-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #17 from np-overflow/mass-update
Updated for 2024 Workgroup
- Loading branch information
Showing
32 changed files
with
316 additions
and
142 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,7 @@ | ||
| nav: | ||
| - introduction | ||
| - admin | ||
| - sessions | ||
| - events | ||
| - proposals | ||
|
|
||
| - introduction | ||
| - admin | ||
| - workshops | ||
| - events | ||
| - proposals |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| nav: | ||
| - joining-overflow.md | ||
| - pre-sem-meet-ups.md | ||
| - resources.md | ||
| - exco-applications.md | ||
| - ... | ||
|
|
||
| - joining-overflow.md | ||
| - pre-sem-meet-ups.md | ||
| - resources.md | ||
| - ... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,72 @@ | ||
| # Access Control | ||
|
|
||
| ## SharePoint | ||
|
|
||
| The SharePoint site is associated with the `np-overflow` team, and by default, all members of the `np-overflow` team will be able to access all files on the SharePoint site. **This includes all members invited to the team, including Workgroup members.** | ||
|
|
||
| While the Microsoft Teams UI doesn't offer access control capabilities, the associated SharePoint interface can be used to implement these features. The following guidelines should be used: | ||
|
|
||
| - In Microsoft Teams, the P/VPs and lecturers should be owners of the team. Other EXCO members and Workgroup members should be members of the team. | ||
| - In SharePoint, EXCO members should be associated with the role "NP Overflow EXCO". Workgroup members should be associated with the role "NP Overflow Workgroup" | ||
| - Roles can be created as needed (i.e. certain events require more specific restrictions, like ByteHackz requiring non-IT EXCO members), but their need should be carefully considered before creation. | ||
|
|
||
| ### Principle of least privilege | ||
|
|
||
| Common with data security, the principle of least privilege should be applied to the SharePoint site. This means that members should only have access to the files and data that they need to perform their job functions. We can apply this principle in practice with the following guidelines: | ||
|
|
||
| - The P/VPs and lecturers should have full access to all files on the SharePoint site. This includes the ability to create, edit, and delete files. | ||
| - The EXCO members should have access to most[^1] files on the SharePoint site, with their ability to create, edit, and delete files restricted to some files as required. We generally do not restrict access based on the member's role in the EXCO to keep things simple. | ||
| - The Workgroup members should only have access to files that are relevant to their functioning. Access must be restricted by default and only granted when necessary. | ||
|
|
||
| ### Accessing SharePoint's roles page | ||
|
|
||
| It can get a little confusing to access SharePoint's permissions interface, so here's a quick guide on how to do it: | ||
|
|
||
| 1. Open up the [SharePoint site](https://connectnpedu.sharepoint.com/sites/np-overflow).  | ||
|
|
||
| 2. Click on the Settings icon (the gear icon) on the top right corner of the page. | ||
| 3. On the sidebar that appears, click on "Site permissions".  | ||
|
|
||
| 4. On the page that appears, click on "Advanced permissions settings".  | ||
|
|
||
| 5. On the page that appears, you'll be able to create, edit, and delete roles, which can then be associated with members of the site to control their access.  | ||
|
|
||
| !!! tip | ||
|
|
||
| The "Advanced permissions settings" page is where you can create, edit, and delete roles, and associate them with members of the site to control their access. While there isn't a way to preview the site as a member of a role, you can use the "Check Permissions" feature to see what access a member has and through which role they have it. | ||
|
|
||
|  | ||
|
|
||
| !!! warning | ||
|
|
||
| The following roles are created by default and should **not** be deleted unless you know what you're doing: | ||
|
|
||
| - NP Overflow EXCO _ Workgroup Members | ||
| - NP Overflow EXCO _ Workgroup Owners | ||
| - NP Overflow EXCO _ Workgroup Visitors | ||
|
|
||
| Within NP Overflow EXCO _ Workgroup Members, there's also a member named "np-overflow Members". Again, unless you know what you're doing, do not delete this member. | ||
|
|
||
| ### Managing access (files and folders) | ||
|
|
||
