User:Tgr (WMF)/Post-upload permission request workflow

From mediawiki.org
Tracked in Phabricator
Task T88620

Just sketching ideas at this point.

The problem

Editor writes a mail to request permission from copyright holder, does not use boilerplate text, leaves out something essential (e.g. commercial re-use), OTRS agents have to refuse. Editor is annoyed, copyright holder is annoyed, time of OTRS agents is wasted.

The solution

Editor uploads file to non-public storage, receives a secret link, sends it to copyright holder, copyright holder can see the image and give permission via clickthrough. The text of the permission does not depend on the editor or the copyright holder (neither of which are usually very knowledgeable about technical details of free content licensing), and OTRS agents only get involved once a boilerplate text which has been pre-approved by them is accepted.

Details[edit]

  • when uploading via Special:Upload[Wizard], there is a flag "I need to request permission for this image".
  • when the flag is checked, the upload goes to the stash. User can add license, description etc, but the image is not public, does not appear on recent changes etc.
  • unlike the normal stash, the image is still visible to anyone (not just the uploader) via a new special page Special:PermissionRequest/<secret token>. The page has a boilerplate text for the selected license; the text can be accepted via clickthrough.
  • we have to make sure the one accepting the license is indeed the copyright holder, there are two ways to do that:
    • the uploader must supply an email address, the secret link is only sent to that address. The address is saved and OTRS agents can review it later.
    • after clickthrough another secret token is generated (along with some boilerplate text for an email message). The copyright holder needs to send that token to OTRS in email. (This is probably the better way as it does not involve the server sending mails to unverified addresses + proof of consent from copyright holder is more obvious.)
  • eventually, OTRS agents verify the permission, at which point the image becomes public. Alternatively, this does not happen for a given period of time, and the image gets deleted.
Retrieved from "https://www.mediawiki.org/w/index.php?title=User:Tgr_(WMF)/Post-upload_permission_request_workflow&oldid=1395513"