Project

General

Profile

Idea #3153

Updated by Tom Clegg over 9 years ago

Currently, after logging in for the first time (and assuming the user has not been pre-activated), a new user is in the "not invited" state: "wait for us to activate your account". An admin gets notified, and clicks the "Setup user" button on the users>show>admin tab and assigns a username / repository name. 

 New behavior: If apiserver is configured to auto-invite, Not yet specified: 
 * Send the notification email How to the administrator as before 
 * Pick a pick username and repository (esp. when real name automatically (see below) 
 * Do the same stuff the "setup new user" admin button does now: 
 ** Add a repository 
 ** Give the user write access to the repository 
 ** Give the user login access to a shell VM (@auto_invite_vm_uuid@ config variable -- if false, skip this step) 
 ** Add the user to the "all users" group 
 * Do not send the "your account is now ready" email to the user during auto-invite. (It will be obvious!) 

 Pick username / repository name: 
 * has non-ascii characters): use ascii part of the e-mail address before the @ sign if unique. 
 * If not unique, add a number. Use this regular expression to sanitize the username:    
 ** @str.match /^[_.A-Za-z0-9][-\@_.A-Za-z0-9]*\$?$/@ 
 *    

   str.match /^[_.A-Za-z0-9][-\@_.A-Za-z0-9]*\$?$/ 

 If it is not already there, this should go into the repository model validation. 

 Sanity-checking * How to sanity-check login/repo names (e.g., arvados, git, gitolite-admin, root, syslog) 
 * 

 System login names are automatically excluded by the script that creates the shell users (it strips any logins that belong to users with ids < 1000). 
 * Also 

 We should blacklist these names : git, gitolite, gitolite-admin, arvados. Use the model validation. 

 Notes: 
 * Don't automatically re-setup users who have been unsetup by administrator 
 * Don't re-use existing repositories or shell accounts 

Back