Should capcha support challenges for multiple rols or just for anonymous users?

Events happening in the community are now at Drupal community events on www.drupal.org.
wundo's picture
Posted by wundo on July 9, 2007 at 1:34pm
Multiple Roles
65% (57 votes)
Just Authenticated and Anonymous Roles
7% (6 votes)
Anonymous Role
28% (25 votes)
Total votes: 88
Categories:

Comments

Captcha for all roles

Posted by GoofyX on July 9, 2007 at 1:53pm
GoofyX's picture

Well, considering this news item from Slashdot (http://it.slashdot.org/article.pl?sid=07/07/09/0110203&from=rss) and my personal view that you should always give the user the choice and let him/her decide, then I go for all roles.

--
... Morpheus: What is "real"? How do you define "real"? If you 're talking about what you can feel, what you can smell, what you can taste and see, then "real" is simply electrical signals interpreted by your brain...

let the user decide

Posted by soxofaan on July 9, 2007 at 2:18pm
soxofaan's picture

my personal view that you should always give the user the choice and let him/her decide, then I go for all roles.

Going for all roles, is not giving the user a choice. If you want the user to have a choice, you need two modules: one with "anonymous only" and one with "for all roles" functionality. Or one module with an option to switch.

Actually, by the word user I

Posted by GoofyX on July 9, 2007 at 3:27pm
GoofyX's picture

Actually, by the word user I meant the site administrator. :-)

This option of course should be implemented as a role permission (eg. enable CAPTCHA for this role).

--
... Morpheus: What is "real"? How do you define "real"? If you 're talking about what you can feel, what you can smell, what you can taste and see, then "real" is simply electrical signals interpreted by your brain...

permissions instead of roles

Posted by soxofaan on July 9, 2007 at 1:57pm
soxofaan's picture

I'm generally more in favor for "anonymous only", but if you want to push it to authenticated users too, maybe it's better to use permissions instead of roles (following http://drupal.org/node/153395#comment-271646).
Then you need only to manage one permission (e.g. "bypass captcha" or "captcha required", which would be actually "negative permission") instead of managing the all captcha points for each role.

preliminary thoughts

Posted by christefano on July 9, 2007 at 2:38pm
christefano's picture

I've only read the last few posts at #153395 so these are my preliminary thoughts.

Having a temporary role during registration (such as what LoginToboggan or Lazy Registration can create) is invaluable for some projects. I have captchas enabled for those types of roles (and only for those types of projects). I might be able to be convinced but for now I agree with Rob Loach's comment about keeping role-based captchas.

Preview and Post

Posted by faunapolis on August 9, 2007 at 5:08am
faunapolis's picture

One thing that I don't like about implementing captcha (I use recaptcha) is that when you assign it to a role's action, it will do a double captcha validation at the preview and then at the post time. This is annoying and unnecessary.

Florida Drupal Group, We meet Every 3rd Saturday in Orlando
http://groups.drupal.org/florida

preview and post

Posted by soxofaan on August 9, 2007 at 6:07am
soxofaan's picture

That has nothing to do with assigning to roles or anonymous only.
However, it's being worked on in issue http://drupal.org/node/156503

CAPTCHA

Group organizers

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: