incubator-jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Janne Jalkanen <Janne.Jalka...@ecyrd.com>
Subject Re: author ids
Date Sat, 23 Aug 2008 22:08:07 GMT
> Good discussion. I'm on vacation, and haven't been able (or  
> willing, heh) to participate much in this discussion. A few points  
> from my perspective:

I completely understand that :-).  Luckily this is not a pressing issue.

> - Author names, timestamps, etc. are metadata in my opinion, and  
> should be stored that way. This implies that we should be storing  
> user IDs. The nice thing about using IDs that if the login/wiki  
> name changes, the current name will be displayed. If IDs were also  
> stored for past revisions, there won't be any problems  
> understanding who the person is, because it will always reflect the  
> current name. This would eliminate the "snapshot" issue Janne  
> raised. I am not a Sarbox expert -- and it should not drive our  
> thinking. But "normalizing" user references (using IDs and not  
> names) is just good programming technique, IMHO.

Well, the "id" can be anything.  Typically, in a database, this is an  
integer because of performance reasons.  JCR does not care, and the  
ID can be anything we like - even something human-readable, like the  
actual *login name* of the person.  Or (a thought just popped to my  
head) the original login name.

I think I would prefer this solution.  JCR design patterns clearly  
discourage the use of IDs as such (preferring references), and this  
solution will give us both a human-readable name for import/export,  
which is at the same time an unique, unchangeable identifier.

If we still want to enable people changing the loginname, we can add  
a trace of all the login names that have been changed - or have a  
"current" loginnname.

I think we should choose UID as an arbitrary string, and choose the  
initial value of the string to be the login id.  This also protects  
automatically against anyone who tries to re-register an existing ID.

> - ACLs, in the future, will need to persist identity references as  
> IDs. We need to move ACLs out of page markup anyway, because it's  
> really metadata and not page content. This should be pretty easy to  
> migrate, ideally at startup. For user input and display purposes,  
> of course, we should always allow users to view and edit ACLs using  
> plain old user names, roles and groups.

This is obvious.  We can have a way better ACL editor...

> - For those who are curious (Terry?), we already change user names  
> in ACLs when the person's login/wiki name changes. So if Terry  
> decides to change his wiki name from TerryS to Terry, all ACLs that  
> contain "TerryS" will be chanced correctly.

This is obviously not good, because it will cause changes in all  
pages, even though it was something else which changed.

/Janne

Mime
View raw message