User story:
As a logged out user, I don't want my IP address displaying publicly, because I value privacy and don't care to create an account.
Decision needed:
Should we update StructuredDiscussions to accommodate temporary accounts? No, this would require work on a complex extension that is slated for sunsetting T332022: [Epic] Undeploying StructuredDiscussions (Flow).
Should we prevent logged out edits to StructuredDiscussions threads?
Should we schedule the sunsetting work of StructuredDiscussions to align with the temporary accounts rollout? For example, provide further communication about sunsetting flow, and lock existing Flow threads at a certain date.
Background:
Project documentation: IP Editing: Privacy Enhancement and Abuse Mitigation
Scope of this task:
This task and all subtasks are for tracking work related to Flow changes needed to adhere to the compliance requirements related to IP Masking / Temporary Accounts.
Testing notes:
StructuredDiscussions will be the most complex project the Growth team will need to work on for IP Masking.
Similar to VisualEditor, it makes edits via the API. As of now (tested at dewiki beta), the API attributes the edit to the IP address, instead of creating a temporary account (which is the intended behaviour). Ideally, after submitting, the temporary banner should as well (alternatively, a refresh can be triggered). Making the temporary account fully transferrable across domains would require a hop over login.wikimedia.org.
QA Testing notes:
- a temp user cannot make their first edit on a Flow page. The warnings incorrectly inform a temp user about its status.
- A temp user can "add" any topic to a watchlist, although watchlist is not reachable for temp users. A Flow page has the watchlist star that can be clicked by a temp users:
Acceptance Criteria for MVP release:
TBD