| The UI to manage access to roles can be a little confusing to find at times. Here's a quick guide on how to do it: | ||
|
|
||
| 1. On the SharePoint interface, click the three dots next to the file or folder you want to manage access to. | ||
| 2. Click on "Manage access".  | ||
| 3. In the pop up that appears, click the Grant Access (the user with a plus sign) button to add a role to the file or folder.  | ||
| 4. You can then search for the role you want to add and click on it to add it to the file or folder. You can choose whether the role will have editing, reading, or downloading rights.  | ||
|
|
||
| !!! warning | ||
|
|
||
| By default, SharePoint will grant read access to **all the default roles**. This may create unintended effects, like allowing Workgroup members to access files that they shouldn't (i.e., although they are in the NP Overflow Workgroup role that wasn't explicitly given permission, they can still read files because they are a part of NP Overflow EXCO _ Workgroup Members). Be sure to remove access from roles that shouldn't have it, especially the default roles. | ||
|
|
||
|  | ||
|
|
||
| ## GitHub | ||
|
|
||
| All of our code is hosted on GitHub under the [`np-overflow`](https://github.com/np-overflow) organisation. GitHub offers some level of access control, and we can use it to manage access to our repositories. The following guidelines should be used: | ||
|
|
||
| - EXCO members and Workgroup members may be directly invited as a member of the organisation. | ||
| - EXCO members should be added to a team named "XXXX EXCO", where "XXXX" is the year of their term. Workgroup members should be added to a team named "XXXX Workgroup", where "XXXX" is the year of their term. | ||
|
|
||
| [^1]: There may be cases where the EXCO needs to be restricted from accessing certain files, like for ByteHackz. In these cases, a new role should be created and the file permissions should be updated accordingly. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # Email Addresses | ||
|
|
||
| Overflow has several email addresses that can be employed for various purposes. Here's a list of them: | ||
|
|
||
| | Email Address | Purpose | | ||
| | :-------------------------------------------------------------------: | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | ||
| | [[email protected]](mailto:[email protected]) | The official email account for the Club. Major sites like GitHub and the official website contain this email address. Watch out from time to time for emails to this address, particularly from students asking questions. | | ||
| | \*@np-overflow.club | A wildcard email address (e.g., `[email protected]`, `[email protected]`) that forwards emails to the official email account (`[email protected]`). This is useful for creating a more professional appearance and can also be used for convenience. | | ||
| | [[email protected]](mailto:[email protected]) | A mailing list that includes all EXCO members. This is useful for sending emails to all EXCO members at once. | |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,20 @@ | ||
| # GitHub | ||
|
|
||
| All repositories on GitHub is configured with Renovate Bot to keep dependencies up to date. | ||
| All of our code is hosted on GitHub under the [`np-overflow`](https://github.com/np-overflow) organisation. This includes source code for the official website, any projects that we might be working on, and any code involved in the workshops that we run. | ||
|
|
||
| Access to the GitHub organisation is managed by the P/VPs and the Head of Technology. If you need access to the organisation, reach out to them to sort it out. You are encouraged to adhere to the [access control guidelines](/admin/access-control#GitHub) when managing access to the GitHub organisation and its repositories. | ||
|
|
||
| ## Dependency management | ||
|
|
||
| For repositories with supported dependency management tools, we've installed Renovate to automatically update dependencies. It's important to upgrade dependencies over time for various reasons: | ||
|
|
||
| - **Improved functionality**: Newer versions of dependencies might have new features or bug fixes that can improve the functionality of the project. | ||
| - **Security**: Older versions of dependencies might have security vulnerabilities that can be exploited. Upgrading to newer versions can help mitigate these vulnerabilities. | ||
| - **Maintenance**: As time goes on, older versions of dependencies might not be maintained by their maintainers. Upgrading to newer versions can help ensure that the project remains maintainable. | ||
