Hide emails in CC fields on all tracs

[dd32]

As raised in Slack: ​https://wordpress.slack.com/archives/C02QB8GMM/p1582450533002400

Hi - During a theme review workshop last week some one asked if the theme authors email adress that is visible on the themes Trac could be hidden?

It seems odd that we expose theme author emails like this, so we should hide it them.

On Core & Meta Trac they're hidden through the usage of our Notifications functionality instead, I'm not sure how we can achieve it for Themes Trac but we should endeavour to do something about it.

Noting that on Core.Trac we're using [blackmagic] cc.disable = true and that I think the emails are visible because all Authenticated users have the TICKET_EDIT_CC cap in Trac, where as for unauthenticated users it's truncating and only showing the first part of the email address.

[acosmin]

@dd32 Could you please allow it to be visible to those with higher rank, like TRT admins? It's useful to us when searching for multi-accounters.

[dd32]

#7001 was marked as a duplicate.

[Marc4]

I think exposing the email address associated with the account submitting the theme to the themes team shouldn't be a problem, if is necessary.

However, it would hide that information from the public, since an email address is exposed for no reason, since it does not contribute anything to other users.

[dd32]

Just noting:

• Themes.trac permissions were previously, full emails are only shown to reviewers.
• Theme Submitters can see their own email address.
• Other users can only see start of the email address: example-username@...
• Themes.trac probably requires the email in the CC field as a workaround for other Trac annoyances - Without it, the reporter wouldn't get emails from Trac, as Trac doesn't know users email addresses unless they interact with Trac.

Going forward; I think the things that needs to happen here:

1. Themes.trac tickets need to stop adding CC's automatically.
2. Hiding the CC field is kind of optional I think, but if we hide it, we have to clear the existing values.

To do #1 there, we need to let Trac know what a users email address is, the simplest way to do that would be to as part of the theme submission process, is to make an authenticated call to themes.trac in the context of the user before the trac ticket is created. We could also add a method to our custom Trac API to do it..

[dd32]

Without it, the reporter wouldn't get emails from Trac, as Trac doesn't know users email addresses unless they interact with Trac.
[...]
we need to let Trac know what a users email address is

This could also be the reason why tickets such as #4832 exist.

[Marc4]

I think there is no problem with the sender's email address being sent to Themes.trac and seen by reviewers. However, it would prevent that information from being printed on the screen publicly.

For example, applying the filter: blur(4px); blur effect to the td.searchable field would make the field incomprehensible to the naked eye, but it would still be extractable. This is not the best way to do it, ideally <td headers="h_cc" class="searchable"> xxxxxxxxxx@… should not be printed to the screen.

[dd32]

In 12711:

Trac: Add a custom API to fetch/set user preferences.

See #5055.

[dd32]

In 12712:

Trac: Add a custom API to fetch/set user preferences. Take Two.

See [12711].
See #5055.

[Marc4]

Maybe I am not understanding correctly, sorry if that is the case.

If the only function that the CC field has is for internal processes of the theme review team and for notifications, why not prevent it from being printed on the screen?

My opinion is that it should not be optional. The CC field is required, but it is only required privately (review and notifications) not publicly (visible to anyone).

[dd32]

Replying to Marc4:

Maybe I am not understanding correctly, sorry if that is the case.

The way Trac works is not at all obvious to many, and I wouldn't concern yourself with it in all honesty (I wasn't at all responding to your comments above directly, I apologise for that)

Customising Trac is highly awkward, and not at all obvious sometimes.

To hide a field in the way that's required, actually means disabling it. Disabling the field will cause creating tickets with the field to fail. The cc field is used on themes.trac for a purpose, to work around a 'bug' in our Authentication/Users implementation.

The Plugin we use to customise certain parts of Trac (namely fields), allows setting a permission, but only a WRITE permission, we can't control who can read it.

We can customise the HTML template, but that doesn't remove the field from Emails, API, and feeds.

So.. To remove the field, we first need to cease setting the field, to cease setting the field we need a way to update the Trac users database, once we cease using the field we can remove the field from display.

[Marc4]

Understood, thanks for your explanation @dd32 :)