On Wed, Sep 5, 2012 at 9:57 AM, Duncan Coutts <duncan.coutts@googlemail.com> wrote:
In the new server the security is a little better, but we still want
to have a manual step to grant uploader rights.

Well, my impression is that the new server has a number of incomplete features that we are ignoring for now,  and that we are adopting essentially the same model as before.   In particular the per-package upload groups have been disabled as we aren't importing the old accounts and have no way to initially populate the groups.    And personally, I'm ok with leaving this functionality disabled for the indefinite future. 

However,  I do think we need to streamline the account request process.   I have a pretty good idea of what I would like to have for LtU,  which might also be a good starting point for hackage.  Basically:

1.  An account request form,  that would require a username,  a private email address,  a private comment to the administrators,   and some public profile information.   The profile information is there mostly because spammers love to put stuff in there that would identify themselves as spammers.    (But this might not be a huge problem on the new hackage?   The web form might still attract spam, however.)   Even so, I do think some kind of minimalistic profile would be nice to provide for accounts.

2.  An email confirmation system.   The private email address would generally need to be confirmed before an adminstrator would review the request.

3.  A administrator page that lists outstanding requests with links to sub-pages to review each individual request.

4.  Each sub-page would include all relevant information with respect to the request on one page:
      A.  Username,  private email, private comment,  and public profile information
      B.  IP address and User-Agent header associated with both the request and confirmation
      C.  Link to a google search on the email address
      D.  Comments and evaluations by other administrators

5.  Administrators would have the ability to classify the request,  as well as give a level of certainty of that classification.   This would only be for communication with other administrators as well as to collect data that we might someday apply some machine learning techniques to.   Approval or rejection would be a separate process.

6.  That the system would automatically send an email once an request is approved.

This would be a great system for LtU,  I don't know how well it would also fit hackage.   However the phrase "beggars can't be choosers" comes to mind;  I'm not very good at web dev,  and I have plenty of other things on my plate.

I did get a PostgreSQL schema put together for my system this weekend,  and a very minimal start on a Snap web app as a proof of concept.   My idea for integration,  if this basic approach eventually gets to production,  would be to use Data.Acid.Remote to create accounts inside the existing server.  

Best,
Leon