Talk:Trust and Safety Product/Temporary Accounts/2024/May


Global User Contributions

Hey everyone, this is another small update, I've just created a new page Trust and Safety Product/Global User Contributions about a tool we're working on, related to temporary accounts. Over time, we'll be adding new information and pictures to that page.

For clarification, if you're curious about the naming: the new tool's name will be the same as the current one's because the current GUC will stop working, and the new GUC will have all its features.

Thanks! SGrabarczuk (WMF) (talk) 16:36, 8 May 2024 (UTC)Reply

Database backup dump changes

How are database dumps going to indicate temporary users? In particular wikidatawiki stub-meta-history.xml. Currently the contributor element has an ip= attribute for ip users. Bamyers99 (talk) 15:04, 21 May 2024 (UTC)Reply

Hello @Bamyers99. Thanks for reaching out. I wanted to make sure I fully understand the question. Are you asking specifically about the new attribute used for temporary accounts instead of ip=? SGrabarczuk (WMF) (talk) 16:53, 21 May 2024 (UTC)Reply
If there is a new attribute, then that is what I am asking about. Its name and value type. Bamyers99 (talk) 17:03, 21 May 2024 (UTC)Reply
Hey, I'm coming with an answer from our engineers. We aren't planning on adding a new attribute. Instead, the current assumption is that the existing attribute for logged-in users would be used, and the value would be the temporary account name.
What do you think about this? We're open to discussing the developer experience side on Phab.
Thanks! SGrabarczuk (WMF) (talk) 00:50, 22 May 2024 (UTC)Reply
That works for me. T345855 shows the pattern to look for in the account name to identify a temporary account. Bamyers99 (talk) 12:58, 22 May 2024 (UTC)Reply
Thanks for the question and comments, @Bamyers99. I filed T365693 with a proposal for setting an attribute in the dumps. Please comment there if you have opinions on that. KHarlan (WMF) (talk) 11:50, 23 May 2024 (UTC)Reply

Wikimedia OAuth

Hi, I'm the maintainer of the WP 1.0 bot, and the corresponding website at https://wp1.openzim.org. We have multiple points at which we store user data, and are currently using OAuth as an authentication mechanism. Currently, I believe only users with accounts will be able to OAuth. This leads to a few questions:

  • In the future, will temporary account holders also be able to grant OAuth permissions/sign in with OAuth?
  • If so, would they lose their user data on our tool if their temporary account gets lost/deleted? (I assume yes).
  • If that's the case, is there any way for the OAuth flow to return information about if the account is temporary, so we can display a warning message or deny access, as appropriate?

Thanks! Audiodude (talk) 18:06, 21 May 2024 (UTC)Reply

We haven't decided yet (see T344721) I think for the initial release of temporary accounts, we would probably not allow temporary accounts to sign in with OAuth, to simplify things. KHarlan (WMF) (talk) 07:37, 27 May 2024 (UTC)Reply
Return to "Trust and Safety Product/Temporary Accounts/2024/May" page.