00755: Preventing vandalism using $EnableDrafts and Site.Edit

Summary: Preventing vandalism using $EnableDrafts and Site.Edit
Created: 2006-06-12 08:04
Status: Closed - fixed in 2.2.0-beta43
Category: Cookbook
From: Pico
Assigned:
Priority: 33

RoadMap: 2.2.0

Version:
OS:

Description:

Summary

In a thread on the PmWiki mailing list that started with this Preventing Vandalism post requesting solutions, Luigi offered this suggestion for having saves qued for moderator approval and Pm replied with this proposal:

Yes, it can be done. I'll write up a complete recipe for it, but the essential concept is to change Site.EditForm so that the "Save as draft" button is labeled "Save" and is all that a typical author sees, while the "Save" button is labeled "Publish" and and is displayed only to moderators.

In followup posts, Pico struggled to

  • understand how Save As Draft ($EnableDrafts) actually worked,
  • identify the source of (his) confusion, and
  • explore whether the user interface should be clarified when using $EnableDrafts, and

Lugi provided this helpful distillation and comment:

" So, how could PmWiki best communicate to authors that the Save and Save As Draft are "smart" buttons that behave differently depending on context?"
Honestly, I admit that the first time I tried, I also failed about the same way.
Pico is right.
And guess that Pico's suggestion no. 1 could be a good choice:
"1. Dynamically relabel the buttons when their function changes, i.e. when the document being edited ends with "-draft" change the labels to reflect the fact that the "Save" will now publish the draft to the original and that the Save As Draft will save this draft.

Proposal

Taken together, these various suggestions can be combined to propose that the labels for buttons be changed:

  • on all draft pages, generally (on all sites that use $EnableDrafts): change Save to Publish and Save As Draft to Save (or Save Draft)
  • on sites that use Pm's proposal for Preventing Vandalism:
    • draft pages follow general changes above, except hide the newly relabeled Publish button from authors
    • original pages, change Save As Draft to Save for authors (only: no changes for moderator)

Details and examples

In exploring the user interface for $EnableDrafts, it helps to distinguish the different ways that the Save and Save As Draft buttons behave depending on whether the page being edited is the OriginalPage or OriginalPage-Draft:

Current Functions

This table identifies what each button does, depending on whether the page being edited is the original or draft:

ButtonOriginalPageOriginalPage-Draft
SaveSaves Original PageReplaces OriginalPage with OriginalPage-Draft
Save As DraftCreates Original Page-DraftSaves OriginalPage-Draft

Clarifying Labels

This table identifies current, and proposed changes to, the text that appears on labels, depending on whether the page being edited is the original or draft:

Current LabelOriginalPageOriginalPage-Draft
SaveSaveSave Publish
Save As DraftSave As DraftSave As Draft

Note: the labels are only changed when buttons are presented for a draft page.

Preventing Vandalism + Clarifying labels

To explore how each issue (vandalism and clarity) is impacted by one, or more, proposals, requires an examination of the following:

  • Type of page: original or draft (as above)
  • Type of user: author or moderator
  • Type of site: default or protected from vandalism

Pm's proposal for a recipe for protecting vandalism viewed in various contexts

 Default (unprotected site)Protected site
 AuthorModeratorUntrusted author
Current LabelOriginalPageOriginalPage-DraftOriginalPageOriginalPage-DraftOriginalPageOriginalPage-Draft
SaveSaveSaveSaveSave PublishSave (hide)Save (hide)
Save As DraftSave As DraftSave As DraftSave As DraftSave As DraftSave As DraftSave As Draft

Pm's proposal for a recipe for protecting vandalism, modified to clarify labels for $EnableDrafts

 Default (unprotected site)Protected site
 AuthorModeratorUntrusted author
Current LabelOriginalPageOriginalPage-DraftOriginalPageOriginalPage-DraftOriginalPageOriginalPage-Draft
SaveSaveSave PublishSaveSave PublishSave (hide)Publish (hide)
Save As DraftSave As DraftSave As DraftSave As DraftSave As DraftSave As DraftSave As Draft

Note:

  • Both (1) authors on unprotected sites (trusted authors) and (2) moderators, on protected sites, are treated the same and the labels for each are conformed
    • Original pages: no change from current labels for trusted authors or moderators
    • Draft pages: both labels are changed; but no change between trusted authors and moderators
  • Authors on protected sites untrusted authors
    • Save: buttons hidden on both original and draft pages
    • Save As Draft: labels changed to Save on both original and draft pages

So, the bottom line would be that the current labels would change when editing draft pages and, for protected sites (untrusted) authors would have the button currently labeled Save hidden (on all pages), and the button currently labeled Save As Draft would renamed to Save (on all pages).