darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-05-05 08:31:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

Rename ‘whitelist’ to ‘guest list’ in UI

Browse Source 
This commit changes all the places where a user would see the term
‘whitelist’ in the content of page to say guestlist instead.

We’re removing the term ‘whitelist’ for two reasons. The first reason
is that we agree with the National Cyber Security Centre say:

> It's fairly common to say whitelisting and blacklisting to describe
> desirable and undesirable things in cyber security. For instance, when
> talking about which applications you will allow or deny on your
> corporate network; or deciding which bad passwords you want your users
> not to be able to use.

> However, there's an issue with the terminology. It only makes sense if
> you equate white with 'good, permitted, safe' and black with 'bad,
> dangerous, forbidden'. There are some obvious problems with this. So
> in the name of helping to stamp out racism in cyber security, we will
> avoid this casually pejorative wording on our website in the future.
> No, it's not the biggest issue in the world - but to borrow a slogan
> from elsewhere: every little helps.

– https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white

The second reason is that we’ve observed some users think that they have
to put recipients in the whitelist even when they’re already with in the
team. We think that the term ‘whitelist’ might be reinforcing this
mental model because of how ‘whitelists’ might work in other
applications.

We considered the following alternatives or concepts:
- Development
- Recipients
- Sandbox
- Extended team
- Smoke test recipients
- Allowed
- Nominated
- Bonus
- Additional
- Safe
- Team list
- Trusted contacts
- Designated people
- Guest list
- Team key list

We also considered not giving it a name, and explaining it as a nuance
of how the team key works. After mocking this up it felt more disjoined.
We think it’s still useful for the thing to have a name so that it’s
easy to refer to between the docs and the UI.

We like the term ‘guest list’ because:
- of how it sits with team members – members and guests in the abstract
- a guest list is a concept that a lot of people will be familiar with
  – a list of people who can access a thing
- ‘guest’ is very different to ‘recipient’ – we want to mitigate any
  confusion between this and the (emergency) contact lists
This commit is contained in:
Chris Hill-Scott
2020-06-12 09:00:08 +01:00
parent 14cb386279
commit c31264d4c9
5 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/main/views/api_keys.py
View File

@@ -61,7 +61,7 @@ def whitelist(service_id):
'email_addresses': list(filter(None, form.email_addresses.data)),
'phone_numbers': list(filter(None, form.phone_numbers.data))
})
flash('Whitelist updated', 'default_with_tick')
flash('Guest list updated', 'default_with_tick')
return redirect(url_for('.api_integration', service_id=service_id))
if not form.errors:
form.populate(**service_api_client.get_whitelist(service_id))
@@ -85,7 +85,7 @@ def create_api_key(service_id):
form = CreateKeyForm(current_service.api_keys)
form.key_type.choices = [
(KEY_TYPE_NORMAL, 'Live sends to anyone'),
(KEY_TYPE_TEAM, 'Team and whitelist limits who you can send to'),
(KEY_TYPE_TEAM, 'Team and guest list limits who you can send to'),
(KEY_TYPE_TEST, 'Test pretends to send messages'),
]
disabled_options, option_hints = [], {}