Allow user to change account username #1130
Comments
|
Makes sense. We should apply as few limits as possible.
+1, agree low priority and enhancement
…On Fri, Mar 18, 2022 at 17:46 netravnen ***@***.***> wrote:
*Is your feature request related to a problem? Please describe.*
N/A
*Who is affected by the problem?*
N/A
*What is the impact?*
N/A
*Are there security concerns?*
N/A
*Are there privacy concerns?*
N/A
*Describe the solution you'd like*
Allow user to change their username the same way users are allowed to
change their E-mail address.
*Do you think this feature will require a formal design?*
No.
Changing an account username is somewhat normal to allow. Albeit with a
built-in rate-limit of how often a username can be changed to avoid users
'just' changing their username willy-nilly. (e.g. once every 30/60/90/180
days)
*Describe alternatives you've considered*
N/A
*Could this feature request need support from the Admin Committee?*
@peeringdb/ac <https://github.com/orgs/peeringdb/teams/ac> could
optionally provide input, yes. E.g. how many cases per year where users
request their username changed. (I suspect many users are oblivious to this
possibility existing, since it requires a ticket to AC. Plus this
possibility is not mentioned in the Docs as of today)
*What is the proposed priority?*
not urgent
*Provide a rationale for any/all of the above*
Allow users to change their username if changing companies/departments.
This is relevant for *any* user who used their E-mail address as their
username, too. Since this is two different fields in the database.
*Additional context*
We should expose this option at https://peeringdb.com/profile, along with
1. change E-mail and 2. change password.
[image: image]
<https://user-images.githubusercontent.com/1938389/159086684-9544b21b-d302-45ee-9fb6-8cfda0414842.png>
—
Reply to this email directly, view it on GitHub
<#1130>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFA2YQX62BGPDQF4FEKFMD3VAT2TBANCNFSM5RC7J2UQ>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
|
+1, and now limits |
|
+1 |
arnoldnipper
changed the title
|
There should be very few limits. The seven FCC dirty words is the only limit I would support since users know best how and what they want their usernames to be. And only to maintain a level of decorum. There should be no opportunity or responsibility of the admin committee to apply subjective opinions on usernames. |
|
I don't think there should be any limits, there aren't now. I might agree on a limit to period between changes, but what difference does it make really? The username isn't exposed anywhere that I can think of except authorized OAuth applications. |
|
Im just pandering to the opposition. If there is none Im on board. I
would like to consider the decorum argument, but Id interconnect with
username: fukboi if it mattered to me business wise. $0.02
…On Sat, Mar 19, 2022 at 21:30 Matt Griswold ***@***.***> wrote:
I don't think there should be any limits, there aren't now.
I might agree on a limit to period between changes, but what difference
does it make really?
The username isn't exposed anywhere that I can think of except authorized
OAuth applications.
—
Reply to this email directly, view it on GitHub
<#1130 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFA2YQXD2VDP63N5ITNW45DVAZ5UJANCNFSM5RC7J2UQ>
.
You are receiving this because you were assigned.Message ID:
***@***.***>
|
Why do you want to put a limit on the period between changes? I can't see any reason. |
|
I was responding to the initial report, I can't think of a reason that we'd need to. |
|
malicious abusers attempting to suck resources? |
|
I’m onboard with abuse concerns. How does username change allow resource
abuse and at what scale? Wolf or kippy kat?
Thanks
…-M<
On Mon, Mar 21, 2022 at 16:27 Peter Helmenstine ***@***.***> wrote:
malicious abusers attempting to suck resources?
—
Reply to this email directly, view it on GitHub
<#1130 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFA2YQUF564HDDT23AL5OFTVBDLR3ANCNFSM5RC7J2UQ>
.
You are receiving this because you were assigned.Message ID:
***@***.***>
|
I don't see this attack vector. Username changes can't really be automated as you will have to approve this change via email. |
|
There are already global and granular API limits to protect resources as well, FWIW. |
|
Im +1 but encourage the decorum discussion.
…On Mon, Mar 21, 2022 at 19:27 Matt Griswold ***@***.***> wrote:
There are already global and granular API limits to protect resources as
well, FWIW.
—
Reply to this email directly, view it on GitHub
<#1130 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFA2YQXETNZQK4UWBLSHJDDVBEAUVANCNFSM5RC7J2UQ>
.
You are receiving this because you were assigned.Message ID:
***@***.***>
|
|
summary
|
vegu
added a commit
that referenced
this issue
Jan 17, 2023
vegu
added a commit
that referenced
this issue
Jan 17, 2023
Allow user to change account username #1130 See merge request gh/peeringdb/peeringdb!341
Merged
grizz
added a commit
that referenced
this issue
Jan 18, 2023
* Carrier object implementation #909 * API keys: disabling of user account by a PeeringDB admin does not disable access via a User API key. Also no disable mech, only revoke. #1140 * Ops: django needs lightweight healthcheck route that confirms database connectivity #1284 * Ops: various indexes are needed #1285 * API requests with invalid Authentication headers should notify users in some way. #1220 * Allow user to change account username #1130 * UX to remove carriers from facilities more inline the other similar UX * more UX fixes for removing carriers from facilities * Cache hints are needed for optimal CDN use #970 * fixes Commandline tool "Run command" button gone #1278 * RIR status gets deleted when changes are made to the network #1279 * Improve MTU field #658 * CSRF cookie not set error from email confirmation view #1296 * expose CSP_CONNECT_SRC * fix confirm email path checking in session middleware * Ops: Emails to OPERATIONS_EMAIL need to be rate-limited #1282 * add website field to carrier ux * website field on carrier optional with org fallback * linting * add *.google-analytics.com to CSP_CONNECT_SRC * poetry relock * fix issues with confirm-email reverse during session creation validation * fix tests * fix tests * pin django-peeringdb to support_202211 * linting * django ratelimit to <4 * regen docs * fix automated net stats to only include networks with status `ok` #1283 * linting * poetry lock Co-authored-by: Matt Griswold <grizz@20c.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
N/A
Who is affected by the problem?
N/A
What is the impact?
N/A
Are there security concerns?
N/A
Are there privacy concerns?
N/A
Describe the solution you'd like
Allow user to change their username the same way users are allowed to change their E-mail address.
Do you think this feature will require a formal design?
No.
Changing an account username is somewhat normal to allow. Albeit with a built-in rate-limit of how often a username can be changed to avoid users 'just' changing their username willy-nilly. (e.g. once every 30/60/90/180 days)
Describe alternatives you've considered
N/A
Could this feature request need support from the Admin Committee?
@peeringdb/ac could optionally provide input, yes. E.g. how many cases per year where users request their username changed. (I suspect many users are oblivious to this possibility existing, since it requires a ticket to AC. Plus this possibility is not mentioned in the Docs as of today)
What is the proposed priority?
not urgent
Provide a rationale for any/all of the above
Allow users to change their username if changing companies/departments. This is relevant for any user who used their E-mail address as their username, too. Since this is two different fields in the database.
Additional context
We should expose this option at https://peeringdb.com/profile, along with 1. change E-mail and 2. change password.
The text was updated successfully, but these errors were encountered: