Good discussion. I'm on vacation, and haven't been able (or willing, heh) to participate much in this discussion. A few points from my perspective:
I completely understand that :-). Luckily this is not a pressing issue.
- Author names, timestamps, etc. are metadata in my opinion, and should be stored that way. This implies that we should be storing user IDs. The nice thing about using IDs that if the login/wiki name changes, the current name will be displayed. If IDs were also stored for past revisions, there won't be any problems understanding who the person is, because it will always reflect the current name. This would eliminate the "snapshot" issue Janne raised. I am not a Sarbox expert -- and it should not drive our thinking. But "normalizing" user references (using IDs and not names) is just good programming technique, IMHO.
Well, the "id" can be anything. Typically, in a database, this is an integer because of performance reasons. JCR does not care, and the ID can be anything we like - even something human-readable, like the actual *login name* of the person. Or (a thought just popped to my head) the original login name.
I think I would prefer this solution. JCR design patterns clearly discourage the use of IDs as such (preferring references), and this solution will give us both a human-readable name for import/export, which is at the same time an unique, unchangeable identifier.
If we still want to enable people changing the loginname, we can add a trace of all the login names that have been changed - or have a "current" loginnname.
I think we should choose UID as an arbitrary string, and choose the initial value of the string to be the login id. This also protects automatically against anyone who tries to re-register an existing ID.
- ACLs, in the future, will need to persist identity references as IDs. We need to move ACLs out of page markup anyway, because it's really metadata and not page content. This should be pretty easy to migrate, ideally at startup. For user input and display purposes, of course, we should always allow users to view and edit ACLs using plain old user names, roles and groups.
This is obvious. We can have a way better ACL editor...
- For those who are curious (Terry?), we already change user names in ACLs when the person's login/wiki name changes. So if Terry decides to change his wiki name from TerryS to Terry, all ACLs that contain "TerryS" will be chanced correctly.
This is obviously not good, because it will cause changes in all pages, even though it was something else which changed.
/Janne
