Mailinglist Archive: opensuse-features (166 mails)

< Previous Next >
[openFATE 306625] automatic email alias, irc cloak, lizards data generation on users.o.o
Feature changed by: Hendrik Vogelsang (hennevogel)
Feature #306625, revision 17
Title: automatic email alias, irc cloak, lizards data generation on
users.o.o

- Hackweek IV: Evaluation by project manager
+ Hackweek IV: Done
Priority
Requester: Important

Requested by: Hendrik Vogelsang (hennevogel)
Requested by: Joe Brockmeier (jbrockmeier)
Partner organization: openSUSE.org

Description:
To be able to maintain the list of @opensuse.org email aliases,
freenode irc cloaks and lizards.o.o logins for members the openSUSE
board is looking for a ruby hacker willing to implement automatic
generation of aliases/cloaks in users.opensuse.org. users.o.o is a ruby
on rails application.
Each opensuse member has 2 email aliases (login@xxxxxxxxxxxx, forename.
surname@xxxxxxxxxxxx) an freenode IRC cloak and a wordpress login to
lizards.opensuse.org. At the moment this data is exported and imported
manualy to the different systems. What we would need is a way to make
this automatic and have the data changeable by the user.
Additionally the member check for contribution should be automized. We
check participation with the following defaults: bugzilla login, bugs,
wiki edits, user page, contrib on mls. An automatic check could shorten
the evaluation as well if it simply shows in a yes/no style if there is
any. And Zonker would like to see the adresses to be put in there as
well (yes, on a voluntary base) to have them if eg. people go to a
conference and get some stuff sent to.

Discussion:
#1: Pavol Rusnak (prusnak) (2009-08-27 16:08:59)
The whole users.o.o portal should be rewritten to include the features
like the ones we could find in launchpad.net (e.g.
https://launchpad.net/~stick84) or Fedora Accounts System.
(Uncomplete) Feature list (or the list of the user attributes):
* email contact
* jabber contact
* openpgp keys
* SSH keys
* openid logins
* spoken languages
* computer languages
* location + time zone
* group membership (packager, wiki editor, reviewer, board member, ...)
* avatar
* opensuse.org email aliases
* freenode irc cloaks
* ...
We'll discuss this in more detail during Multipliers Kickoff and I
would like to work on this afterwards.

#2: Scott Couston (zczc2311) (2011-04-03 04:27:42)
Preface: Please forgive my Verbose comment and/or suggestions here.
The following may well have already been undertaken, and if so: my
apologies. The main reason for my comment is that after 4 years I have
never seen any reference to any ISO; nor seen one adopted etc.. - I may
be horribly incorrect here
Well before we look at the functional nuts and bolts aspects to this
request, l would suggest that Policy needs discussion. The functional
creation of 'Connect' needs to function according to policy. If there
is a Policy Document and Functional Specification; please provide URL's
Rather than reinvent the wheel, I would suggest that a Data Policy
documents should follow the guidelines already available in various
ISO's. ISO- International Standards - Quality Assurance documents have
been in refinement for several decades as a result of the E.U meetings
in Brussels.
The ISO's are many and varied and cover manufacturing, construction,
marketing, mining, safe handling and storage of food, mining and
distribution of Rare Earth Minerals, I.T...and endless levels of any
creative development of Man!
http://www.questanalytical.com/Document%20Control/documentation.html
It is not unusual for an entity to follow parts of a few ISO's. - For
example the bulk of our I.T International Standards are covered in ISO
9002, 9004 (Off the Top of my head). I would suggest we examine the
existing ISO on the aspect of Data Security well before we construct
such an application - From what I have seen this may well be far too
late to bring the 'Connect' Applications' development into line with
International Standards of Data Security!
Online Databases containing vast amounts of personal information scream
out for having their design comply along International Data Security
Standards of Quality.

#4: Per Jessen (pjessen) (2011-04-13 08:03:33) (reply to #2)
"International Standards of Data Security" - to my knowledge, there are
no such standards. ISO9001 is about quality management, ISO27001 is
about information security, but that's different. Standards such as
HIPAA and PCI are not international nor do they really apply to
openSUSE.

