As a workaround you can go into the database and query directly for users with rejected application and email provided. Then write a script to email them. Getting a fix developed, reviewed, merged and deployed will take a few days in the best case. And even longer now because we are busy with lots of things.
this post was submitted on 08 Jun 2023
480 points (100.0% liked)
Technology
37705 readers
123 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
To work on bugs and test do I just need the UI and backend? Does the backend code have a embedded DB for local development? I can code, btw. I can figure rust out, great with JavaScript and JVM languages.
The rust backend, Postgres Db and UI are all available as docker images. The rust “lemmy” repo has a docker compose file (if you are familiar with the concept) allowing you to spin up the whole stack locally pretty easily if you already have docker installed.
load more comments
(11 replies)
Likely need to define some basic rbac controls. They signed up, sure, and have an initial role of “pending”, but don’t receive a “user” role until after approval. Then in the home page, when signed in, they get a banner saying they’re still in pending and will not be able to post or comment.
The major concern will be retroactively applying user roles to the existing users.
I'm a fan of this approach. That way, we can return a 200/201 on subsequent registrations for the case where an attacker would query if a user name already exists on an instance. If rejected, remove the account. If accepted, add the user role.
Bit of a tangent here, but if you’re ever looking for experience designers to help out here and there, or to just give something a second set of eyes, I might be able to lend a hand or connect y’all with some bright and chill people.
You probably don’t want me making any PRs, but I know my way around Figma and a user test plan.
I'd love to see you redesign some parts of the Lemmy UI!
In my option, a lot of designing work is still to be done so I'd love to see mockups you can make and your thoughts on design work!
load more comments
(24 replies)
Thanks for posting and writing all this up. I'll take a good look at it if this is a Friday that work tickets decide to slow down.
Hiya! Lemmy was actually one of the reasons I started learning Rust, but I do also know JavaScript, Python, a bit of Julia, C, C++, MASM, NASM, MIPS, a bit of TypeScript, and Java. I've worked on both frontend and backend although I think my expertise and comfort lies with backend primarily. I'm not sure if I'd be able to help with y'all's issue as I'm not familiar with the Lemmy codebase, but I'd be willing to try and help debug the issue and hopefully get it under control.
A "quick fix" might be to test for a user unapproved status on login and provide it as a status (e.g. 404:application_denied). Then the behaviour can be either release all created but unapproved accounts after 24hrs elapse or perma-"ban" until approved like it is now depending on server preferences.
"Quick fix" as in it's seems quick but will take me a while to implement if I were to try and I won't have time for a few days to get serious and become familiar with the code.
404 wouldn't be the right status code, 403 would be more suitable.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses
Servers may also send [a 404] response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client.
In this case, I agree that 403 is the better response, but for some resources, in the name of security and privacy, 404 might be more appropriate depending on the request.
Yeah at work we mask all responses to the client in production to x00, but in the scenereo the original commenter laid out exposing the 403 would be best.
Adding a modal client side would prob be best here.
I thought this was a mistake. I filled out an application early on and didn’t fill it out correctly. I expect that account was denied, but I did notice that the user was created the exact second I applied which was weird. I assume the username is now in a limbo state. Seems strange that lemmy would create an account before it’s approved.
There needs to be something to approve or reject, after all. It could have been a separate table but this way is probably better ultimately, modulo current bugs. The same machinery can be used for suspending accounts and other steps in the account lifecycle.
I cannot code. 🫤
But it occurs to me that we need a couple of features - although maybe they already exist.
One is the ability to back up a Lemmy account and download the data.
The other is account portability - the ability to move an account from one instance to another.
But I suspect that #2 might be impossible.
load more comments
(2 replies)
I wonder if the RES devs might consider working on BES (or LES)?
We can definitely use all the help we can get. Luckily since lemmy and its UI is open source, we can embed all this highly popular functionality directly into lemmy-ui.
I'd love it. I don't hate the UI as it currently is, but I'd definitely appreciate some features, like the hotkeys RES has, or a tighter UI in general, with less padding and space between elements.
To be fair, tweaking the UI is surely in my power and skillset, but UI is surely my least favorite part of development as a whole.
If I remember correctly, RES has basically been limping along in maintenance mode for quite a while now and there's only one or two people left working on it - and only from time to time.
Off topic but I'm really happy that the developers chose Rust to code Lemmy in. Low maintenance + high performance is the ideal combo for open source server software.
load more comments
(5 replies)
I'm a beginner with Rust, but a full-time web engineer with React/TS/PHP/SQL/etc experience. I'm a bit swamped at the moment, but I'm down to contribute eventually :)
I have front end and back end experience but work has me kind of bogged down lately. If nobody has stepped up by Sunday I should be free to start taking a look at it at the very least.
