This site uses cookies. By continuing to browse the site, you agree to our use of cookies. Find out more about cookies.
Skip to main content
Metadecidim's official logo
  • English Triar la llengua Elegir el idioma Choose language
    • Català
    • Castellano
Sign Up Sign In
  • Home
  • Processes
  • Assemblies
  • Initiatives
  • Consultations
  • Conferences
  • Help

Propose new functionalities for Decidim software

#DecidimRoadmap Designing Decidim together

Phase 1 of 1
Open 2019-01-01 - 2030-12-31
Process phases Submit a proposal
  • The process
  • Debates
  • Propose new features
  • News
chevron-left Back to list

Anonymous survey answers

Avatar: Ivan Vergés Ivan Vergés verified-badge
22/03/2019 11:11  
Finished

In our organization we've come with the necessity to allow everyone to answer certain surveys, whether is registered and logged in the platform or not. We find this specially important to avoid the use of external tools where to place that data (like google forms).

Of course this is a feature that has to be used with care, as it's prone to receive spam or manipulation.
However, well used, can be useful to lower the barrier for certain users to participate in processes. Or just to collect specific data (emails for example).

As said, we need this feature and we already implemented it (pull request pending) here:
https://github.com/decidim/decidim/pull/4996

The implementation adds a new setting option in the steps process admin that allows the administrator to enable open responses to everyone.

  • Filter results for category: Surveys Surveys

The development of this proposal has finished

  • Has been reviewed by Decidim Product and complies with the Social Contract
  • It is funded by Platoniq
  • Available in release 0.20 via #4996

List of Endorsements

Avatar: Lucas Hamani Lucas Hamani
Avatar: JosanFFiG JosanFFiG
Avatar: Virgile Deville Virgile Deville
Avatar: olivier olivier
Avatar: Javier Carrillo Javier Carrillo verified-badge
Avatar: Leo Leo
Avatar: Oriol Arechavala Oriol Arechavala
Avatar: Pauline Bessoles Pauline Bessoles verified-badge
and 5 more people (see more) (see less)
Endorsements count8
Anonymous survey answers Comments 17

Reference: MDC-PROP-2019-03-14323
Version number 2 (of 2) see other versions
Check fingerprint

Fingerprint

The piece of text below is a shortened, hashed representation of this content. It's useful to ensure the content hasn't been tampered with, as a single modification would result in a totally different value.

Value: f821355bd54da6f5d7fe2d161fbfb7b83ce33fe13c7db1242128094a33e4bd1e

Source: {"body":{"en":"In our organization we've come with the necessity to allow everyone to answer certain surveys, whether is registered and logged in the platform or not. We find this specially important to avoid the use of external tools where to place that data (like google forms).\r\n\r\nOf course this is a feature that has to be used with care, as it's prone to receive spam or manipulation.\r\nHowever, well used, can be useful to lower the barrier for certain users to participate in processes. Or just to collect specific data (emails for example).\r\n\r\nAs said, we need this feature and we already implemented it (pull request pending) here:\r\nhttps://github.com/decidim/decidim/pull/4996\r\n\r\nThe implementation adds a new setting option in the steps process admin that allows the administrator to enable open responses to everyone."},"title":{"en":"Anonymous survey answers"}}

This fingerprint is calculated using a SHA256 hashing algorithm. In order to replicate it yourself, you can use an MD5 calculator online and copy-paste the source data.

Share:

link-intact Share link

Share link:

Please paste this code in your page:

<script src="https://meta.decidim.org/processes/roadmap/f/122/proposals/14323/embed.js"></script>
<noscript><iframe src="https://meta.decidim.org/processes/roadmap/f/122/proposals/14323/embed.html" frameborder="0" scrolling="vertical"></iframe></noscript>

Related images

Admin screenshot

Report inappropriate content

Is this content inappropriate?

