Break anonymity #3112
Break anonymity #3112
Conversation
|
New knob on Account page:
|
|
I suggest we broaden the "Hide total {giving,receiving} from others" to encompass specific {giving,receiving} as well. |
|
P.S. I started this PR because both @weallhave24hrs and @renaantosz need it to really start using Gratipay in earnest, and they're the ones whose use cases I'm personally prioritizing right now. In other words, I'm personally shifting from the "Pay Your Heroes" roadmap, which was focused on the "individual giving to another individual" case, to a new roadmap focused on the "individual giving to a business" use case. This is based on the retreat, which I |
|
+1 in general. I'll work on reviewing this tomorrow !m @whit537 |
| <label class="anonymous-supporters"> | ||
| <input type="checkbox" | ||
| {% if not participant.anonymous_supporters %}checked="true"{% endif %} /> | ||
| {{ _("Allow my supporters to divulge themselves.") }} |
There was a problem hiding this comment.
I don't feel like this is very descriptive. If you want to keep it we should at least have hover state help text.
There was a problem hiding this comment.
Just a thought:
Allow anyone:
- To see how much I give
- To see how much I receive
- To search for me
Allow people I support:
- To see I support them
- To show I support them on their profile
- To be shown on my profile
Allow people that support me:
- To show me they support me
- To show they support me on their profile
- To be shown on my profile
Edit: So this is kind of similar to: #236 (comment)
Edit 2: IRC
|
Completely agree with @clone1018, this functionality needs to be explained better in the labels. |
|
I printed out and am rereading #236. The full implementation of #236 gets complicated. On this PR I want to focus on the minimum necessary for @weallhave24hrs @renaantosz, though I want to do it in a way that makes sense in terms of the bigger picture on #236, so that's why I'm rereading that. |
|
I also want to look at the specific use cases mentioned on #236. I'm thinking of @jdorfman @JEdgar @iElectric etc. |
|
It covers the use case for Kiberpipa. |
|
@iElectric Do you need to know how much someone is giving, or just that they're giving? Does it need to be public that they're giving to you or is it enough if you can see that info? |
|
@whit537 I've got a client https://gratipay.com/birdsongtt/ that is a government registered charity. They would like to give out receipts to donors for tax purposes. Knowing their donors is a prerequisite for this. |
|
@chrisdev Do they need amounts given, or just identity of givers? |
|
@whit537 |
|
@iElectric Okay, thanks for the input. |
|
@whit537 ideally we need names and amount. But as a second best option the name is good enough |
|
@chrisdev Okay, it sounds like @iElectric needs amount, and I know that @renaantosz does as well. So let's consider amount a requirement for this PR to cover your use cases. |
|
💃 @whit537 |
|
Gosh, this is a complicated matrix. It's even more complicated than @balupton's helpful matrix at #236 (comment), because for @chrisdev's charities case to work we actually need the ability to require non-anonymity. I.e., "Only accept tips from people who are willing to divulge their identity to me." |
|
There's which side of the transaction you're on: 1) giver, 2) receiver. There's what piece of info is shared: 1) identity, 2) amount, 3) reason. There's where it's shared: 1) privately on the other's profile, 2) publicly on other's profile, 3) publicly elsewhere (community page? third-party site?). There's sharing restrictions: only allow givers with XYZ configuration. There's default settings and then per-tip overrides. |
|
We don't have tip reasons/messages yet and we shouldn't add that on this PR, so let's take that out of the consideration for now. |
This adds fields to the database to support non-anonymous giving.
I think we should only divulge identity on the Receiving page for transfers, not for tips, in which case we don't need a new field on tips after all.
chadwhitacre
force-pushed
the
break-anonymity
branch
from
ac23d34 to
c55fcf5
Compare
|
Rebased on master. |
PrivacyAllow everyone to see:
Allow people I support to see:
Who are your supporters?
|
|
Okay! Been going around and around the horn here at Blue Canary with @rummik @kaguillera @dmk246 @renaantosz @EileenFord. #3112 (comment) represents the consensus we've come to over here about the privacy options we want to present to users with this PR. |
|
The build is breaking at Travis because we don't have the json type in Postgres? |
|
Restarted, now seeing failures properly (due to inversion of privacy booleans). Also seeing failures locally. |
|
I'm not sure on the Information about your supporters:
|
|
How about this for the tip override UI?
|
This section is different from the above options. If anything, we should set it off with a different heading. We raised but didn't settle the question of whether this is even properly a "privacy" option. It's not about my privacy, it's about my supporter's privacy. "Sharing" could encompass both. |
|
As I'm implementing the per-tip overrides, it occurs to me that the implementation at #3112 (comment) has it that I'll be able to individually set who of my supporters is displayed publicly. I guess that happens on the receiving page? We can also email people when they get new supporters. I guess |
|
Or is that too complicated? Should we give both giver and receiver the ability to override individual tips? Or should we just give that ability to givers? |
|
What if you require knowledge and then unrequire it? Do you get your former supporters back? Maybe within a certain timeframe? |
We don't need the nested else since we raise under the if.
I think the simplest way to implement this would be to handle it like we handle changes from a Team to Individual account. i.e When they click on 'require details', show them a warning that says that all their anonymous tips will be cancelled if they make this change. |
|
@whit537 What I mean is that I feel like the abrupt question starting the section isn't very clear, and adds confusion to it, since we don't do that anywhere else |
|
Just a suggestion regarding the options, maybe it is more convenient to simplify options a little bit, something like that: Show other users:
From my point of view, if receiver wants to know who donates her, it is more likely she want to know the amount as well. |
|
I'm scrapping this for parts. |
This PR breaks anonymity with a double opt-in, closing #236.
is_singularwithanonymous_receiving.transfers.is_anonymousappropriately (double opt-in).tell_supporting.