Hide the anonymous note creation form when the limit is exceeded #6593
Conversation
|
I thought we had already done this? How does it differ to what we have now? |
|
Currently, a suggestion to log in is shown after 10 notes: You can still ignore it and continue creating notes I propose to show this warning after 5 notes. |
|
I doubt that this is the right approach. Anonymous notes can also be useful to us, they just take more time to process. |
|
It's not (yet) about complete banning anonymous notes. If someone has created more than 10 anonymous notes through a website, then in practice this person is doing something wrong. Either these notes will contain little useful information, or it is from a dubious source, or he adds personal notes to his journey, or it will be easier and faster for the user to register and add objects own. The reverse side of this restriction is the registration of a new mapper. This is potentially more useful. |
|
For completeness, this PR would close #5934 (if I'm reading correctly). |
No. This is client-side protection. It can be bypassed, for example, using third-party apps. However, third-party app users are far fewer, and most apps add the "user agent" to the note text. Thanks to the user agent, at least some grouping of notes will appear, which will simplify the elimination of vandalism. However, perhaps this will help for most cases of vandalism and problem #5934 will be solved. After all, the restrictions on the size of changesets are also imperfect and easy to bypass, but they helped. |
Right, I understand the initial description of #5934 sounds like it expects something more reliable, but ultimately a later comment (#5934 (comment)) refines it to pretty much what this PR offers. Which is understandable, because any other option sounds too heavy-handed. |
pablobm
left a comment
There was a problem hiding this comment.
I'm pessimistic about this solution... but I don't have the experience of dealing with anonymous notes every day, so I cannot tell for sure. I think it's worth trying, if only because it's very low hanging fruit. The DWG can then report back to let us know what they observed.
I don't know that the expiry needs to be reduced to 14 days, but also open on that one.
606bd65 to
0c6de8c
Compare
5e1d155 to
15928f8
Compare
15928f8 to
a71a909
Compare
pablobm
left a comment
There was a problem hiding this comment.
I say let's try this 🤞 Thank you @deevroman!
|
|
||
| def hard_anonymous_notes_limit_reached?(anonymous_notes_count) | ||
| !current_user && anonymous_notes_count >= 10 | ||
| end |
There was a problem hiding this comment.
I think you are correct here, making these into pure functions instead of expecting @anonymous_notes_count to exist 👍 (which was what I initially suggested).
Description
I am justifying this PR based on renewed interest in forum posts on this topic starting in the fall of this year https://community.openstreetmap.org/t/we-dont-need-anonymous-notes/105335/128 as well as from personal experience of resolving notes
The previous warning is displayed after 5 anonymous notes
I reduced the lifetime of cookies that count anonymous notes to two weeks to compensate for the limit a little
How has this been tested?
Manual testing, as well as adding a new autotest
Explanation
Yes, the API is still not protected. Yes, you can open a private window.
But at least it will stop stupid robots, and it will also stop some users who use notes for other purposes faster. It is also a small stick in the wheels of lazy vandals.