There are two changes needed to get access to a user's email address for harvester emails.
The first change gives privileged access to a user's details. This is needed to access the email address.
The second change requests the "extra" information about a user, including the email address.
The first change could be avoided if, for example, the user_show action in CKAN 2.9 is changed to honor the ignore_auth value in the context. But I am not sure if the long-term plan is to honor ignore_auth. It could also be avoided if user_show honored the running user's administrative privileges, but the logic does not do this at the moment.
We are running this command as the user "harvest", which is configured to have administrative rights. But the logic in user_show is honoring the context's 'user' field in CKAN 2.9, instead of looking at the user's privileges. So it seems that a 'user' value must be added to the context with the current authorization logic used in user_show.
There are two changes needed to get access to a user's email address for harvester emails.
The first change gives privileged access to a user's details. This is needed to access the email address. The second change requests the "extra" information about a user, including the email address.
The first change could be avoided if, for example, the
user_showaction in CKAN 2.9 is changed to honor theignore_authvalue in the context. But I am not sure if the long-term plan is to honorignore_auth. It could also be avoided ifuser_showhonored the running user's administrative privileges, but the logic does not do this at the moment.We are running this command as the user "harvest", which is configured to have administrative rights. But the logic in
user_showis honoring the context's 'user' field in CKAN 2.9, instead of looking at the user's privileges. So it seems that a 'user' value must be added to the context with the current authorization logic used inuser_show.