|
|
||
| We highly encourage you to handle dependency management in a timely manner. If you're not sure how to do this, here's a quick guide: | ||
|
|
||
| 1. Renovate will usually create a pull request to update the dependencies. The comment in the pull request will detail the changes made and the reasons for the changes. | ||
| 2. Check the pull request thoroughly. If you're not sure about the changes, ask for help from someone who knows about the project. | ||
| 3. Check if the project still works as expected after the changes. You might need to clone the repository and run the project locally or open the repository in a cloud-based IDE (e.g., Gitpod or GitHub Codespaces) to test the changes. | ||
| 4. If the project still works as expected, you may consider merging the pull request. If the project doesn't work as expected, you may need to fix the project or ask for help from someone who knows about the project. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,42 @@ | ||
| # Joining Overflow | ||
|
|
||
| Joining Overflow should be a simple process for our members. Usually, we've observed that people tend to join through these channels: | ||
|
|
||
| - **When the year starts through SIG and CCA Fiesta**: This is when most of our members join officially. We're offered a booth at both Fiestas to share more about what we do and showcase some fun projects to attract new members. We will usually prepare a sign-up sheet for people to leave their details behind and then follow-up with them after the event. | ||
| - **Throughout the year through word-of-mouth and workshops**: As the year goes on, we might notice people who aren't in our member database attending our workshops or events. We'd usually catch them at the end of each semester, when we tally up the attendance and match the names recorded with our member database. If we find someone who isn't in our database, we'd usually reach out to them separately to ask if they'd like to join officially. | ||
| - **Throughout the year through lecturers**: Sometimes, the lecturers may talk to us about students who are interested in joining Overflow and have reached out to the lecturers for more information. We'd usually reach out to these students separately to ask if they'd like to join officially. | ||
|
|
||
| ## Process | ||
|
|
||
| !!! note "From the 2023 batch" | ||
|
|
||
| We're still doing this process manually because of the low volume of members joining at once, so we can afford to do this. However, we'd advise that we automate this process in the future to make it easier for us to manage our member database. For more details, read the ["Automate member onboarding" proposal](/proposals/automate-member-onboarding). | ||
|
|
||
| For both of these methods, the start of each are somewhat different but the process that follows is the same. | ||
|
|
||
| 1. [Adding to the member database](#adding-to-the-member-database) | ||
| 2. [Joining our communication channels](#joining-our-communication-channels) | ||
|
|
||
| ### Adding to the member database | ||
|
|
||
| We would usually invite the prospective member to provide their details for saving in our member database. These details include their: | ||
|
|
||
| - student ID (including both letters capitalised); | ||
| - full name (as saved in NPal); | ||
| - course of study (in initials, determinable from their school account succeeding the `/`); | ||
| - school email address; | ||
| - personal email address (_optional_); and | ||
| - phone number. | ||
|
|
||
| ### Joining our communication channels | ||
|
|
||
| We would then invite the member to join our communication channels. This includes our: | ||
|
|
||
| - Discord server: the main platform for communication and announcements. We usually mandate that all members join at least this platform compared to the rest. | ||
| - Telegram batch group chats: a secondary platform for communication and announcements. Because each batch of EXCO determines which platform to use, there may be batch group chats in Telegram. | ||
| - WhatsApp batch group chats: a secondary platform for communication and announcements. Because each batch of EXCO determines which platform to use, there may be batch group chats in WhatsApp. | ||
| - Instagram: the platform we use for public announcements and updates. | ||
|
|
||
| !!! tip | ||
|
|
||
| For more information about the communication channels we have, have a look at the [Resources page](/admin/resources#Communication). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,38 +1,54 @@ | ||
