Open ajf58 opened 9 years ago
I've tagged this as potential GDPR because a 'bad' user could register an account, create a show and then use this functionality with a dictionary-style attack to brute force email address, eventually mapping an email address to a user's real name.
I would vote for closing this in favour of #249
I worry that searching by name instead of email is sort of opposite to the direction agreed on #413. And the solutions suggested in #249 would probably fail for similar reasons (people with same name, people with first name variations).
I'd vote to close #249, and figure out a better way of doing it by e-mail. We could maybe just hide whether a real ACE entry or PendingAccess has been created. There might be ways of changing the data model to work in similar ways discussed in #413 with hashes etc as it's kindof a similar problem.
Seaparating out from my comments in #250.
If the user's email address is known to Camdram, the user should confirm wanting to add them as an admin (by name). If they weren't known then the user can either create a pending access entry or cancel.