Implementation Plan: Django admin moderator access control and base improvements

[sarayourfriend]

Fixes

Fixes #1966 by @sarayourfriend

Description

@krysal @stacimc I've chosen y'all to review this plan with me. I'll ping y'all privately about this, but I'd like to schedule time to do a synchronous review, if possible, to avoid the long review process getting even further prolonged by my part-time work schedule.

This discussion is following the Openverse decision-making process. Information about this process can be found on the Openverse documentation site.

Requested reviewers or participants will be following this process. If you are being asked to give input on a specific detail, you do not need to familiarise yourself with the process and follow it.

Current round

This discussion is currently in the Proposal approval round.

The deadline for review of this round is 9 January 2024.

Checklist

• My pull request has a descriptive title (not a vague title likeUpdate index.md).
• My pull request targets the default branch of the repository (main) or a parent feature branch.
• My commit messages follow best practices.
• My code follows the established code style of the repository.
• [N/A] I added or updated tests for the changes I made (if applicable).
• I added or updated documentation (if applicable).
• I tried running the project locally and verified that there are no visible errors.
• [N/A] I ran the DAG documentation generator (if applicable).

Developer Certificate of Origin

Developer Certificate of Origin

Developer Certificate of Origin
Version 1.1

Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
1 Letterman Drive
Suite D4700
San Francisco, CA, 94129

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.


Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
    have the right to submit it under the open source license
    indicated in the file; or

(b) The contribution is based upon previous work that, to the best
    of my knowledge, is covered under an appropriate open source
    license and I have the right under that license to submit that
    work with modifications, whether created in whole or in part
    by me, under the same open source license (unless I am
    permitted to submit under a different license), as indicated
    in the file; or

(c) The contribution was provided directly to me by some other
    person who certified (a), (b) or (c) and I have not modified
    it.

(d) I understand and agree that this project and the contribution
    are public and that a record of the contribution (including all
    personal information I submit with it, including my sign-off) is
    maintained indefinitely and may be redistributed consistent with
    this project or the open source license(s) involved.

[sarayourfriend]

This is ready for early review, but I still need to do basic proofreading of it. However, I've covered all the basic elements of the implementation, so if @krysal or @stacimc, either of y'all take a look at this before it's marked ready for review again, that's totally fine, leave any comments you like 👍.

[stacimc]

@sarayourfriend I'll plan on taking a look Monday. Scheduling a synchronous review sounds good as well 👍

[krysal]

I started reading, but my time today is over. I'll finish on Monday. Thanks for drafting this IP!

[github-actions]

Full-stack documentation: https://docs.openverse.org/_preview/3494

Please note that GitHub pages takes a little time to deploy newly pushed code, if the links above don't work or you see old versions, wait 5 minutes and try again.

You can check the GitHub pages deployment action list to see the current status of the deployments.

New files ➕:

• https://docs.openverse.org/_preview/3494/projects/proposals/trust_and_safety/content_report_moderation/20231208-implementation_plan_django_admin_moderator_access.html

[stacimc]

Leaving a few comments, but for the most part all my questions were answered by the time I was done reading :) This is great work, and I appreciate the extensibility without increasing scope at this stage. If it is easier to chat synchronously about any of this I am happy to do so!

[sarayourfriend]

@krysal @stacimc this is ready for review again. I set the deadline to Wednesday to give me time on my Thursday and Friday before I go on Holiday to review any additional comments and (hopefully) create the issues.

[krysal]

The simplified proposal makes perfectly sense, and it is quite complete with the security details from CloudWatch and Terraform. Thank you!

From the comments I left, my main question is related to how it would change the report models, specifically on the status.

[krysal]

I think it still valuable to keep the current media detail view. In case someone needs to check something from a specific work having the uuid, it could be easier from the admin UI than accessing the production DB.

[sarayourfriend]

This view would retain all the functionality of the existing view. I can reword this to say extend, rather than replace. The view would still be registered as the model admin for the media items and would have all the same features, just with the additional moderation features added at the bottom of the current view and with the media data shown in an uneditable state for moderators.

[stacimc]

The updates look fantastic :) Really pleased with the flexibility of this approach!

[stacimc]

This is excellent!

[stacimc]

I did not see this formally went into the Decision round -- officially LGTM!

[sarayourfriend]

@stacimc @krysal I've updated the implementation plan with the new backfill for moderation decision and dropping report status. The plan is in the "proposal approval" stage, so please re-review and share any outstanding blockers that prevent the plan from moving forward, or confirm approval so we can move forward and I can create issues for the plan.

I've set the deadline to 9 January to allow time for review. I will be on holiday from 15 Jan until basically the start of February, so I'd really like to be able to finish this plan and create the issues by the end of next week to avoid it pending until February, which would put it at nearly two months in review due to the holidays, AFK, and revisions. I'm not asking for an urgent approval, just for urgent reviews so that any outstanding true blockers can get addressed ASAP.

If there are outstanding blockers, please anticipate scheduling synchronous time to discuss them in order to move the process along more quickly than the asynchronous discussion can manage.

Thanks!

Update: oops! I didn't see your comment, @stacimc, I hadn't refreshed the page in a while 😅 Krystle, please rereview when you can 🙏

[openverse-bot]

Based on the medium urgency of this PR, the following reviewers are being gently reminded to review this PR:

@dhruvkb
This reminder is being automatically generated due to the urgency configuration.

Excluding weekend¹ days, this PR was ready for review 13 day(s) ago. PRs labelled with medium urgency are expected to be reviewed within 4 weekday(s)².

@sarayourfriend, if this PR is not ready for a review, please draft it to prevent reviewers from getting further unnecessary pings.

Footnotes

1. Specifically, Saturday and Sunday. ↩

2. For the purpose of these reminders we treat Monday - Friday as weekdays. Please note that the operation that generates these reminders runs at midnight UTC on Monday - Friday. This means that depending on your timezone, you may be pinged outside of the expected range. ↩

[krysal]

Looks perfect!

[sarayourfriend]

I've created the issues. Milestone is here: https://github.com/WordPress/openverse/milestone/22