search

theCrag / website

theCrag.com: Add your voice and help guide the development of the world's largest collaborative rock climbing & bouldering platform
https://www.thecrag.com/
109 stars 8 forks source link

Unlink routes from topos are not listed in activity stream #4238

Open FF-Flo opened 7 months ago

FF-Flo commented 7 months ago

I recently discovered that somebody unlinked all routes from some of my topos, so that these topos are only bare photos anymore. These edits didn't show up in the activity stream, nobody noticed, eventhough i follow the areas. I tried to do it myself -> yes, you can unlink routes in any topos and there is no mention at all, which in case of malicious users is not good. Every edit should show up in the activity stream of a route/crag.

lordyavin commented 6 months ago

They are not "your" topos. You created them and contributed them to the community database. But of course that is not the point.

I can't remember if this has been different in the past, so I'm considering this is a missing feature. The Topo editing component is probably quite old and might not be aligned with the stream features.

FF-Flo commented 6 months ago

Your are not telling anything new.

Point is anybody can unlink routes from topos with nobody noticing it. In this malicious case somebody unlinked ALL routes from a topo (i contributed) and i only noticed it by luck.

Am 29.12.2023 09:25 schrieb Kai:

They are not "your" topos. You created them and contributed them to the community database. But of course that is not the point.

I can't remember if this has been different in the past, so I'm considering this is a missing feature. The Topo editing component is probably quite old and might not be aligned with the stream features.

-- Reply to this email directly, view it on GitHub [1], or unsubscribe [2]. You are receiving this because you authored the thread.Message ID: @.***>

Links:

[1] https://github.com/theCrag/website/issues/4238#issuecomment-1871834891 [2] https://github.com/notifications/unsubscribe-auth/AUSNTTNBBLL27HT6MQA6KULYLZ5ARAVCNFSM6AAAAABAGJY6L2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNZRHAZTIOBZGE

scd commented 6 months ago

Yup this seems like a big oversight on our part. As a mitigation I have done a hotfix so that you cannot unlink a route which is drawn on the topo. Now to unlink the route you have to remove the points from the topo first.

Whilst this does not stop the damaging edits, it does make it more transparent so at least we will see who is doing malicious edits.