Mailinglist Archive: opensuse-buildservice (258 mails)

< Previous Next >
Re: [opensuse-buildservice] [PATCH] Unable to delete user via API
  • From: Adrian Schröter <adrian@xxxxxxx>
  • Date: Wed, 11 Aug 2010 12:17:53 +0200
  • Message-id: <201008111217.54299.adrian@xxxxxxx>
On Tuesday 10 August 2010 14:53:35 Marcus Hüwe wrote:
On 2010-08-10 11:56:49 +0200, Adrian Schröter wrote:
On Sunday 08 August 2010 22:30:30 Marcus Hüwe wrote:
On 2010-08-08 14:15:41 -0600, Srinidhi B wrote:

<SNIP>

So, the correct fix would be to update all projects / packages to which
this user belongs and only then delete the user from the db? Or should
there be some more checks?

Hmm yes + the groups_users table. Additionally the backend needs to be
informed
too otherwise the user would still be in the project/package metadata.

Yes, actually I would like to remove the "delete user" functionality at
all. It can
only create trouble and even permission/secrurity problems later.

On the one hand it might cause a lot of problems if it's not
implemented correctly but on the other hand this is a "crucial"
functionality IMHO. So we would need a concept which solves
(or avoids) all the issues...

I am not aware of issues on the OBS actually (backend is not doing anything
with the user lists). But if you use OBS as central database for your
user accounts you may run into problems with other infrastructure.
Or with remote OBS instances if we add more OBS interconnect functionality.

Okay, it is an Admin-only option in the end, so the admin should know
what he is doing ...

Or we modify the function to lock the user.

Locking would be a nice additional feature:)

Locking exists already ;)

--
Adrian Schroeter
SUSE Linux Products GmbH
email: adrian@xxxxxxx
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >