Ok, I am answering on the list, even though I think this is really part of the discussion of the issue.
On 23 May 2011, at 08:42, Reto Bachmann-Gmuer wrote: > I realize the issue isn't resolve yet so what I veto and ask to be > reverted is not the "proposed resolution" but "the commits made so > far". > > Reto > > On Mon, May 23, 2011 at 8:23 AM, Reto Bachmann-Gmür > <reto.bachm...@trialox.org> wrote: >> About: https://issues.apache.org/jira/browse/CLEREZZA-515, "ugly >> account name when logging into ZZ with a foreign WebID" >> >> A Veto the proposed resolution to CLEREZZA-515 for the following reasons: I'll answer your points below carefully. >> - WebId Users no longer show up in the usermanager. That is probably because the user manager is working on the notion of "user" as being only determined by zz:username string. The WebID user is identified with a URI on the other hand. He does not yet have a username, and may in fact never desire to have a local account on your machine. Imagine all the WebID robots that may just come and fetch a page from your machine, just because they are crawling a foaf file. Are you going to give account names to each of them? What account names? The only way you can do this is by giving ugly account names to all users - ie: mechanically generated ones. When some of these users then wish to have memorable names you will then have a problem of dealing with the legacy names they were given. >> this is a major >> regression as the usage p'attern currently known to me is as follows: >> my friends log-in with webid and the I go to user-manager and give >> them additional rights Yes, though that is not very satisfactory in a more distributed world (it is fine for closed worlds) for quite a number of reasons: 1. the account control panel only shows you a small set of information about that user. My guess is that it will just show the claimed username and something else. 2. It is not declarative enough. The better solution is to add the webids to your friends list, and then have rules such as "all friends of mine can do X" This is where I think we need to be moving towards in terms of access control. So then it remains to make it easy to add people to your friends list. This is why I have been developing the person browser Here is the view on Dan Brickeley https://bblfish.net:8443/browse/person?uri=http%3A%2F%2Fdanbri.org%2Ffoaf.rdf%23danbri Users that do have accounts on my machine, will see little buttons appear that will allow them in one click to add Dan as friends. That will then give Dan Access to all the things they allow their friends to access - without requiring Dan to have an account! >> - The Issue is about showing the name that is good looking, imho the >> foaf:Name would satisfy this requirement better than the WebId URI The issue is not just about the name that is displayed in the UserInterface. Of course a foaf:name can be put there. The issue is that the current solution also creates ugly account names, such as http://farewellutopia.com/user/http_bblfish.net_.../profile Account names should only be needed when people have decided to open a local account. >> >> - Even if I give all users permission to access the >> account-control-panel (selecting >> (org.apache.clerezza.platform.accountcontrolpanel.AccountControlPanelAppPermission >> "{username}" "") for the base-permission-role) Roaming Users no longer >> see the ACP. This is probably a problem that {username} is no longer >> supported. Yes, users without local accounts, don't have an account to look at. That is why I have been developing the ProfileViewer, so they can look at what we see of their profile as their home page, if they want. That page can then also ask them if they wish to create an account locally. That is the moment at which they can then choose the account name they prefer to have. That is an extra service that is easy to add. >> - The resolution goes far out of the scope of the issue. I have no >> strong opinion on whether the larger refactoring from using Subjects >> instead of the UserName is beneficial. I think I'd tend to postpone >> such a refactoring (if it turns out to be needed) to after the first >> release. BUT: even if I should conclude that the refactoring is needed >> or even urgent this should be in a dedicated issue and not in one that >> addresses the aesthetics of the shown account name ("ugly") I think this patch addresses the full aspect of account names. The initial description showed the place where that ugliness appeared. But this is in line with the rest of my work on the authentication in Clerezza related to WebID. >> >> I ask the changes to be reverted, and I volunteer that I then take >> over the issue. Perhaps it would be kind of you to trust me, as WebID Incubator Chair, having developed the concept for the last three years, having presented the concept at JavaOne initially, and so on... to give me a bit of trust in implementing the pieces that tie all of this together. Can you at least wait a few days so that others here on the list can try this out. I will put up a video showing how the pieces are meant to tie together and it will make a lot more sense. >> A solution to show the foaf:name (or atlernatively >> foaf:nick) on the top-right corner shouldn't take more than a patch >> of a couple of lines. I show on my wall at >> https://farewellutopia.com/public-wall that it is possible with >> existing infrastructure (the post show the foaf:name) to implement >> this. When I go there I still get the huge ugly name. But anyway, I don't doubt that you can replace it by a foaf:name. That is not the only issue that is being addressed here. >> >> Cheers, >> Reto >> Social Web Architect http://bblfish.net/
