search

camdram / camdram

The portal website for student theatre in Cambridge
https://www.camdram.net/
GNU General Public License v2.0
21 stars 15 forks source link

Add confirmation steps to modifying admins #255

Open ajf58 opened 9 years ago

ajf58 commented 9 years ago

Seaparating out from my comments in #250.

If the user's email address is known to Camdram, the user should confirm wanting to add them as an admin (by name). If they weren't known then the user can either create a pending access entry or cancel.

CHTJonas commented 6 years ago

I've tagged this as potential GDPR because a 'bad' user could register an account, create a show and then use this functionality with a dictionary-style attack to brute force email address, eventually mapping an email address to a user's real name.

CHTJonas commented 6 years ago

I would vote for closing this in favour of #249

hoyes commented 6 years ago

I worry that searching by name instead of email is sort of opposite to the direction agreed on #413. And the solutions suggested in #249 would probably fail for similar reasons (people with same name, people with first name variations).

I'd vote to close #249, and figure out a better way of doing it by e-mail. We could maybe just hide whether a real ACE entry or PendingAccess has been created. There might be ways of changing the data model to work in similar ways discussed in #413 with hashes etc as it's kindof a similar problem.