[PLIP-Advisories] Re: [Plone] #9305: Use real names instead of usernames
plip-advisories at lists.plone.org
plip-advisories at lists.plone.org
Fri Aug 7 10:15:57 UTC 2009
#9305: Use real names instead of usernames
--------------------------+-------------------------------------------------
Reporter: laurenskling | Owner: laurenskling
Type: PLIP | Status: new
Priority: minor | Milestone: 4.0
Component: Unknown | Resolution:
Keywords: |
--------------------------+-------------------------------------------------
Old description:
> Plone is mostly used in friendly environments where people know each
> other by name, like on Intranets. Showing usernames doesn't give much
> information, as it still doesn't say much about the identity of a person.
> I see no objections in showing real names by default, throughout Plone
> (On search results, comments, versioning, etc.)
>
> == Proposal: ==
>
> * Use realnames instead of usernames by default in naming users.
> * Make this configurable in the Plone Control Center, if users need to be
> anonymous.
>
> == Risks: ==
>
> Unmeant revealing of real names when upgrading to Plone 4.
New description:
Plone is mostly used in friendly environments where people know each other
by name, like on Intranets. Showing usernames doesn't give much
information, as it still doesn't say much about the identity of a person.
I see no objections in showing real names by default, throughout Plone (On
search results, comments, versioning, etc.)
== Proposal: ==
* Use realnames instead of usernames by default in naming users.
* Make this configurable in the Plone Control Center, if users need to be
anonymous.
== Risks: ==
Unmeant revealing of real names when upgrading to Plone 4.
--
Comment(by wichert):
I also posted this to the framework-team list, but for archiving purposes
I'll add my comments here as well.
I'm afraid I do not agree with the proposed implementation. Adding a new
method to the membership tool is not useful since there already is a
getMemberInfo() method which returns almost the same information. There
are no performance differences between getMemberInfo() and a separate
getFullName() method.
I also don't buy the lookup mechanism mentioned in the PDF: you are
essentially creating a persistent cache system, which means that suddenly
page views can trigger ZODB writes, which is very bad for high performance
sites. It also will miss all user changes created directly in external
user sources such as LDAP, AD and SQL databases, leading to incorrect and
possibly confusing behaviour.
If there is a performance problem, which has not been proven yet, it
should imho be solved at a different point. All the required PAS methods
are already ZCacheable, so that is not expensive. The single object wakeup
to get the users member data is also not that bad, and I would be very
surprised if that shows up in a real world profile.
--
Ticket URL: <http://dev.plone.org/plone/ticket/9305#comment:19>
Plone <http://plone.org>
Plone Content Management System
More information about the PLIP-Advisories
mailing list