[Mailman-Developers] Browser ID integration with Mailman

Barry Warsaw barry at list.org
Tue Feb 21 02:28:14 CET 2012

On Feb 21, 2012, at 02:00 AM, Florian Fuchs wrote:

>Agreed. Django's User model most definitely covers all our needs. The thing I
>am not sure about is: What kind of user info ends up in the core DB and what
>should be stored in the web ui db. In theory we don't need any kind of
>permanent storage in the web ui, because the core already has a pretty
>comprehensive user model (storing user names, email addresses, roles,
>memberships etc). OTOH it could make great sense to enhance this data with
>all kinds of crazy things that could be stored in the web ui. Or to store
>some user data temporarily to reduce API calls. But this means we'd have two
>different data sources since the web ui should not access the core db

Yep, it's a big question.  Something could clearly make sense in the core,
e.g. gpg keys for authentication or encryption.  Other, specifically ui-type
data might not make as much sense in the core.  Even if we came up with a way
to extend the core schema and store the data in the core, how would you access
it?  There would probably have to be a generic REST API for getting key/value
data associated with the user in and out of the core.

I've have a similar question when it comes to authorization.  Just where to do
we keep the authorization mapping users and roles to actions they can perform?
I'm very close to punting on this for 3.0 beta (and thus likely for 3.0
final), though I'm also happy to revisit it during the Pycon sprint (likely
for a hypothetical 3.1).


More information about the Mailman-Developers mailing list