I forget my password to my GitHub account, so ill just reply here. I agree - it is a bit hard to know if youve been accepted or not. I just kept trying to log in once or twice over an hour or so, but I doubt thats feasible especially for the cases of people who get denied and dont know why.
I am not quite certain on the structure of a Lemmy server, but I imagine there's a log of users that you can join to a particular db entry for acceptance status and denial message. Given that you host the server that this is on, I imagine you might be able to append some changes to the login page to access these fields.
My thought is that there can be a small text input added to the bottom of the log in page that you can enter in a username, and have it present the necessary data pertaining to acceptance status. Again, not sure how this would work in Lemmy structure land, but in MVC where Im competent, I would have an endpoint that returns data as json, then ping it with an ajax post request. Id imagine something similar could be done here
load more comments
(1 replies)
I have Rust experience and will consider helping out. I've been wanting to help out Lemmy recently anyway.
@Gaywallet what if you signed up without an email? I don't think I added an email address until later attempts.
What can we do to reapply with a decent effort?
There is no reapplying until this is fixed.
Does this issue also explain why I didn’t receive an email to say I was successful and only discovered I was approved by just trying to login just in case or is that a separate issue? Edit: I am a fool. I don’t believe I supplied an email address… I’m off to a great start!
load more comments
(2 replies)
load more comments
(2 replies)
I'm a react dev. I'm happy to contribute in my spare time, probably weekends and smaller issues. I noticed the client is built in inferno, which from a quick look appears to be fairly similar to react, so I'm sure I can be useful. I'll have a look tomorrow, can see a large list of issues so I'm sure I will find something to do.
I’ll take a look at it and submit a post request with fixes within the next week
load more comments
(1 replies)
I'd be happy to help contribute as best I can. I don't have much Rust experience but I'd like to learn more. One thing I'm noticing: I like that there are a good deal good first issue tags for the backend repo, but only one for the frontend. I'm not sure if there's really that far fewer intro tasks for the frontend or if they're just not tagged as thoroughly.
I don't really know Rust at all but it might be a good opportunity to learn. I come from a C# and Python background so I might see if there's anything I can tackle.
I can't code, but I'd be happy to send donations to those who can to work on Lemmy. I'm not a rich man but I'll happily help how I can.
as they didn’t write enough in their registration for us to really evaluate if they were a good fit for this instance.
I'm just curious, what do you consider to be "writing enough"? How strict are you with your applications? I'm trying to learn from beehaw for my own instance.
We want them to fit in with our philosophy, so we're looking that they paid attention to our rule, our ethos, and our ambiance. To be clear, we're not making judgements, but if you leave it blank or only talk about federation, we can't be certain that you will vibe with how we moderate and what we're trying to do here.
Cool. Roughly how many % of applications do you deny? I'm starting to wonder if I should be stricter with my applications for the sake of "user quality".
I've found many applications simply fail to answer the questions. I guess this should at least be a minimum requirement.
I think we're approving around half, but I'm not sure if that's kept up today. To share my thoughts on the matter I'm extremely concerned about the possibility of this place moving the direction of echo chambers for a variety of reasons. I'll probably make another philosophy post in the next week or so, but I've been very overextended between this, work, current healthcare issues (I've had 2 surgeries in the last two weeks 😩), stuff for pride month (I'm a leader at my work's pride ERG, moderated a speaker today, speaking for a group next week, gotta help with SF pride, etc), and in general being busy in my social life as well so I haven't really had a ton of time to contribute all my thoughts or put them on paper as I'd like to.
Oh my goodness! Please, please, please look after yourself and your health and wellbeing first and foremost!
It sounds like we're a lot alike, and I burned myself out overextending myself, like you're doing, trying to help others so much for so long...my health issues got worse and now I can't help anyone because I can barely even take care of myself! and it's an awful feeling when previously helping others was my whole thing and reason for living.
This may be unsolicited and TMI, but just wanted to caution you about what could happen. Look after yourself, please! You deserve it! Remember that you can't help and look after others if you don't help and look after yourself. Thank you for everything you've done and are doing already. Hang in there. <3
I greatly appreciate the feedback and I have taken a few steps back this week to ensure I'm not overextending myself. Thank you for looking out for me 🥰💜
load more comments
(1 replies)
anywhere from 1/3 to 1/2, yeah
load more comments
(2 replies)
load more comments
(3 replies)
I got my approval email, is the problem limited to denial notification?
The GitHub link details the scope of the issue
Is there a way we can minimize the stickies? It’s a quality of life but would be great to read it once and shrink it so I get to my feed quicker.
I am a software developer. I will look at it this weekend at some point. I'll try to help if I can.
view more: next ›