Our solution was to divorce "accounts" and the "User" cardtype:
- not all Users have an account (in code, a user extension).
- Users, in fact, are not treated as a special cardtype in any way, EXCEPT that if you invite a friend (or accept an invitation request), the friend gets a User card. NEEDS TESTING
- any card that does not have another extension (like a role, cardtype, or format card) can have an account added to it (via the options tab)
- in order for a user to add an account to a card, these conditions must be met:
- user must have this global permission: "add accounts to cards"
- user must have edit permissions for the card in question
- card can't already have an extension
- When a user invites a new user and gives an existing card name, the existing card is transformed into a User card.
- When someone requests an account and gives an existing card name (e.g. Frank Zappa), an InvitationRequest is created.
Short-term, inconvenient hack:
Create a form for Users and copy it to InvitationRequest+*tform. To add someone new, log out, click on Request an Invitation and type in their name and e-mail address. Then log back in and edit their card and its relative inclusions as you like. Invite them if/whenever you like by clicking on the Invite link on their card.
While this works, it's enough of a pain to dissuade me sometimes from creating people in my personal wiki. :-P --John
What if the existing card has view(or create or edit) permissions that a current inviter doesn't have?
--John Abbe.....Tue Sep 02 18:01:44 -0700 2008
hmm, just found issue trying to create a user through the new card interface. will address.
--Ethan McCutchen.....Tue Jan 13 10:21:31 -0800 2009
coded a patch.
--Ethan McCutchen.....Tue Jan 13 11:39:38 -0800 2009
Added an account to http://sandbox.wagn.org/wagn/Just_a_card and it worked! Three issues:
"Three issues." OK, you're so not on the accounting team. :)
- For consistency's sake, suggest changing the link on the Options tab from "Add a login account for..." to "Add a sign in account for..."
-- √ Good idea. I did "sign-in account", since the adjectivity begs a dash.
- Suggest reloading the Options tab when it's done, perhaps with a message explaining that the sign in account has been created.
-- √ The reloading was posta happen - had a bug. Well spotted. I added a message, too.
- Suggest sending the usual account-creation email to the address given.
-- √ Good idea. It has to be a different message, but I added a short one for now. Next we're going to want control over whether the email is sent (perhaps you'd rather create a bunch of accounts and then send out bulk messages), custom messages, etc. Let's attend to scope creep and try to find something simple and workable. I have a rudimentary automated test, but please review this one carefully
- On Sandbox, permission to "add accounts to cards" was turned on for Anyone and Anyone Signed In. Makes sense to me for it to be on by default for the latter, but not the former. In any case, let's make sure the defaults are set as we want them.
-- √? I'm not sure most sites want just anyone adding accounts to cards. I suspect it should by default be off for all roles (as it currently is). It's the kind of thing that should be actively selected, not actively deselected. I made the changes on sandbox manually. In any case, can you start gathering the default settings issues (like tinyMCE) into a single card? fwiw, the work involved in that change is much more closely related to to tinyMCE defaults than to the rest of the cardtype work.
- When i change the type of the card (eg Basic to User, or User to Basic), the card apparently loses the extension (by the look of the Options tab, and the fact that i can no longer sign in as that user).
-- √ This was the trickiest one, but our solution is a good bit more sensible and robust now. I can see some possible issue if you tried to change a card with a portable extension (like a user account) to a nonportable, 1-to-1 type (like Role or Cardtype). Worth testing, but for now, please hit the more common cases hard!
--John Abbe.....Tue Jan 20 23:32:38 -0800 2009
If there's ever an issue we should test to death, thinking through all sorts of ramifications, this is the one. Let's throw everything we've got at it!!
--Ethan McCutchen.....Mon Jan 26 15:31:59 -0800 2009
Roles and cardtypes don't offer to be turned into account, but at least this format card does: http://sandbox.wagn.org/wagn/session+*tform
--John Abbe.....Tue Feb 10 17:08:21 -0800 2009
Roles and cardtypes already have extensions, so they can't have accounts with our current architecture, which is legacy from some early ideas we had about wagn as a data integration tool that could plug into other tables. Lew and I want to fix that, and I should ticket it (it's in my personal tracker - no need to hold this up for that).
are you suggesting that we want to disallow accounts on certain cards like form cards? anywhere else? Do you think allowing it is a problem?
--Ethan McCutchen.....Wed Feb 11 11:25:50 -0800 2009
Have you tested bogus passwords, bogus emails, names with apostrophes, that sort of thing? Let's do everything we can to break this thing. Emails with capital letters break things, right? Have we found other things?
--Ethan McCutchen.....Wed Feb 11 16:45:19 -0800 2009
gathering default settings stuff: implement initial setup for new Wagn
--John Abbe.....Tue Feb 17 14:38:43 -0800 2009
I thought forms were supposed to be disallowed because of this from +solution:
"any card that does not have another extension (like a role, cardtype, or format card) can have an account added to it (via the options tab)"
--John Abbe.....Tue Feb 17 14:40:26 -0800 2009
Tested bogus emails (Wagn rejects), email with capital letters (not a problem), names with apostrophes (handled the same as any other card name with apostrophes). Not sure what a bogus password would be.
Changing cardtype to cardtype returns a 500 error and nothing is changed. Changing cardtype to Role works, and the card apparently loses the user extension.
Two odd bits:
Email comes from Admin rather than from the signed-in user. (when there's no *invite+*from)
After adding the user extension, when returned to the Options tab, the Email field is blank (could have the just-given email address).
--John Abbe.....Tue Feb 17 22:19:51 -0800 2009
so emails with capital letters work so long as you always use the same capitalization but not if you sign up as ETHAN@WAGN.ORG and then sign in as firstname.lastname@example.org, right? I guess that's ok for now. I'd like it to treat those as the same; I've got a note to ticket that.
--Ethan McCutchen.....Wed Feb 18 20:41:03 -0800 2009
option to add account on format card should be gone.
--Ethan McCutchen.....Wed Feb 18 20:42:20 -0800 2009
not going to worry about changing to user to cardtype now.
--Ethan McCutchen.....Wed Feb 18 20:42:50 -0800 2009
When there's no *invite+*from, the invite email now (correctly) comes from the signed-in user.
--John Abbe.....Wed Feb 18 20:49:07 -0800 2009
fixed blank email thing.
--Ethan McCutchen.....Wed Feb 18 21:16:03 -0800 2009
Correct re capitalization.
Yes, option to add account on format cards is gone.
Ticketed handle user ext retype attempts to user or role
--John Abbe.....Wed Feb 18 21:41:03 -0800 2009
We still need a migration that gives create_account permission (global) to the Role that currently has create permission on User cards.
--Ethan McCutchen.....Wed Feb 25 17:24:58 -0800 2009
added this migration.
--Lewis Hoffman.....Fri Feb 27 13:18:51 -0800 2009
Documented on http://new.wagn.org/wagn/Config and accounts.
--John Abbe.....Sun Mar 01 06:30:49 -0800 2009