#5: Scott Couston (zczc2311) (2011-04-14 01:18:48) (reply to #4)
Per, the above statement frightens the hell out of me....ISO are our
World Standard of both Quality and establishing the best processes to
fulfil it and to state fundamentals that must be included in design and
manufacturing markets. I would suggest you obtain the Index list from
Brussels ISO Office or just the net....Off the top of my head some of
the ISO's that made up our industry are taken from the following: ISO
15489-1:2001 Information and documentation - Records management - Part
1: General International Organization for Standardization / 01-Sep-2001
/ 26 pages ISO/TR 15489-2:2001 Information and documentation - Records
management - Part 2: Guidelines International Organization for
Standardization (Technical Report) / 01-Sep-2001 / 46 pages ISO 19011:
2002 Guidelines for quality and/or environmental management systems
auditing SO/IEC 90003:2004 Software engineering - Guidelines for the
application of ISO 9001:2000 to computer software International
Organization for Standardization/International Electrotechnical
Commission / 01-Feb-2004 / 54 pages
ISO's Apply to ever endeavour that man does, except in the US where
they have legislated Quality aspects after the SOX.litigation and loss
of data required legislation as the US Market could not reply on
everyone adhering to QA ISO...They dont use QA at all in the USA. -
They just legislate the holes in data security when something big falls
through it - I am very surprised you cannot recall the SOX...etc...
Legislation in the US as it represented the biggest enforceable bit of
legislation to effect ANY Country since history began purely on Data
Security had occurred ... http://en.wikipedia.org/wiki/Sarbanes%E2%80%
93Oxley_Act (http://en.wikipedia.org/wiki/Sarbanes%E2%80%93Oxley_Act)
http://www.sox-online.com/basics.html http://www.soxlaw.com/index.htm
Your Analysis have the job of conforming to ISO and being aware of US
Legislation well before the Programmer writes the first line of code...
Bugzilla and all PMS Systems are designed to enforce quality, however
our current philosophy use negates all its benefit that it a PMS is
designed to do

#3: Scott Couston (zczc2311) (2011-04-13 04:18:01)
I am very alarmed at: The connect database is a default opt-in The
default visibility, clocked or otherwise, is either public or logged in
users. I am not specifically concerned with myself...but to have a opt-
in default for all users/members from old lists and the default
visibility being either public or logged in users is just asking for a
flood of complaints..I am not concerned with myself, my concerns are
about this project possibly hurting opensuse and its members.
I would suggest that urgent action be taken on ALL contact info be bulk
changed to private and for every member o the database to be emailed
requesting them to change add or modify their profile as they see fit!
This could be very ugly in my humble opinion

#6: Scott Couston (zczc2311) (2011-04-14 01:58:49)
The absolute Key to Managing Bugzilla and openFATE is the Quality
Manager. Without having complete project Authority and the ability to
set time frames for fix or developer our PMS Projects are doomed to
failure.
The Role of the QA in terms of software Problem management tools can be
found in the following; and perhaps if we collectively support a well
experienced QA the project will go ahead leaps and hounds. Please don’t
think I am criticising current processes at all...far from it..I still
want to see opensuse of every desktop and server in the World.
http://wiki.en.it-processmaps.com/index.php/Roles_within_ITIL
(http://wiki.en.it-processmaps.com/index.php/Roles_within_ITIL)
http://wiki.en.it-processmaps.com/index.php/Roles_within_ITIL_V3
http://wiki.en.it-processmaps.com/index.php/ITIL_Implementation_-_ITIL_Roles
http://wiki.en.it-processmaps.com/index.php/Problem_Management

http://www.e-ictsupport.org/fits/Sec/proactive-processes/problem-management/DW1157_1_Roles_and_responsibilities_in_Problem_Management.html

http://www.forrester.com/rb/Research/problem_manager_new_it_service_management_role/q/id/45160/t/2
http://www.softwareqatest.com/qatfaq2.html
http://en.wikipedia.org/wiki/Software_configuration_management
http://www.itservicestrategy.com/it-project-management-audit-templates
In reading the above keep the though in the back of your mind.
Many Models about the QA are based on and subsequent to US Legislation
rather than ISO. The best way to understand the role of the QA Manager
is to obtain the ISO written specifically on the subject of QA Manager,
wirkflow, Assessment, conformation etc...all based on the ISO's. A lot
of the above material templates are US based and have been designed by
the US Legislation.' Due to your international market, I would suggest
you follow all the guide lines, including the rob of the QA as defined
in the ISO's.
...for the record the whole .E.U wrangle about antitrust with Microsoft
would never have see the light IF the US had adopted the IOS's as the
standard rather than follow their own legislation on the very small
subject of Data Security, Trust and Open Dialogue. If free enterprise
companies that stored vast numbers of data including CC details etc -
and then lost aprox 250,000 records by both hack and someone walking
out the door with a DVD; there would never have been the Sarbanes–Oxley
Act in the US.
Being next door to Brussels and the E.U the lack of understanding of
all these matters is probably due to having a very bright and
enthusiastic young group; where histories insubstantial are neither
unknown not not understood...Its all good...we all lern every day, even
me

+ #7: Hendrik Vogelsang (hennevogel) (2011-12-05 14:32:55)
+ Except lizards credentials, which is most probably going to be
+ discontinued in the future, this is now done in connect.




--
openSUSE Feature:
https://features.opensuse.org/306625

< Previous Next >
This Thread
  • No further messages