Community moderators

[Lucifer]

I believe I have python code already on my hard drive somewhere that could be adapted to the task and even replace cron in the loop (so windows server admins wouldn't need to deal with scheduled tasks even, and with py2exe we could give it to them in a nice package and run it as a service).

I'll see if I can dig it up and then make a bzr branch for it, and hopefully turn over the details to you. Then I'll slap together a nice web app for armatrators to use to do their dirty work, and server admins to register their server, etc.

Does your VPS have MySQL on it? This web app would be php/mysql.

[Infa(mous)]

I have unlimited hosting w/ php/mysql, if needed.
Anyways... Would this sort of thing be accessible at admins.armagetronad.net or some such?

[Luke-Jr]

Well, whether you send a GET or a HEAD request (to determine if the file changed) doesn't make a difference if the server's busy or otherwise not reachable.

I don't think missing an hourly update on a banlist is going to kill anyone. Also, in both cases, it's a GET request; think If-Modified-Since.

The drawback of a simple RINLCUDE is also something else If you RINCLUDE a complete configuration file, you need to trust the creator enough that he won't mess with your server by, say, including himself as admin at a later time. And it requires that metamoderators upgrade their merged configuration files every time their source lists change (although a recursive RINCLUDE would do the job if we decide we don't need the chain of trust info in the ban message and a "you were banned by moderator X" message suffices).

A second resource repository specially for those config files where you're limited to upload scripts containing BAN lines would solve the trust issue. And the update issue if it lets the user only edit ban lists or include lists and autogenerates full config files itself.

Is LATEST implemented already?

Security to prevent anything other than moderation/bans needs to be on the server. Putting it on the resource repository (second or first) just moves the trust issue to a central location. It might be worthwhile to automatically include the resource filepath (or at least the Author part) in the ban reason, to ensure the moderator's name gets mentioned

LATEST is implemented on the official repository. Game-server support is more generalised as dynamic/redirector resources.

[Z-Man]

Well, whether you send a GET or a HEAD request (to determine if the file changed) doesn't make a difference if the server's busy or otherwise not reachable.

I don't think missing an hourly update on a banlist is going to kill anyone. Also, in both cases, it's a GET request; think If-Modified-Since.

It's not about missing updates; it's eventually having no bans at all because in this simple model the process would need to be 'delete all bans, then recursively remote-include the ban lists', and about having the game server blocked while it's waiting for the resource server to answer.

Anyway, I like the Python script approach better. it's more flexible. Here's the things the Armatrator lists should be allowed to have:
INCLUDE: include another Armatrator list. A maximal recursion level for recursive includes can be specified. The list to include can be a fully specified URI, in which case the list is fetched from there (we do want people to be able to self-host); if it is just a filepath part of an URI, a default prefix is added (pointing by default to our server, but it should be configurable.)
EXCLUDE: the opposite of include, same arguments. I should be able to trust all CT Armatrators except wrtl. Whether the "EXCLUDE wrtl" has to come before or after "INCLUDE CT" or whether it matters at all is up to the implementation to decide (it should be easy enough to make it not matter at all.) A recursion level may not be feasible here.
ARMATRATOR: declare someone an Armatrator via Global ID
AUTHOR: detailed information on the author of this list
REPOSITORY: set the default server for URI completion
BAN_IP <ip> ?

The easy-peasy implementation for EXCLUDE I have in mind is that the script first loads the entire file and collects stuff, then completes URIs with REPOSITORY, then adds all EXCLUDEs to a blacklist, then processes the INCLUDEs recursively, ignoring recursive INCLUDEs from the blacklist.

The ? in BAN_IP should include a ban reason, of course. An expiration date would also be nice. Possibly just a duration in days, but then it would be up to the Python script to track when a particular ban was first used. The advantage of giving a duration would be that you can implement the "trust WW's ban list, but with half the ban duration" with it.

[Z-Man]

What also should be supported is weights. Say I moderately trust WW and CT and want to only ban those players banned by both of them. So I'd like to include them, but only give them a weight of .5, and later only activate bans that have a weight > 1. Weights would be additive. Care should be taken that the semantics of Armatrator included twice over different paths make sense there.

Oh, and BAN_USER, of course

[Lucifer]

I was actually thinking the ban line should include the start and end dates, and the python script should compute the duration from now with that.

Also, exclude shouldn't be too tricky. It's a recursive include, so you only process a child node if it's included, so if someone sets a recursive depth limit, you only go so far down, and if someone excludes a node, just skip it.

Whatever web service serves up the lists should also be an armathentication authority, I think. Then the python script that does the retrieval can also write rules for permissions if the server admin wants that, too.

[Z-Man]

I was actually thinking the ban line should include the start and end dates, and the python script should compute the duration from now with that.

Yeah, that's probably the easier solution. A bit harder for the Armatrator to use, but only that way, bans can be extended properly.

Whatever web service serves up the lists should also be an armathentication authority, I think. Then the python script that does the retrieval can also write rules for permissions if the server admin wants that, too.

Dunno about that. It can't hurt, but you can log in with only one account, and I'd like that to be the forums one for me. I'd rather just tell the armatration server what my global ID is.

[Lucifer]

That last bit's probably a good idea. If armatrators are expected to be available to talk about what they did, they should be available here, since this is the global site for the game.

Is there an armathentication client for web services yet? Or will I have to write one? (not sure I want to write one, but if you've protobuf'd armathentication and protobuf can spit out php code, it shouldn't be too tricky)

[Z-Man]

Epsy has a project for web-based armathentication: https://code.launchpad.net/~armagetrona ... lient-work
No protobuf required, the communication with the armathority is pure HTTP.

[Pink Tomatoes]

This might over-complicate it, but possibly specifying a reason for a ban could be used to make decisions on by the script. As server policies differ, some servers may have a strict policy on swearing for example, and the server administrator of another server that does not mind swearing could find the list too difficult to manage manually.

Going further into that, the reason used could allow the script to define the ban's time limit based upon a server's preferences.

A query however, how might you handle a permanent ban?

[Z-Man]

A query however, how might you handle a permanent ban?

Set the end date to the year 3000? Or don't allow it. Server admins should be allowed to set a maximal ban length they accept.

About the other thing, people could always just supply several ban lists. However, this raises another problem: Armatrators will be visible as such to other players. So if an Armatrator who is known for banning people for swearing enters a server that subscribes to his regular ban list, but not the swearing ban list, will the typical players know they don't have to watch their mouth? Furthermore, would the Armatrator even have the right to place players on his swearing ban list for swearing on a server without a non-swearing policy? So yeah, I think this overcomplicates things. Each Armatrator should have one ban list and state the policies for putting people on there.

[Infa(mous)]

Sorry for reviving the dead topic...
But, I think this whole idea is still relevant.
What ever happened to the implementation?

[Z-Man]

We have the Armatrator access level

[Infa(mous)]

What about the scripting to run the cross-server banlist system?

[Z-Man]

That hasn't been started yet. Volunteers welcome, I guess.