![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
pseudomonas) wrote in ![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
dw_suggestions2014-04-20 05:04 pm
In Case of Emergency write-only access
Title:
In Case of Emergency write-only access
Area:
Posting
Summary:
Give limited access to a small number of other DW users to make posts on your behalf, with restrictions. [New feature suggestion]
Description:
What I want is a write-only function where (say) I nominate (say) you as an In-Case-of-Emergency poster for if I'm (say) ill in hospital; you can then post to my DW, but without any ability to see locked entries, modify settings, modify circle, or anything else; furthermore there'd be a prominent heading applied to any posts you made saying "posted by [YOURUSERNAMEHERE]", so impersonation wouldn't be possible. I can always delete or modify the posts that you have made on my behalf. Crossposting would work as normal.
Other methods:
a) implement this as an external website, using OpenID to verify you and store my password. Requires competently-run, secure, trustworthy third-party site. Need to remember to log in to that site every time I change my DW password.
b) give you my password. Trusts you to keep it safe, not lose it, and I have to tell you every time I change it. Allows impersonation and account-modification.
c) Give you my post-by-mail credentials. As above, but doesn't allow impersonation, eats an address slot per person, and only works for paid/permanent users.
d) The one that usually gets done these days - you making unlocked posts and hoping that enough of my circle see the post and that I don't have anyone I'd rather didn't know. This has the advantage of being simple, but is really not an effective solution to the problem.
Considerations:
I would favour the poster having the ability to post using any publicly-visible security setting that would let the poster see the post (at least "access-list-only" or "public") and possibly edit posts that they have themselves made (but not remove the header saying that the post was made by them). I don't see much need for anything beyond that; they can comment on posts as themselves.
I would envision small number of people given these posting privileges, though I don't have a particular limit in mind, and I don't see a really good reason to put a hard-limit on things.
There's always a risk that someone will post a malicious or spurious report, but really they can do that *anyway* via method d), it's called lying, and it's a social problem that is solved by only authorizing people that you trust not to do that kind of thing.
This suggestion:
Should be implemented as-is.
32 (52.5%)
Should be implemented with changes. (please comment)
15 (24.6%)
Shouldn't be implemented.
2 (3.3%)
(I have no opinion)
12 (19.7%)
(Other: please comment)
0 (0.0%)
no subject
I, the owner of the account, give you, a third party, a token given you access to a limited set of the abilities that I have. I can then invalidate that token at any future point.
Making it generalisable, and applicable to non-DW users, and you've got something which would allow third-party sites to make posts without them having to know your password.
no subject
no subject
no subject
I currently have the passwords (or, md5 hashes thereof) of various DW users, and I don't want them!
no subject
no subject
no subject
no subject
no subject
no subject
* Allow me to grant moderator/administrator access to my account, as if I were a community
* Make that access a la carte, so I could pick which specific permissions to grant
no subject
no subject
no subject
Generally if I had some sort of emergency notification, I'd want it on tighter access than just "access list".
no subject
no subject