incubator-bloodhound-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Martin <gary.mar...@wandisco.com>
Subject Re: Acct creation?
Date Thu, 03 Jan 2013 00:40:26 GMT
On 2 January 2013 22:34, Gavin McDonald <gavin@16degrees.com.au> wrote:

>
>
> > -----Original Message-----
> > From: Gavin McDonald [mailto:gavin@16degrees.com.au]
> > Sent: Thursday, 3 January 2013 8:48 AM
> > To: bloodhound-dev@incubator.apache.org
> > Subject: RE: Acct creation?
> >
> >
> >
> > > -----Original Message-----
> > > From: Peter Koželj [mailto:peter@digiverse.si]
> > > Sent: Wednesday, 2 January 2013 5:11 PM
> > > To: bloodhound-dev@incubator.apache.org
> > > Subject: Re: Acct creation?
> > >
> > > > > So, if you want to keep it, you have to, IMO, do the following:
> > > > >
> > > > >   * do not duplicate in Apps what's accessible from one of the
> > > > >     navigation bars
> > > > >   * do not leave in Apps important links (such as, e.g., Register)
> > > > >   * do not call it Apps; I suppose, once the previous two
> > > > > conditions
> > are
> > > > >     met, the heading could be called "Plugins" or "Tools" or some
> > > > >     similar, more obvious name.
> > > > >
> > > >
> > > > I agree , especially with (2) .
> > > >
> > > >
> > > I agree with all of the above as well so I took the liberty to open a
> > > ticket: https://issues.apache.org/bloodhound/ticket/321
> >
> > As the instigator to this thread I need to follow up.
> >
> > I did indeed find 'Register' under the apps drop down menu.
> > I registered fine so thanks.
> >
> > A few points.
> >
> > 1) no email validation or captcha was required, that's a spam target.
>
> Ok this one I did get an email asking for verification, by this time though
> an
> acct is already created and I was allowed to login beforehand.
>
> Perhaps the email + token verification should happen before being allowed
> to login for the first time?
>

At the moment our site is set up so that additional permissions have to be
granted by an admin user to allow for any kind of editing. Perhaps this
sets the bar too high but any user can make the request them on this
mailing list.

However, the fact that you have to login to get an email sent for the
verification can certainly be confusing and so I would not mind that being
changed.


> Gav...
>
> >
> > 2) I agree 'Login' link at top of page should be Login/Register with a
> link on
> > the Login page to register.
>

Yeah, sounds good to me.

> 3) Delete Account ? Really? - What happens to tickets assigned and/or
> > created by a user if he can delete his/her own acct?
> >    Personally I think that should be removed and placed in admin hands
> only.
>

Perhaps I am missing the problem.. tickets associated with such a user as
reporter, assignee, commenter and so on will retain the specified username.
I can't think of any huge issue around this at the moment but perhaps I am
too tired at the moment to work out all the problems. The only problem I
can think of right now is that old usernames might be reclaimable so that
another user could pretend to be the previous owner of a username. So
perhaps it would be better if usernames could not be reused unless an admin
user creates an account.

Cheers,
    Gary

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message