Plugins:PluginDirectory/EditingWorkflow

From MozillaWiki
Jump to: navigation, search

The Plugin Directory offers editorial workflows for:

  • accepting suggested updates to plugin releases from anonymous users;
  • review and acceptance of suggested updates by users with "editor" access and above;
  • allowing editing of plugin releases in personal sandboxes for any registered user;
  • reviewing and deploying plugin releases in sandboxes by users with "editor" access and above;
  • Sandbox changes are never cached
  • Updates to live plugins will appear after 1 hour (results are cached for 3600 seconds)

This page offers some more details on how this works.

How to get started editing plugin data

  1. Sign up for an account; verify your email address; log in.
  2. Find the plugin you want to edit, click the plugin name to view its details.
    • You can use the search box at the top of the page to find plugins.
    • Or browse known plugins via the tabs By Name / Application / OS / MIME Type
  3. On the plugin details page, click "Copy to Sandbox" to copy the plugin data to your sandbox.
  4. In your list of sandbox plugins, click "edit" to begin editing your private copy of the plugin data.
  5. When finished editing, click the "Save Now" button at the top of the page.
  6. Click the "Plugin details" link to return to the plugin details page.
  7. Click "Request approval" to request review of your changes from a directory editor.
    • If your account is flagged as trusted for this plugin, you may be able to click "Push live" to deploy your changes directly from the sandbox.
    • If you are the author of or a representative of the vendor for a plugin, and would like to become a trusted editor for a plugin:
      • Sign up, log in, and copy one or more plugins to your sandbox as described above.
        • If your plugin is not yet in the directory, you'll need to create it as a new plugin in your sandbox.
      • Send email to lorchard@mozilla.com and include the following in your message:
        • your full name;
        • login name;
        • phone number;
        • a short message describing your relationship to the plugins in your sandbox.
      • You may receive a phone call or further correspondence to manually verify your claim to the plugin.

Access levels

guest 
anonymous user, not logged in
member 
registered user, logged in
trusted 
user assigned editor access to a subset of plugins by PFS ID (ie. a vendor, with access to manage their own plugins)
editor 
user with read/write/deploy access to plugin releases in all sandboxes
admin 
user with full read/write/delete access to both live and sandboxed plugin releases

Anonymous submissions

Visitors to the front page of the site are offered a list of detected plugins paired with status in the directory. This status can be one of unknown, latest, outdated, vulnerable, newer, or uncertain.

Each detected plugin offers a link to an anonymous submission form. A visitor can use this form to provide corrections in case:

  • displayed plugin details are incorrect;
  • he/she has information about a plugin unknown to the directory;
  • or he/she has installed a plugin update not yet known to the directory.

These form submissions are viewable by users with "editor" access in a review queue. Each submission can be converted into a new plugin or a release added to an existing plugin in a sandbox. From there, the information can be revised until it's ready to push live.

Sandbox editing

All registered users have a personal sandbox. Any live plugin and associated releases can be copied to this sandbox. The user owning the sandbox has full editing access to the data therein. Normal users cannot see other users' sandboxes.

When a user is logged in, plugin data from his/her sandbox takes priority on the front page over live data. This allows the user to preview edits to the sandox data with respect to detected installed plugins.

So, for example, consider the case where live data reports that a given installed plugin is newer than the directory's entry. The user can copy that plugin to his/her sandbox, edit the details to match the updated plugin, and then visit the front page to verify that the new plugin version is correctly detected as the latest using the sandbox data.

Once satisfied with the edits, the user can then request approval for the changes, which sends out an email to site editors wit a link to review the sandbox changes.

Editor approval

Users with editor access have the ability to view/edit/delete data in any user's sandbox. From there, they can review sandboxed plugins, perform edits, and deploy a sandbox plugin live.

Deploying a sandboxed plugin live overwrites the live data and makes the changes available to all users via the PFS search API.

Users with editor access cannot create/edit/delete live plugins directly.

Trusted users

Trusted users are assigned editor level access to individual plugins, including their live versions and all copies in sandboxes. This is most useful for vendors, giving them self-service access to their own plugins.

Editors can add a user as trusted to a plugin from a copy of the plugin in that user's sandbox. A trusted user cannot add additional users as trusted.

Edit another user's sandbox

  1. Login as a user with enough priveleges
  2. Click Sandbox Tab
  3. Edit url from {my username} to {their username}

Example: http://plugins.stage.mozilla.com/en-us/profiles/user_with_admin/plugins becomes http://plugins.stage.mozilla.com/en-us/profiles/jane_doe/plugins

Granting another user privileges

Ad admin may change the role of another user.

  1. Login as a user that has the admin role
  2. Got to Settings > Edit profile Details
  3. Edit the url from {my username} to {their username}
  4. Update role and save

Example: http://plugins.stage.mozilla.com/en-us/profiles/user_with_admin/settings/basics/details becomes http://plugins.stage.mozilla.com/en-us/profiles/jane_doe/settings/basics/details