www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Stevenson <pct...@apache.org>
Subject Re: LDAP custom-asf schema - family name?
Date Thu, 09 Jun 2011 11:22:17 GMT
On Thu, Jun 09, 2011 at 09:55:24AM +0100, sebb wrote:
> On 9 June 2011 08:49, Tony Stevenson <pctony@apache.org> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA256
> >
> > Hey sebb,
> >
> > I have already extended the schema to include 4 of the 5 fields in the iclas.txt
file.
> > The availid, cant really be recorded ;-)  as this is your username.
> >
> > So we do now have the concept of 'public name', and 'legal name'
> >
> > I have added the values for my entry so as to show people what we can add.  I have
also edited the ACL, to only root/secretary to edit the all but the 'public name' which I
have allowed root/secretary@/$SELF to edit.
> 
> That entry looks as though it has all the needed fields.
> 
> However, I suspect only the asf-icla-publicname should be publicly readable.
> 
> >From the point of view of inputting the data, having entries for each
> ICLA field makes it much simpler.
> 
> I assume that the cn is originally derived from the public name when a
> new entry is added?

NO, it's from iclas.txt - Note that I am referring to the 3rd field, as per below, when I
say public name. 

https://svn.apache.org/repos/private/foundation/officers/iclas.txt

## The first field is their userid *after* it has been created. Generally,
## the infrastructure team puts that in there once they confirm the
## availability of the id and create the account. Prior to that, it would
## read as "notinavail" (referring to CVSROOT/avail).
## The 2nd field is the person's real name.
## The 3rd field is their public name.
## The 4th their email (as noted on the signed CLA)
## The 5th field is the form on file. The 5th field can be extended, at a later
## time, to include other information as well.
##
## The 5th field can also contain the stem of the filename used for the CLA,
## separated from the form by a semi-colon.
## e.g. if the CLA is stored in the file first-last.pdf, then the 5th field is:
##     Signed CLA;first-last



> Subsequent edits should presumably be made to the cn field, rather
> than the icla field?
> 
> It's a bit complicated, because the asf-icla-publicname field has no
> corresponding entry in the CLA form itself.
> I'm not sure how the public name is defined, other than by covering
> letter or a note on the form itself.

Thats a fair point, im not sure what actually qualifies data for entry in this field.  Though
I am aware of one example, where the legal name is different to their public name. 


> BTW, when I use ldapsearch the icla file field wraps:
> 
> asf-icla-file: https://svn.apache.org/repos/private/documents/iclas/tony-steve
>  nson.pdf

This is an extremely annoying artifact of ldapsearch, when using it in scripts, I usually
pipe it through perl -pe 's,\n ,,' - as the new line when wrapped is always indented by one.



> 
> Is that a feature of ldapsearch or an error in the data?
> 
> > We can certainly add 'sn', and 'givenName' - again they have been on my record for
ages.  Do we have a known good source from which to definitively take this info from?  As
your cited example below of 'lewis ship' which is not hyphenated would sure make ingesting
them from iclas.txt quite difficult.  Unless we ingest on a best efforts basis, and then
tell committers to review their details and edit them if they are wrong (adding the fields
to be edited in id.a.o is trivial)
> >
> 
> +1
> 
> >
> >
> > On 9 Jun 2011, at 08:35, sebb wrote:
> >
> >> Tony wrote that he is working on the custom-asf schema currently.
> >>
> >> It would be very useful for generating sorted lists of names if LDAP
> >> contained each person's given name and family name - or at least the
> >> family name and the full name.
> >>
> >> Is that something that exists already, or is being considered?
> >>
> >> Also, there is a distinction between a person's full name (legal name)
> >> and their name as they wish it to be known publicly. These are not
> >> always the same.
> >>
> >> For the purposes of generating public output, of course the public
> >> name should always be used.
> >>
> >> This is not always directly related to the full name, so it implies
> >> that the family name should either be public or there need to be
> >> separate versions for the full and public versions.
> >>
> >> Note: where a family name has two words - e.g. Lewis Ship - this could
> >> perhaps be rendered in HTML output using an encoded space, e.g. &nbsp;
> >>
> >
> >
> > Tony
> >
> > - ---------------------------------------
> > Tony Stevenson
> >
> > tony@pc-tony.com // pctony@apache.org
> > tony@caret.cam.ac.uk
> >
> > http://blog.pc-tony.com
> >
> > GPG - 1024D/51047D66
> > - --------------------------------------
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> > Comment: GPGTools - http://gpgtools.org
> >
> > iF4EAREIAAYFAk3wevkACgkQZoUdOyVD4yOoBgEAjfgexsr8u+5lmRhpnrfmlEle
> > NyLl6lzWw5gBxySFsIsA/AtVjapb1kiKWlN0e0vtqsAUX6lK9+gsmLskYVmg5/+Z
> > =hSwC
> > -----END PGP SIGNATURE-----
> >
> 

-- 

Cheers,
Tony


---------------------------------------
Tony Stevenson

tony@pc-tony.com  //  pctony@apache.org
tony@caret.cam.ac.uk

http://blog.pc-tony.com

GPG - 1024D/51047D66
--------------------------------------"


Mime
View raw message