Open ThrawnCA opened 1 year ago
This looks great @ThrawnCA, love your work!
Could you add something to the README describing this behaviour? Happy to merge after that :)
README is updated; feedback welcome.
After reviewing this again, I'm a little concerned that this feature could be too opinionated for many consumers. Would it make sense to provide a flag like ckanext.security.admin_only_user_details
? For example, in our application all logged in users should be able to see other users of the system, but public users are not allowed to, so the standard ckan.public_user_details
flag is fine.
For example, in our application all logged in users should be able to see other users of the system, but public users are not allowed to, so the standard
ckan.public_user_details
flag is fine.
I assume that you don't allow public registration, then?
Why would one regular user need to see another's profile?
Improve the privacy of user data. If
ckan.public_user_details
is False, then user profiles should only be visible to their owners or relevant admins.