Benoit Hamet wrote:
Hi all, .
<snip>
There is also applications::d2name , categories::d2name and
interserver::d2name.
I think it risky to rename the calls to only accounts::id2name - I
think it would be better to keep the "old" accounts::id2name - and
rather implement the new accounts::id2name as accounts::id2full_name
or something.
It hasn't been renamed. The old method accounts::id2name now returns
the user's fullname, and doesn't reveal the user's login id, which is
good security imho. If you already have the login id then you have 1
half of the puzzle for cracking an account. Some organizations have
policies on login ids others don't, which will also impact on benefit of
this change.
applications::d2name , categories::d2name and interserver::id2name are
uneffected by this change, as they return the relevant string for the
data type and it has no security implications.
The change in the string returned by accounts::id2name has been in HEAD
for months. The new accounts::id2lid is only for those cases where
internally we need the login id, which is very rare. As
accounts::id2name is used a lot for presenting username information in
the GUI, it is safest to change the functionality. Where there is a
need to for the login id, use accounts::id2lid, which can be changed
manually on a case by case basis.
It looks ok to me. AFAIU, there's no relationship between accounts and
categories or applications or interserver ? right ? so returning the
real full name in id2name for account, doesn't disturb anything ? Or did
I miss your point Sigurd ?
That is also how I understand it. (Unless you really want the username
(lid) for something).
For the record - it's ok by me.
Regards
Sigurd
_______________________________________________
Phpgroupware-developers mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/phpgroupware-developers
