The default registration method is to allow anyone to register a new
account. However, it's not moderated, as you know. That's something
that could be accomplished by unsetting the 'active' flag on the User
entry in the database, which an auth backend could certainly do. So,
short term, if you wanted you could probably just create a new Django
auth backend and tell Review Board to use it. I'm working on
documentation on how to create these and use them, and have some plans
for making it easier to work with them in 1.6.
What you also probably want is some notification on newly registered
users. The auth backend could potentially do this too.
So, if you want to get going fast, that's probably what you should do.
However, one option we could add is to have a new option in
Authentication Settings for "Require approval for new accounts" or
something to that effect. When checked, new accounts would be set
inactive by default, and an e-mail would go out to the admins of the
site (or some other preconfigured address). The admin would then just
need to go into the admin UI and set them active.
Does that sound about what you'd want? You mentioned the permission
groups, but those aren't really used anywhere but the admin UI (with
the exception of a couple special permissions for allowing users to
post on behalf of other users, mainly for post-commit hooks).
Christian Hammond - chip...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com
On Fri, Nov 26, 2010 at 10:10 AM, Oz Linden (Scott Lawrence)
> Is it possible to configure reviewboard so that
> Accounts can be created by anyone
> Those accounts cannot create reviews or post comments until they have been
> manually added to the appropriate Permission Group?
> I'm setting up a system to be used by the Second Life Viewer open source
> project, and would prefer not to have to create accounts for people by hand,
> but would like to have some control over who can add content.
> Not incidentally, I'm very interested in the OpenID support that is listed a
> possible addition in 1.6 and have an OpenID provider that I can make
> available for testing if/when someone wants to work on this for
> These two things are not unrelated - if accounts are defined externally,
> having a permission that governs use of the service seems important.
> Want to help the Review Board project? Donate today at
> Happy user? Let us know at http://www.reviewboard.org/users/
> To unsubscribe from this group, send email to
> For more options, visit this group at
Want to help the Review Board project? Donate today at
Happy user? Let us know at http://www.reviewboard.org/users/
To unsubscribe from this group, send email to
For more options, visit this group at