Test policies for accept-invitation

Update from OSI:

Accept Invitation

-Minimum password length should be a setting in the site configuration to allow for different sites to have different password policies. There was some concern that 8 characters might be too long to require in OSI’s KARL. Making this a setting will remove that concern

-Invitation expiration time? Do invitations expire after a given amount of time? If so, how long? Also, is it possible to make this a configuration in the settings file so sites can pick how secure they want to be?

-If invitations expire and an invitation has expired, when the moderator chooses to resend the invitation, is the expiration counter effectively reset when the new invitation is sent out?

-Test that an invitation expires after it is used. This protects against someone forwarding the invitation email to 10 other users

So far, I have been putting in OSI's comments on the polices for each spec, then marking status "Confirmed." Does this work for you or would you prefer that I wait for you to read OSI's changes before I set the policy as "Confirmed"?

That sounds good. What should we do about my previous responses to
Jason about what parts were in scope for KARL2? Should we treat that
conversation as closed, but not inside Launchpad?

--Paul

On Mar 5, 2009, at 2:30 PM, Nat Katin-Borland wrote:

> So far, I have been putting in OSI's comments on the polices for each
> spec, then marking status "Confirmed." Does this work for you or
> would
> you prefer that I wait for you to read OSI's changes before I set the
> policy as "Confirmed"?
>
> ** Changed in: karl3
> Assignee: (unassigned) => Paul Everitt (paul-agendaless)
> Status: New => Confirmed
>
> --
> Test policies for accept-invitation
> https://bugs.launchpad.net/bugs/328109
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in Porting KARL to a new architecture: Confirmed
>
> Bug description:
> Confirm the policies at http://carlos.agendaless.com/dko/policies/communities.html#accept-invitation

Each of these are new features, not part of the port. We need to
enter them as separate bugs that we can put in the list we tackle
after finishing the basic port.

--Paul

On Mar 5, 2009, at 2:27 PM, Nat Katin-Borland wrote:

> Update from OSI:
>
> Accept Invitation
>
> -Minimum password length should be a setting in the site configuration
> to allow for different sites to have different password policies.
> There
> was some concern that 8 characters might be too long to require in
> OSI’s
> KARL. Making this a setting will remove that concern
>
> -Invitation expiration time? Do invitations expire after a given
> amount
> of time? If so, how long? Also, is it possible to make this a
> configuration in the settings file so sites can pick how secure they
> want to be?
>
> -If invitations expire and an invitation has expired, when the
> moderator
> chooses to resend the invitation, is the expiration counter
> effectively
> reset when the new invitation is sent out?
>
> -Test that an invitation expires after it is used. This protects
> against someone forwarding the invitation email to 10 other users
>
> --
> Test policies for accept-invitation
> https://bugs.launchpad.net/bugs/328109
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in Porting KARL to a new architecture: Confirmed
>
> Bug description:
> Confirm the policies at http://carlos.agendaless.com/dko/policies/communities.html#accept-invitation

Without email server installed, we can't test "Accept Invitation". Jason, please install it asap.

I'll enter them as tickets.

Re-confirmed that this works in IE on carlos. Also implemented the configurable password length.

More important, I tested that this all works with a gmail account.