[whups] Code update (numerous features)

[Robert E. Coyle]

From: "Alex Leverington" <admin@networkessence.net>

> Sounds great. I'm learning.  I'll redo my code changes accordingly.  One 
> question though, originally, user backend all operated on the user's ID being 
> his/her email address.  Was this something you had in mind?  I changed it to a 
> user id system with getUserFromEmail() getUserFromName() getUserDetails(), 
> getUserDetailsFromEmail(), etc... what do you think?

Well, I originally chose email addresses because they have a canonical form,
whereas names don't, ie. you may capitalise differently, hyphenate differently
etc.  Also, probably more importantly, email addresses are guaranteed unique
whereas names are not.

I suppose the ultimate system would be to link in with Turba and maintain an
addressbook for all whups users of a given installation.  You could then have a
button which pops up a small dialog window where you could enter user search
queries using the turba system.

> And what do you think 
> about having only the comments be available to unauthorized users?

Tickets are read-only unless you have the right permissions.   There is a
difference between being logged in as a registered user, being logged in as
a public user, and not being logged in at all.  If you're not logged in, you
can see public tickets, but can't even add comments.  If you're a public user,
you probably shouldn't be able to modify tickets, but can add comments.  If
you're a registered user, you can do anything to that ticket provided you have
the correct permissions.

Earlier on this list (around march and april this year), we discussed briefly
what granularity you may need for permission checking.  You'll probably want to
dig out those mails.

Rob.

-- 
Klein bottle for sale ... inquire within.