Page MenuHomePhabricator

Check access rights for GoranSMilovanovic
Closed, ResolvedPublic

Description

Hi,

@GoranSMilovanovic has been a data analyst contractor at WMDE from 2017 until the end of March 2022. Goran continues to support WMDE as a volunteer since April 2022.

In this light, I figured that WMF should check whether all LDAP & SRE access Goran currently has, still applies to him as a volunteer. I approve that Goran should keep access to all services that are available to volunteers and for which he has a valid NDA.

shell username: goransm
Wikitech: GoranSMilovanovic

If there's any additional information or support you need from my side, please let me know!

Event Timeline

Adding @KFrancis for comments; does this need an updated NDA, e.g. signing a volunteer NDA which replaces the former NDA when @GoranSMilovanovic was employed by Wikimedia Deutschland?

@MoritzMuehlenhoff Thanks for checking in. Because Goran is no longer an employee of WMDE, I should process a new NDA. Would you please provide Goran's personal email and mailing address to kfrancis@wikimedia.org? Thanks!

@MoritzMuehlenhoff Thanks for checking in. Because Goran is no longer an employee of WMDE, I should process a new NDA. Would you please provide Goran's personal email and mailing address to kfrancis@wikimedia.org? Thanks!

Thank you @KFrancis! I've just sent you an email.

Hi all, the agreement is out for signatures. Thanks!

-Confirming the NDA has been signed. Please proceed with the access request. Thanks!

@KFrancis we just need to update Gorans email address, it's still listed as the wikimedia.de address. Could you please provide me with the updated address?

We have removed Goran from the WMDE group, as that is only for WMDE staff.

I notice that Goran has access to analytics_privatedata_users, is that still required?

Change 805389 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[operations/puppet@production] Update email address for goransm.

https://gerrit.wikimedia.org/r/805389

@SLyngshede-WMF

I notice that Goran has access to analytics_privatedata_users, is that still required?

I think it is. Namely, all my ETL/ML scripts on the Analytics Clients are run by impersonating the analytics-privatedata user to be able to authenticate with Kerberos and access the Hadoop cluster.

Then let's not revoke that :-)

I think it's just the email that needed to be updated then.

Change 805389 merged by Slyngshede:

[operations/puppet@production] Update email address for goransm.

https://gerrit.wikimedia.org/r/805389

SLyngshede-WMF triaged this task as Medium priority.

Email address is updated, everything else looks fine.