[wp-meta] [Making WordPress.org] #3895: Get Involved (make.wordpress.org) sites user audit
Making WordPress.org
noreply at wordpress.org
Wed Oct 31 11:46:48 UTC 2018
#3895: Get Involved (make.wordpress.org) sites user audit
--------------------------------------+--------------------
Reporter: azaozz | Owner: (none)
Type: defect | Status: new
Priority: normal | Milestone:
Component: Make (Get Involved) / P2 | Keywords:
--------------------------------------+--------------------
We have quite a few users on the "Get Involved" sites, and lately been
getting more and more. That's great! :)
To make user management a bit easier, clearer, and to enhance security a
bit, thinking we would need to do an user audit, and implement some basic
rules.
IMHO the following would be a good start:
- If somebody doesn't log in for a year we automatically set them to
"contributor".
- All users should be "authors" by default. Users that need to
`edit_others_posts` or moderate others posts' comments can be made
"editors" on as-needed basis (and then set back to "authors" when editing
of others posts is not needed any more).
In addition I don't think we would need any admins there, except the
network SA of course.
All of this is a good security procedure that should probably be
implemented for all blogs/P2s/sites on wordpress.org.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/3895>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list