← Back to team overview

mugle-dev team mailing list archive

On usernames and privacy

 

So there is a bug #787454 <https://bugs.launchpad.net/mugle/+bug/787454>,
which I marked as critical because of this privacy issue. But I think it
goes a bit deeper.

Basically, we are forcing people to log in with their gmail accounts, which
means we are dealing with their (in some cases) primary email addresses.
This is a privacy concern for two reasons:

   - Email addresses should not generally appear on public websites, for
   spam reasons,
   - Users may be embarrassed if their silly handle they made in year 11
   when they were a kid (eg. eatmyshortz) ends up becoming associated with them
   publicly, especially if students are using this on their resume.

So we should generally not be exposing email addresses.

The above bug is about allowing the user to change their fullname. But that
only solves half the problem, because users still have no ability to change
their username which appears in the URL when you click on their fullname
(for example, in the devteam view). Therefore, I think we need to allow
users to change their username to whatever they want.

This shouldn't be a problem for the database integrity (since we aren't -- I
hope -- relying on usernames for any referential purposes, instead relying
either on user keys or the Google ID). Therefore it won't break anything if
a user changes their urlname. But we need to ensure that the name they are
changing to is unique, for URL purposes. Is this an acceptable change? I
think that should be in the milestone.

If so, I will amend bug #787454 to include changing the urlname as well.