Users and Identity

As an Email Invitee, I should be able to enter User Values: That is, the owner should be able to send limited "invitations", that let you follow an individualized email link to authenticate you, but the authentication only lets you enter User Values.

Consider getting rid of the SpaceMembership table: This is one of the "fattest" tables in the system, being Identity x Spaces. Can we get rid of it in the new world?

Email Address should not exist on Person: Currently, the Person record (the view of an Identity in a Space) contains that Identity's email address. We are going to significant effort to hide that email address from end users. But it really shouldn't be there in the first place.

Emailed Notifications to me should probably carry identifying information for me: See below, but the high concept is that, if Users can have multiple Identities, then emailed Notifications should probably carry information about which Identity the Notification was intended for.

Handles can't include some reasonable letters: Pointed out by Ailís: she can't use that name (note the accent on the second i) for her handle.

I can define distinct Profiles, to control which Identities are visible when: This still needs design, but a number of folks have pointed out that having distinct identities is lovely, but I need to be able to define that, for instance, notifications about one's kinky private life shouldn't come up on my screen when I'm at work.

I should *not* be able to use email address format for a Display Name: If I can have an email address for my Display Name, that makes it too easy to impersonate somebody.

I should be able to associate Personal Properties with a non-Member: This is the trickier corollary of I should be able to manage properties on the Persons in my Space -- some of my Personal Properties should work even if we don't have a logged-in User.

I should be able to delete myself from Querki: We don't currently have a way to remove yourself from the system. In the modern world of GDPR, we clearly need to add that.

I should be able to determine the membership status of the current user: There are some hacks around this, but I don't think they are reliable.

I should be able to invite any Querki User into a Space, given their handle: Currently, you can only invite someone by handle if you are already in Spaces with them. I think this was for UI reasons: we aren't set up to be able to prompt for unknown handles, and probably shouldn't be. But if you know the exact handle, you ought to be able to invite anyway.

I should be able to keep nicknames / notes about other users: While Querki doesn't have as much of the "impenetrable handle" problem as LJ or DW, it does have at least some of that. So it would probably be worthwhile for me to be able to record how I know this Person.

I should be able to manage properties on the Persons in my Space: That is, I should be able to add Properties to the Person Model in my Space, and be able to easily use those Properties in the running of the Space.

I should be able to see my Outstanding Invitations: That is, on the Your Spaces page, I should see a list of invites I have been issued but haven't triaged.

Identities should no longer come from the System Shard: Now that we are potentially giving out Identities like water (especially in Shared Links / Open Invitations), we need to not be consuming the limited resource of ShardKind.System for them. They should come from the modern OID generators instead.

mainIdentity is a fundamentally broken idea: We're using the convenient concept of mainIdentity in more and more places in the code. But it really doesn't make sense -- if I have a FB login and a direct Querki login, which one is "main"? I suspect we're getting into trouble here.

Person doesn't show up as a Model that you can use: In particular, it doesn't show up in the Model Selector dialog, so there is currently no way to change a Person to a subclass. Since that's a useful feature, we should get it working again.

The User data structure could potentially leak Identity information: We pass the User trait to a number of subsystems, which is okay in principle, but that trait exposes the Identities for that User. This makes it too easy to accidentally compromise the Identity firewalls.

There should be a straightforward way to add custom fields to Person in this Space: This is probably still possible under the hood, but there is no good way to do it from the UI any more.

Users of a Space should have a Profile: Profiles / profile pages are ubiquitous on any sort of interactive website, for several good reasons: (1) if the site is remotely social, people want a sense of "who is this other user?" - creating a sense of community requires creating a sense of personhood. (2) websites very often want to present the user with relevant preferences.

When I join Querki through a Space invite, that Space doesn't get my Display Name: This isn't the end of the world, but it certainly isn't good.

_me cannot be used to ask "is this user a member of this Space?": It seems intuitively obvious that I should be able to look at _me and see if the current user is local or not. But that doesn't work, because _me throws a Warning, and there is no way to recover from it.

Accepting the Terms of Service doesn't appear to work: Discovered by Heather when she tried to sign up: she repeatedly tried to accept the Terms of Service, but it didn't work.

Attempting to sign up for Querki gets an RSOD: This is bug was caused by the recent clustering changes -- we have a bit of vestigial code that expects a PlayRequestContext where it's getting a RequestContext. That pathway needs to be fixed.

By default, Persons should be public: Currently, Person records are inconsistent -- the owner of the Space is public, but the members are all private.

I can change my Display Name in Querki: There currently is no way to change one's Display Name; there totally should be. (Changing handles is not necessarily allowed, and has a lot of consequences; changing Display Name should be safe.)

I should be able to easily test if a Member has a Role: Now that Roles are being used as, essentially, groups, we need to be able to test for group membership.

I should be able to get at the creator of a Thing: Requested by Eric, and now easy to implement.

I should be able to get the Members with a given Role: That is, in QL I should be able to access this.

I should be able to remove a member from my Space: This one's simply an oversight: the UI provides no way to boot someone out of a Space. While no screaming need for it has arisen yet, that will undoubtedly change before long, especially with Shared Links starting to be used more.

Newly-upgraded users don't get a Create a Space button!: When I upgrade one of my test users, the Create a Space button doesn't show up on the Your Spaces page! This must be fixed before Beta.

Querki shouldn't be treating email addresses as case-sensitive!: Currently, if you create your account with non-lowercase letters (Foo@Bar.com), that gets enforced pretty much forever -- if you try signing in as foo@bar.com, it won't work, because the encryption won't match. This is broken, since almost every system in the world treats email addresses as case-insensitive.

Reset password isn't working: Unclear what's going on -- the error message is vague -- but it doesn't seem to be working properly.

The Login Dialog should have the "forgot my password" link: That link exists only on the homepage, far as I can tell.