| # Pre-semester committee meet ups | ||
| # Pre-Semester Committee Meetups | ||
|
|
||
| ## Brainstorming | ||
| Before the start of the semester, the EXCO committee should meet up to discuss the events happening in the upcoming semester. This is a good time to plan out the semester's events and workshops and to make sure that everyone is on the same page. As much as possible, try to nail down the dates as early as possible, and consider to any unforseen circumstances that may arise. | ||
|
|
||
| Most workshop topics come from a brainstorming session during one of the meet ups. | ||
| ## Event forecasting | ||
|
|
||
| > *But how do you think of things to teach?* | ||
| The first thing to do is to forecast the events that will be happening in the upcoming semester. Start with thinking of rough ballpark dates for the events and workshops happening, then continuously work to refine the date until it is finalised. | ||
|
|
||
| Brainstorming is a lot easier said than done, here are some general tips: | ||
| !!! warning | ||
|
|
||
| ### 1. It can be anything | ||
| Speak to the lecturers as early as you can about the dates you've finalised. They might give you some feedback on the dates and help you to avoid any potential clashes. | ||
|
|
||
| Also consider periods where people may be busy, like Common Test and assignment periods, holidays, official school events, and more. | ||
|
|
||
| !!! note "From the 2023 batch" | ||
|
|
||
| A major shortcoming of the 2023 batch was that we didn't sufficiently verify that the dates we finalised had any potential conflicts. This led to a lot of last-minute changes and a lot of stress. Be careful; always start work on the dates as early as possible. | ||
|
|
||
| Use the timeline document (if any) to give you a better idea of the events that will be happening in the upcoming semester. Remember to scrutinise the timeline document continuously to make sure that everything is accounted for. Continually check for conflicts and make sure that the dates are finalised as early as possible. | ||
|
|
||
| ## Workshop planning | ||
|
|
||
| Workshops are a key event that Overflow provides, and planning them is a crucial part of the pre-sem meet up. Follow the steps below to plan a workshop: | ||
|
|
||
| ### Brainstorming | ||
|
|
||
| Most workshop topics come from a brainstorming session during one of the meet ups. How do you think of things to teach? Brainstorming is a lot easier said than done, here are some general tips: | ||
|
|
||
| #### 1. It can be anything | ||
|
|
||
| A workshop topic can be anything[^1] ! | ||
|
|
||
| * Have you been working on something interesting over the holidays? | ||
| * Did you see an exciting new web framework? | ||
| * Your friend introduced you to something called *Infrastructure as Code*? | ||
| - Have you been working on something interesting over the holidays? | ||
| - Did you see an exciting new web framework? | ||
| - Your friend introduced you to something called _Infrastructure as Code_? | ||
|
|
||
| These are some possible guiding questions you can ask yourself. During the meet up, don't be afraid to bring up | ||
| anything that comes up in your mind - there's no harm. | ||
|
|
||
| ### 2. You don't have to be familiar with the topic | ||
| #### 2. You don't have to be familiar with the topic | ||
|
|
||
| A common *misconception or worry* when brainstorming is that you might not be familiar enough with the topic to teach | ||
| A common _misconception or worry_ when brainstorming is that you might not be familiar enough with the topic to teach | ||
| it, and that's totally natural. | ||
|
|
||
| A workshop is as much of a learning experience for the teaching team as it as for the | ||
| Overflow members. This is why most workshops are planned *at least 2 weeks in advance*, so there's ample time for the | ||
| Overflow members. This is why most workshops are planned _at least 2 weeks in advance_, so there's ample time for the | ||
| teaching team to familiarize themselves with the content. | ||
|
|
||
| The content covered also doesn't have to be complete, or go deep into the topic. Sometimes, a high level overview is | ||
| enough! | ||
|
|
||
| *** | ||
|
|
||
| If you found something that helped your brainstorming process, please feel free to add on to this list! | ||
|
|
||
| [^1]: Anything relevant to **technology**, of course! |
Oops, something went wrong.