Reason

17 comments

Order by:
  • Older
    • Best rated
    • Recent
    • Older
    • Most discussed
Conversation with Carol Romero
Avatar: Carol Romero Carol Romero verified-badge
22/03/2019 11:29
  • Get link Get link

Hi @microstudi, is this feature funded by Platoniq? I'm asking to update roadmap 2019 with your contributions.

Avatar: Ivan Vergés Ivan Vergés verified-badge
22/03/2019 11:31
  • Get link Get link

It's already implemented, reviewers in github are waiting for your opinion on this matter to review the code:
https://github.com/decidim/decidim/pull/4996

Avatar: Ivan Vergés Ivan Vergés verified-badge
22/03/2019 11:32
  • Get link Get link

And yes, sorry. Funded by Platoniq

Conversation with Carol Romero
Avatar: Carol Romero Carol Romero verified-badge
25/03/2019 10:12
  • Get link Get link

Hi @microstudi, we have discussed this functionality and from the @product team there is no objection to incorporating it, adding some changes to improve security, such as:
- A clear warning of the risks involved and the obligation to comply with the social contract.
- Save the IP address (not whole, maybe @andres can develop the technical details).
- To avoid spam, consider including some invisible captcha.

Avatar: Ivan Vergés Ivan Vergés verified-badge
25/03/2019 10:44
  • Get link Get link

Thanks @carol for your answer. The warning won't be a problem. I'll try to reach @andres about how to save the IP properly.

About the invisible captcha, does anyone know of some opensource way to do it?.
There's the option would be to incorporate the recaptcha (from google, but it will require a new configuration option for the API key), it's not opensource, it's google...

Currently I found 2 options for performing captchas in rails that seem interesting:
https://github.com/subwindow/negative-captcha
https://github.com/kiskolabs/humanizer

Does anyone have experience with that (or others)? Any help on this matter would be helpful.

Avatar: Andrés Andrés verified-badge
25/03/2019 14:43
  • Get link Get link

Rigth now we're using https://github.com/markets/invisible_captcha on decidim-core

Regarding IP address, I think it's necessary to save a hash of the IP address so the admins of the survey can have some kind of notice if there's any kind of misuse of this feature (for instance the same person filling it multiple times). We can (and should) concatenate this with a secret like you do on https://github.com/decidim/decidim/pull/4996/files#diff-7fda638890188b260274109de633d4a4R56

Avatar: Ivan Vergés Ivan Vergés verified-badge
25/03/2019 15:06
  • Get link Get link

Thanks Andrés,
I'll use the same gem then.

About the IP hash, no problem about adding that too in addition with the system already in place (which uses the user session). However there is no guarantee that having the same IP means the same user. Users behind a corporation/organization proxy might have the same IP and be different (thus legit users) computers.

I still think this can be useful, but only for analysis in cases of abuse. I wouldn't program the detection of a user trying to fill a survey twice based on that.

Conversation with Marc Riera
Avatar: Marc Riera Marc Riera
25/03/2019 19:33
  • Get link Get link
Against  

I'm -1 on this. This is prone to trolling/automating (even with the captcha we're using), and the feature per se skips all verification features that have been implemented on Decidim. Even if you save the IPs, what will you do later? the survey has already been compromised, will you remove all answers from a given IP if the IP data is suspicious? You could be discarding real, legit data.

For the same reasons we could allow anonymous voting on proposals or budgets, for example.

Avatar: Ivan Vergés Ivan Vergés verified-badge
26/03/2019 10:58
  • Get link Get link

gathering opinions on some matter from citizens.

In our experience administrating several participatory sites for organizations, we really need every little help available to bring users to the platform, and surveys are a great way to do it. There are specially useful to collect data from a group in order to prepare interviews with them later, or to collect emails where to send and announcement later. In those cases you don't really care about having "compromised" data, because you just will discard it naturally (as you won't speak to those people). I'm sure we can come up with many more examples where this feature may come in handy.

In my opinion, this is just another tool we are giving to the administrators, and a powerful one (it will be disable by default). I like to think that people behind participatory sites are trustable and they know what their doing so they'll use this feature wisely.

