search

SeaGL / organization

Policies, procedures, files, notes, and other things necessary for and related to organizing the Seattle GNU/Linux conference.
Creative Commons Attribution Share Alike 4.0 International
5 stars 8 forks source link

Fix staff Matrix space permissions #383

Open strugee opened 9 months ago

strugee commented 9 months ago
altsalt commented 9 months ago

This is all managed by Patch and at the moment I think @AndrewKvalheim manually runs it when updates are made. Would be nice if there were a ci/cd pipeline so that we can push an update...

Ideally we will have a small group of admins that are power level 99 (currently AJ, Andrew, sntxrr, and myself). They aren't level 100 because of headaches this causes during room upgrades and such.

Everyone who is in the staff room will have power level 50 (or something), which will allow them to do most room functions including invitations. We may want this to be something like everyone in a staff room with power level greater than 1 so that inactive staff aren't identified as such when the conference comes.

I agree that anyone who is an active staff should be able to invite to rooms that they are in and we can fix it if this isn't the case.

Also, there are a couple of more restricted rooms (e.g., finance and CoC) where access is by request due to sensitive topics being discussed.

AndrewKvalheim commented 9 months ago

We’ve discussed the ideal of managing it via Patch but no one has ever designed or implemented that functionality.

My understanding has been that in the interim you’ve been managing access manually, which is why we elevated your account’s power level during the most recent room upgrades.

On the occasion that you’ve been unavailable or we wanted a room created by Patch I’ve made ad hoc API calls on the command line using the bot’s credentials but there’s no system in place for repeating that. Modifying an existing m.room.power_levels this way is particularly awkward and not something I have experience with.

strugee commented 9 months ago

Would be nice if there were a ci/cd pipeline so that we can push an update...

This already exists FYI. https://github.com/SeaGL/patch/blob/main/.github/workflows/deployment.yml

altsalt commented 9 months ago

We’ve discussed the ideal of managing it via Patch but no one has ever designed or implemented that functionality.

My mistake, for some reason I recall a prior version where a list of admins and moderators was stored and enforced by Patch.

My understanding has been that in the interim you’ve been managing access manually, which is why we elevated your account’s power level during the most recent room upgrades.

I think my core question is whether we've been managing room permissions, such as the level an invite is required, ad-hoc as well. It sounds like that's the case, but wasn't my understanding.

On the occasion that you’ve been unavailable or we wanted a room created by Patch I’ve made ad hoc API calls on the command line using the bot’s credentials but there’s no system in place for repeating that. Modifying an existing m.room.power_levels this way is particularly awkward and not something I have experience with.

Yeah, this can cause quite a few issues and wasn't recommended, especially for rooms acting as spaces. Last time I looked into it the suggestion was to copy over the entire power_level block, change the thing you want updated, the send the whole block back.

Anyway, having a command that sets the room permissions based on a set of lists would be nice but isn't a priority at the moment.

We'll still need to make some decisions about who gets what permission in the set of conference rooms and spaces manually before creating them.