markstuart
commented
1 year ago This looks great @ThrawnCA, love your work!
Could you add something to the README describing this behaviour? Happy to merge after that :)
Open ThrawnCA opened 1 year ago
markstuart
commented
1 year ago This looks great @ThrawnCA, love your work!
Could you add something to the README describing this behaviour? Happy to merge after that :)
ThrawnCA
commented
1 year ago README is updated; feedback welcome.
markstuart
commented
1 year ago After reviewing this again, I'm a little concerned that this feature could be too opinionated for many consumers. Would it make sense to provide a flag like ckanext.security.admin_only_user_details? For example, in our application all logged in users should be able to see other users of the system, but public users are not allowed to, so the standard ckan.public_user_details flag is fine.
ThrawnCA
commented
1 year ago For example, in our application all logged in users should be able to see other users of the system, but public users are not allowed to, so the standard
ckan.public_user_detailsflag is fine.
I assume that you don't allow public registration, then?
Why would one regular user need to see another's profile?
Improve the privacy of user data. If
ckan.public_user_detailsis False, then user profiles should only be visible to their owners or relevant admins.