Avatar: Ivan Vergés Ivan Vergés verified-badge
26/03/2019 11:00
  • Get link Get link

Sorry, first line was about that we see in the surveys many other possibilities than just gathering opinions.

I don't agree with your comparative about allowing anonymous voting on proposals, these are intended to achieve real decisions and consensus while surveys are not.

If we don't add this feature, we will be forced to use external tools that allow that, in many cases without any knowledge about the data storage and loosing the opportunity keep users in the platform.

Also, I see many endorsements from people that are administrating real participatory sites, so I suppose they've encountered similar problems and see value in this feature.

Finally, I think it would be a good idea to add a column in the exported data that would tell you if that answer comes from a registered user or a non registered one. This way you filter the data if you need to.

What do you think? Did I've convince you? I really think that this has more advantages than inconveniences.

Avatar: Andrés Andrés verified-badge
26/03/2019 12:04
  • Get link Get link

Just to give some insight on why this is needed, before @microstudi proposed this feature I've got feedback from multiple admins from different institutions just past week: from Barcelona City Hall on Monday, and from the Interinstitucional Catalan Workgroup. Then, without any contamination of these discussion, just a couple of days later we received the PR, so I think it's a shared necessity on the majority of the users.

For me the question shouldn't be on if we do this but on how we do this.

Regarding the possible attacks on this feature and the comparison with proposals / budgets voting, is not the same because this forms are only for diagnosing and are not binding. If so we should (and must) explain the risks to the admin and she's the one that should make that decision.

As @microstudi said, the alternative that's being in use right now is Google Form, and it have the same problems (non verified users).

Avatar: Leo Leo
29/05/2019 14:32
  • Get link Get link

Hi @all,
Just wanted to put forward the fact that this kind of feature has been asked several times in France by Open Source Politics's clients or people interested by Decidim.

I personnaly agree with what @microstudi said earlier "If we don't add this feature, [people] will be forced to use external tools that allow that, in many cases without any knowledge about the data storage and loosing the opportunity keep users in the platform."

Avatar: Oriol Arechavala Oriol Arechavala
11/06/2019 08:55
  • Get link Get link

Hi. This improvement would be very useful for us, so we support it.

Conversation with Ariadna Vila
Avatar: Ariadna Vila Ariadna Vila
09/07/2021 12:36
  • Get link Get link

Hi @microstudi , I have found that when you use this feature, you can vote only once. To vote again you need to delete the cookies.
It is fine to vote only once per person, but in cases where different members of a family (for example) want to vote through the same PC, they cannot.
Is there any solution for this problem?

Avatar: Ivan Vergés Ivan Vergés verified-badge
09/07/2021 14:31
  • Get link Get link

Yes, this has been commented before. Maybe a option could be added in order to not collect session usage to determine if the same user has already voted.
However, is pretty easy to just open a new "private window" in the browser and vote again. That's what usually we do when we have this problem.

Avatar: Ariadna Vila Ariadna Vila
12/07/2021 09:21
  • Get link Get link

I've already tried to use a private window but If I try to vote again I can't: the system has registred my vote. I think this shouldn't happen when using this feature.
The only solution I've found is to delete the cookies which is not a problem for me, but it might be for other users.

Comment moderated on 20/07/2021 10:46
Avatar: Andrés Andrés verified-badge
15/07/2021 12:30
  • Get link Get link

FYI, as @microstudi mentioned, there's an open issue regarding this need. See https://github.com/decidim/decidim/issues/7438

Add your comment

Sign in with your account or sign up to add your comment.

Loading comments ...

  • Terms and conditions of use
  • About the community
  • Download Open Data files
  • Metadecidim at Twitter Twitter
  • Metadecidim at Instagram Instagram
  • Metadecidim at YouTube YouTube
  • Metadecidim at GitHub GitHub
Creative Commons License Website made with free software.
Decidim Logo

Confirm

OK Cancel

Please sign in

decidim Sign in with Decidim
Or

Sign up

Forgot your password?