign-Tools-Sprint-15) board.Jun 13 2022, 7:46 PM
Daimona mentioned this in T303142: Create fields validation for Edit Event Registration API.Jun 14 2022, 9:55 PM
Daimona mentioned this in T305699: Display event details on public event page.Jun 27 2022, 11:39 PM
ifried subscribed.Jun 30 2022, 3:39 PM

@ldelench_wmf Hey there! Since we will need to begin planning V1, we would find a way to unblock this conversation (which has been stalled). Maybe it is a topic we can discuss in our 1:1 next week. Thanks!

ifried moved this task from Review/Feedback 💬 to Blocked ⛔ on the Campaigns-Product-Team (Campaign-Tools-Sprint-15) board.Jun 30 2022, 3:40 PM
vyuen subscribed.Jun 30 2022, 5:14 PM

@ifried this is on me! I have it on my to-do this week to finish the proposal so we can send it to folks for a second review. Just missing a few minor details now.

ifried added a comment.Jun 30 2022, 5:20 PM

Thank you for the update, @vyuen!

Daimona subscribed.Jul 1 2022, 4:22 PM
JFishback_WMF added a project: Privacy Engineering.Jul 5 2022, 5:26 PM
JFishback_WMF moved this task from Incoming to Watching on the Privacy Engineering board.
ldelench_wmf edited projects, added Campaigns-Product-Team (Campaign-Tools-Sprint-16); removed Campaigns-Product-Team (Campaign-Tools-Sprint-15).Jul 6 2022, 5:02 PM
ldelench_wmf moved this task from Ready 🎬 to Blocked ⛔ on the Campaigns-Product-Team (Campaign-Tools-Sprint-16) board.Jul 6 2022, 5:06 PM
sbassett changed the status of subtask Restricted Task from Stalled to In Progress.Jul 6 2022, 5:55 PM
ldelench_wmf added a subtask: T312677: [Request for Comment] Campaigns Geolocation API proposal.Jul 8 2022, 8:05 PM
ldelench_wmf updated the task description. (Show Details)
ldelench_wmf updated the task description. (Show Details)Jul 8 2022, 8:08 PM
ldelench_wmf moved this task from V1 (MVP) to Epics on the Campaign-Registration board.Jul 8 2022, 8:12 PM
ldelench_wmf edited projects, added Campaigns-Product-Team, Epic; removed Campaigns-Product-Team (Campaign-Tools-Sprint-16).

Reclassifying this task as an epic, so moving out of our sprint board.

ldelench_wmf changed the task status from Open to In Progress.Jul 8 2022, 8:13 PM
ldelench_wmf triaged this task as Medium priority.
ldelench_wmf moved this task from Backlog to Epics - upcoming on the Campaigns-Product-Team board.
ldelench_wmf renamed this task from [Cross-team review] Geolocation API proposal to [EPIC] Cross-team review of Geolocation API proposal.Jul 8 2022, 8:25 PM
ldelench_wmf updated the task description. (Show Details)
ldelench_wmf updated the task description. (Show Details)Jul 8 2022, 8:40 PM
sguebo_WMF subscribed.Jul 25 2022, 1:26 PM
ldelench_wmf updated the task description. (Show Details)Aug 24 2022, 12:56 PM
vyuen added a parent task: T316126: [EPIC] Attach programmatic geolocation to campaign events .Aug 24 2022, 4:32 PM
vyuen renamed this task from [EPIC] Cross-team review of Geolocation API proposal to Cross-team review of Geolocation API proposal.Aug 24 2022, 4:57 PM
vyuen removed a project: Epic.
vyuen removed a project: Campaign-Registration.
vyuen moved this task from Epics - upcoming to Campaign-Tools-Current-Sprint on the Campaigns-Product-Team board.Aug 24 2022, 4:59 PM
vyuen edited projects, added Campaigns-Product-Team (Campaign-Tools-Current-Sprint); removed Campaigns-Product-Team.
vyuen moved this task from Upcoming / refining 💡 to Development In Progress 💻 on the Campaigns-Product-Team (Campaign-Tools-Current-Sprint) board.Aug 24 2022, 5:55 PM
ldelench_wmf updated the task description. (Show Details)Aug 29 2022, 1:40 PM
ldelench_wmf moved this task from Development In Progress 💻 to Product sign-off 🤘 on the Campaigns-Product-Team (Campaign-Tools-Current-Sprint) board.Aug 29 2022, 1:44 PM

Hey @ifried , do you think we can resolve this one? I think the proposal review is done; though we can expect more followup with security during implementation as part of T290248

ifried closed this task as Resolved.Aug 29 2022, 8:32 PM
ifried moved this task from Product sign-off 🤘 to Done 🏁 on the Campaigns-Product-Team (Campaign-Tools-Current-Sprint) board.

Yes, I have marked this as Done. We will need to continue the conversations with the various stakeholders that we are already having, but the actual review process is already in motion. Great work, team!

sbassett mentioned this in T290248: Security Readiness Review For Campaigns Registration System.Sep 30 2022, 7:58 PM
ldelench_wmf closed subtask T312677: [Request for Comment] Campaigns Geolocation API proposal as Resolved.Oct 3 2022, 5:16 PM
ldelench_wmf closed subtask Restricted Task as Resolved.Nov 8 2022, 4:13 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits