Here's the verbiage from ICAH contract:
New Feature: Access to Lists of User Emails – In order to mail out updates, Client will need simple access to all the emails of users that have signed up through the website. These emails are currently tracked, but are only accessible by visiting user cards as administrators and navigating laboriously to the options tab. Contractor will provide a simple mechanism that will allow easy access to lists of user emails via the web interface, making them much simpler to transfer to other databases.
seems like it should be encapsulated in card(s) in some way. Either one special card that build the whole list, or as a kind of autocard for each user. the latter seems more complex, less efficient, more flexible, and more general.
In general, wagn plug-ins shouldn't be restricted to cardtypes-- there should be hooks into the system that processes cardnames to look up autocards, templates, etc. so that it's easy to create custom autocards. Whether this is a can of worms we want to open for this ticket is questionable to me.
It may not be a crucial question for this specific feature as it seems common enough to "hardcode" into core functionality. Thinking about this makes me feel like improving the plugin system and modularizing the wagn code somewhat may be a high-ish post-1.0 priority.
--Lewis Hoffman.....Mon May 04 15:59:14 -0700 2009
permissions: is this a "top-level" permission, or should it always just be admin who can see it?
--Lewis Hoffman.....Mon May 04 17:37:36 -0700 2009
Unless it's a prohibitive amount of work, i'm in favor of putting individual user emails into cards. Unclear on your permissions question, Lewis, i was imagining these cards by default having permissions in the regular system set to be viewable and editable only by people with the Administrator role. That way on some Wagns people can change that so they're visible to Anyone signed in, or people with a created role, etc.
--John Abbe.....Mon May 04 18:11:00 -0700 2009
So, to be a bit more explicit, we might build handling such that X+*email is a virtual card that displays the email of the account associated with X. I like this, and if we can fit it into 5 or so hours (I think I based the bid on a 5 hour estimate), I would say go for it, even if that means a bit of hackery that we wait until later to break out into a richer modularization strategy (agree that it's high value).
re permissions, I don't think there will be an actual *email or *email+*rform card, so I don't know how the idea about a default setting would work. My first inclination would be to restrict the autocard permission using the global "administrate users" task. If you can administrate users, you can see their email in the options tab, so this is a fairly internally consistent approach.
--Ethan McCutchen.....Mon May 04 22:28:41 -0700 2009
Meant to say that this way we can do a search with :append=>'*email' to get the desired results.
--Ethan McCutchen.....Mon May 04 22:30:17 -0700 2009
hehe, I did a spike today before I read this, but it was basically exactly what you suggest, if we get to Card.auto_card() and there's no template to create such an auto card, and name ends in +* , it tries to look up card.extension.attr_name.
I added the check for :administrate_users, changes are committed and deployed to ang for testing, see http://wagn.indecks.net/wagn/email_list
main problem I am aware of it is it is *super* slow.
--Lewis Hoffman.....Tue May 05 17:01:29 -0700 2009
If you don't have permission, you get a list of offers to create |username|+*email, and of course if you do, those get shown instead of the virtual cards. Best practice is probably to make the search card itself only visible to Administrator.
--John Abbe.....Tue May 19 17:54:54 -0700 2009
I created this for English and ICAH - for the latter, we'll need to give the person who's doing this for them the Administrator role. http://icah.wagn.org/wagn/email_addresses_of_Users
--John Abbe.....Tue May 19 19:29:51 -0700 2009
I don't think we can call this closed if it's offering non-administrators the option to add the card. won't that break the list?
--Ethan McCutchen.....Wed May 20 09:44:11 -0700 2009
fwiw, I don't think you necessarily have to be an administrator, you just have to have a role with permission to administrate users. In the case of ICAH, we may (or may not?) want a separate role for that?
--Ethan McCutchen.....Wed May 20 10:07:36 -0700 2009
also, for ICAH we'll probably want to wagneer a view that shows both name and email.
--Ethan McCutchen.....Wed May 20 10:24:22 -0700 2009
If coming up with a deeper way to avoid offering non-admins the option to add the cards seems like too much to do right now, i think it's a reasonable workaround that the search card itself (e.g., http://en.dwagn.org/wagn/User_emails ) have View permission restricted to Administrator or whatever role.
--John Abbe.....Sat May 23 17:45:29 -0700 2009
see expose card metadata in cards
--John Abbe.....Mon May 25 10:07:44 -0700 2009