Groups' management

[laxathom]

Groups' management re-design:

• Will inherit standard features from fas2 (with wording updates)
• Group status. Account's admin will be able to:
  • block
  • archive
  • active
  • mute (group can still be managed by group's admin. However, no updated infos will be sent out, no emails, nor sync with fas-client or any 3rd parties, etc).
• Create or set group as private that only members and account's admin can see.
• Can Delete groups (if empty only and/or no child groups): only by account's admin.
• When applying (requesting membership) to a group, offer user to send an (optional) introduction with a modal form.
• License agreement signing is tied to group membership, no more from profile's page. User can join a group without having to sign license agreement if it's not required.
• Membership notifications
  • Send email (via pyramid's event mechanism?) to members if status or infos get changed.
  • Send email when someone left/join a group (email sent to registered mailing list).
• Offer to principal_admin (previously, group's owner) a way to pass along its ownership to other admin's members (account's admin have this power too): use modal form.
• Filter role type from members list (all, sponsor, admin).
• Request group creation form. Once done, group admin and editors will received an email to approve the new group. Requester will receive an email if approved.

Those are my notes that I save here to track related commits

[pypingou]

Create or set group as private that only members and account's admin can see.

I am not sure of this point. What would be the interest? I fear we could end up in situations where an application behaves differently because the user is in an "invisible" group and the person trying to debug it either doesn't know about it or doesn't have the possibility to check/see it.

[laxathom]

If user uses his self-generated token for his apps, he intends to use his app just like he was logged in from the web interface. As a result, he should debug with this knowledge.

However, a trusted 3rd party app which uses private API (i.e app in same infrastructure) will have access to the whole list.

[pypingou]

I still don't quite understand your idea/use-case especially since here you now speak about API and token which you did not mention at all in the original description of the ticket :) But maybe we can talk more about this elsewhere.

[ryanlerch]

Closing this issue as the FAS project is now archived, not actively developed, and unmaintained.

FAS was replaced in March 2021 by Fedora Accounts (https://accounts.fedoraproject.org).

If this issue is a Feature Request that you forsee might be beneficial to Fedora Accounts, please refile it against Noggin