public inbox for overseers@sourceware.org
 help / color / mirror / Atom feed
* Cleaned out spam accounts from Patchwork / Django.
@ 2020-06-04 21:06 Carlos O'Donell
  2020-06-05  2:08 ` Siddhesh Poyarekar
  0 siblings, 1 reply; 2+ messages in thread
From: Carlos O'Donell @ 2020-06-04 21:06 UTC (permalink / raw)
  To: Overseers mailing list, Siddhesh Poyarekar

Siddhesh,

FYI. We had 36,000+ django accounts because of spammers creating
patchwork accounts over the years, but then not doing anything
with them.

I have purged the accounts with "is_active==false" which means
they created accounts and then never verified them with the
post-registration confirmation.

We are down to 261 *real* accounts.

The reason I did this is that two people have already reached
out to me to "unlink" old emails from their patchwork account.

When you "unlink" an email you have to confirm the unlinking by
responding from that email. This is dumb because you often have
lost control of that old email by leaving your previous employer
so most often the "unlink" has to be done by the admin interface
and to do that you have to click a dropdown box populated with
all user names and select "----------" to unlink the patchwork
person from the associated django account (Home>Patcwork>People).

On Firefox clicking a dropdown populated with 36,000+ entries
completely hangs firefox forever.

If spammers get to be a problem we'll need a cron job to purge
is_active==false accounts that are older than a certain date
and do it with python to interface to django to do the admin
action.

I'm not sure how to script this, but I just wanted to tell you
what I just did, why, and that it's a problem.

-- 
Cheers,
Carlos.


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Cleaned out spam accounts from Patchwork / Django.
  2020-06-04 21:06 Cleaned out spam accounts from Patchwork / Django Carlos O'Donell
@ 2020-06-05  2:08 ` Siddhesh Poyarekar
  0 siblings, 0 replies; 2+ messages in thread
From: Siddhesh Poyarekar @ 2020-06-05  2:08 UTC (permalink / raw)
  To: Carlos O'Donell, Overseers mailing list

On 05/06/20 02:36, Carlos O'Donell wrote:
> FYI. We had 36,000+ django accounts because of spammers creating
> patchwork accounts over the years, but then not doing anything
> with them.
> 
> I have purged the accounts with "is_active==false" which means
> they created accounts and then never verified them with the
> post-registration confirmation.
> 
> We are down to 261 *real* accounts.

Awesome, thanks for doing this!

> The reason I did this is that two people have already reached
> out to me to "unlink" old emails from their patchwork account.
> 
> When you "unlink" an email you have to confirm the unlinking by
> responding from that email. This is dumb because you often have
> lost control of that old email by leaving your previous employer
> so most often the "unlink" has to be done by the admin interface
> and to do that you have to click a dropdown box populated with
> all user names and select "----------" to unlink the patchwork
> person from the associated django account (Home>Patcwork>People).
> 
> On Firefox clicking a dropdown populated with 36,000+ entries
> completely hangs firefox forever.
> 
> If spammers get to be a problem we'll need a cron job to purge
> is_active==false accounts that are older than a certain date
> and do it with python to interface to django to do the admin
> action.
> 
> I'm not sure how to script this, but I just wanted to tell you
> what I just did, why, and that it's a problem.

I've filed an issue now to have this supported from manage.py:

https://github.com/getpatchwork/patchwork/issues/362

Siddhesh

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2020-06-05  2:08 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-04 21:06 Cleaned out spam accounts from Patchwork / Django Carlos O'Donell
2020-06-05  2:08 ` Siddhesh Poyarekar

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).