local juju users: bob vs bob at local
Tim Penhey
tim.penhey at canonical.com
Fri Oct 16 04:18:07 UTC 2015
On 10/10/15 02:41, roger peppe wrote:
> We've been working on adding external user support to juju
> and a discussion arose from a throwaway comment on the
> IRC channel:
>
> "The difference between Canonical() and Id() seems confusing to me"
>
> The comment referred to two names.UserTag methods
> (defined in the package github.com/juju/names
> <http://github.com/juju/names>).
>
> The Canonical method (†) returns the "canonical" form of
> a user always with an @ symbol. For example bob at local (a local user),
> bob at somewhere (an external user).
>
> The Id method returns whatever id the UserTag was created with, which
> preserves a basic invariant of the Tag interface - NewUserTag(x).Id() == x
> for any valid user id x.
>
> It seemed to us that the reason for the confusing Canonical method
> was entirely because we have two alternative spellings
> for a local user, "bob" and "bob at local".
>
> As a solution to this, we propose that there be exactly
> one spelling of a local user - plain "bob", and
> that *any* username with an @ domain should be considered
> to be external.
>
> If we do this, there is no need for a Canonical method
> because every user name is inherently in canonical form.
> That is, there is no way to get it wrong.
>
> It is also consistent with the way that user names are currently stored
> in the database - they are stored without the @local suffix,
> and we will soon want to store information about external
> users in the same database, so using the above suggested
> canonical form means that no database migration is necessary.
>
> We believe that this is also a very intuitive model:
>
> */ /A username is external if and only if it has an /@domain/ suffix.*
>
> We have a working feature branch with this change applied,
> but we'd be grateful for any feedback on the proposal.
>
> cheers,
> rog.
When I first added the local vs. non-local user interaction, the desire
was to have one way for users to look.
user at doman seemed logical.
I agree that "user@<anything>" is external and "user" is local is an
intuitive approach (that feels so simple I feel a bit stupid for not
thinking this was a good enough approach earlier).
This is also then easy to explain, and no more "@local" special casing.
So +1 from me.
> (†) until this morning, this was named Username, but we
> changed it because we found the fact that Username()
> doesn't return a string that satisfies IsValidUserName
> somewhat confusing.
This had bothered me for a while, but not enough to change it :-)
Thanks for your time and thought on this.
Tim
More information about the Juju-dev
mailing list