[horde] User id numbers

Richard Wallace rwallace at thewallacepack.net
Tue Oct 26 14:15:07 PDT 2004


Jan Schneider wrote:
> Zitat von Richard Wallace <rwallace at thewallacepack.net>:
> 
>> Chuck Hagenbuch wrote:
>>
>>> Quoting Richard Wallace <rwallace at thewallacepack.net>:
>>>
>>>> What would be the best way to associate an id number to a user.  We're
>>>> going to be using the sql backend and would like to be able to change a
>>>> users name without affecting how they are seen by the system.  Should I
>>>> use the tobackend() and frombackend() hooks, or something else?
>>>
>>>
>>>
>>> You should change their name (i.e, their identity), and leave their 
>>> userid
>>> alone; even if you map it to something else in the backend, it'll cause
>>> problems in Horde if you change it.
>>
>>
>> The only place the user name is really relevant in our usage is during
>> login, beyond that it doesn't really get used.  We'll be using a custom
>> Identity implementation (something that uses an app or a db backend to
>> lookup user info) for anything else.  The user would never see the
>> actual uid that horde is using.  So if we write a frombackend() hook to
>> lookup the username and map it to an id, then after the user is
>> authenticated the setAuth() method will call the addHook() method which
>> will call the frombackend() hook and use the id instead of the username
>> from that point on.  So Auth::getAuth() will return the users id, not
>> the users name.  Which means that the id will be used for prefs and
>> everything else.  This wouldn't break anything that I can think of and
>> we could change the users name at will.  Is there something I'm missing
>> or not thinking of?
> 
> 
> This is exactly what the frombackend and tobackend hooks were made for. If
> you hit a problem it's probably a bug because this feature has not been
> tested extensively yet.
> 
> Jan.
> 

The only problem I'm afraid that I may run into is with respect to 
groups.  When a user is added to a group, the user name is added to the 
group, not the users id.  So it looks like the frombackend() hook is 
used when presenting the list of users that are in the group and could 
be added to the group, but when the admin submits the form to add users 
to the group the tobackend() hook is never called.  So, when getting a 
list of users for the group via the Group::listUsers() method you get a 
list of user names, not their ids.

The Group::listUsers() thing might not be a problem in and of itself, 
but I'm worried about how the permissions lookups will function.  If you 
do a $groups->hasPermission ('something', Auth::getAuth(), PERMS_SHOW), 
does it do a tobackend() hook call before looking up permissions for the 
groups the user is a member of or not?

I'm concerned that the frombackend() and tobackend() hooks are not being 
consistently used.  Why thought was that the users name wouldn't get 
used by horde at all beyond login.  I'm confused as to why it returns 
the users name for Group::listUsers() and am wondering where else it 
might be using the name rather than the id.  Thoughts?

Rich



More information about the horde mailing list