retaining names of contributors/logging info
22 views
Skip to first unread message
David Dwiggins
Feb 23, 2012, 11:38:01 AM2/23/12
to ResourceSpace
I just noticed that as the system is currently set up, resources are only tied to their creators using a numeric index. If an administrator deletes an account, the numeric link is broken and there is no longer any record of who created the resource. IE, the system still knows that User ID 157 create a resource on May 25, but it no longer has any record of who user 157 was.
I think the solution is to never truly delete accounts, but instead set them to a deleted status that removes them from the UI and prevents their use. This would allow the logging and ownership features to still correctly pull the name of the original uploader from the archives user list.
I can probably spend some time on this at some point, but I wanted to float the idea and see if anyone had thoughts.
-David
I think the solution is to never truly delete accounts, but instead set them to a deleted status that removes them from the UI and prevents their use. This would allow the logging and ownership features to still correctly pull the name of the original uploader from the archives user list.
I can probably spend some time on this at some point, but I wanted to float the idea and see if anyone had thoughts.
-David
Tom Gleason
Feb 23, 2012, 11:39:15 AM2/23/12
to resour...@googlegroups.com
That sounds good to me.
> --
> You received this message because you are subscribed to the Google Groups
> "ResourceSpace" group.
> To post to this group, send email to resour...@googlegroups.com.
> To unsubscribe from this group, send email to
> resourcespac...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/resourcespace?hl=en.
--
Tom Gleason
Vice President, Engineering
Colorhythm LLC
http://www.colorhythm.com
Main Office: +1 415-399-9921
Fax: +1 253-399-9928
Mobile: +1 347-537-8465
Jeff Harmon
Feb 23, 2012, 12:50:34 PM2/23/12
to resour...@googlegroups.com, ResourceSpace
Is there a privacy issue here? You're suggesting that a user would never be able to remove their name from the system.
Jeff
--
Jeff Harmon
Chief Executive Officer
--
David Dwiggins
Feb 23, 2012, 12:59:30 PM2/23/12
to resour...@googlegroups.com
I think if the resource is still there, the information on who submitted it should also still be there. Otherwise there is no way to tell the source of an item. I can't say for sure about other use cases, but in the Library/Archive/Museum world the provenance of an item (where it came from) is considered to be a key piece of information that should always remain associated with it.
Keep in mind that presently there is no way for users to delete their own accounts anyway. The only way for this to happen is for an administrator to delete the account, probably just to remove access to the system. Most administrators doing this probably don't realize that they are also inadvertently deleting metadata from tens, hundreds, or even thousands of existing resources.
Looking at this another way, I also see this as correcting a bug in the system. Currently there is a referential integrity error in the database where the system is retaining a foreign key while deleting the referenced primary key. This is just bad database practice. If the intent is really to wipe out all information on who contributed the resource when the administrator deletes the account of a user who has left the organization, then it should really also remove the data from the resource and log tables. I don't think this would be a good idea, but if it indeed is the intent, we should at least do it right!
We could build a switch in to make this behavior configurable, but if we're going to add that complexity to it I'd be interested in hearing real-world cases as to why it's necessary first...
-David
Keep in mind that presently there is no way for users to delete their own accounts anyway. The only way for this to happen is for an administrator to delete the account, probably just to remove access to the system. Most administrators doing this probably don't realize that they are also inadvertently deleting metadata from tens, hundreds, or even thousands of existing resources.
Looking at this another way, I also see this as correcting a bug in the system. Currently there is a referential integrity error in the database where the system is retaining a foreign key while deleting the referenced primary key. This is just bad database practice. If the intent is really to wipe out all information on who contributed the resource when the administrator deletes the account of a user who has left the organization, then it should really also remove the data from the resource and log tables. I don't think this would be a good idea, but if it indeed is the intent, we should at least do it right!
We could build a switch in to make this behavior configurable, but if we're going to add that complexity to it I'd be interested in hearing real-world cases as to why it's necessary first...
-David
Tom Gleason
Feb 23, 2012, 1:04:57 PM2/23/12
to resour...@googlegroups.com
Agreed with David. It's more of a bug-fix, and then any worry about
whether user information should exist would be an additional
consideration.
whether user information should exist would be an additional
consideration.
--
Tom Gleason
Vice President, Engineering
Colorhythm LLC
http://www.colorhythm.com
Main Office: +1 415-399-9921
Fax: +1 253-399-9928
Mobile: +1 347-537-8465
Jeff Harmon
Feb 23, 2012, 1:12:39 PM2/23/12
to resour...@googlegroups.com, resour...@googlegroups.com
I know that on more apparently socially centered platforms such as Facebook and Tribe.net, etc., when a user leaves, the references to that user's contributions become empty, eg "Facebook User" or "Deleted account" or something. This is done to allow users the ability to truly leave a platform. Am I right?
DAMs are not the same, but are they that different?
I got everyone's finer point about fixing the bug and being consistent. I agree.
But I'm curious how this should behave. For example, should a user be allowed to delete their own account? Should there be an option to remove all references as well? I lean toward yes on both.
Best,
Jeff
--
Jeff Harmon
Chief Executive Officer
Colorhythm LLC
http://www.colorhythm.com
Main Office: +1 415-399-9921
Fax: +1 253-399-9928
Mobile: +1 510-710-9590
David Ehnebuske
Feb 23, 2012, 4:01:14 PM2/23/12
to ResourceSpace
It seems to me that there are two concepts that could usefully be
separated in this discussion. To me, the notions of an RS user account
and the creator of a resource in RS are conceptually different. One is
an RS access control and logging construct that's associated at any
given point in time with a person and the other is a person. Granted,
when a resource gets created in RS the person associated with a
specific user account creates it, but -- as this discussion points out
-- it's not so clear what should happen when the association between
the RS account and the person changes. Ideally, I think, what happens
should depend on the policy of the RS instance.
Some RS instances might want the resource creator to be tied forever
to a particular user account. Others might want the creator to be tied
forever to the person who had the account at the point of creation.
Others still might want the resource to be tied to a creator only so
long as the user account exists and then to no creator at all. No
doubt there are other sensible policies.
Perhaps it would be possible to separate the idea of "user account"
from the idea of "person" in the RS data model? Doing so would enable
(with more work, of course) many different policies.
Just a thought.
David Ehnebuske
On Feb 23, 1:12 pm, Jeff Harmon <jeffreyhhar...@gmail.com> wrote:
> I know that on more apparently socially centered platforms such as Facebook and Tribe.net, etc., when a user leaves, the references to that user's contributions become empty, eg "Facebook User" or "Deleted account" or something. This is done to allow users the ability to truly leave a platform. Am I right?
>
> DAMs are not the same, but are they that different?
>
> I got everyone's finer point about fixing the bug and being consistent. I agree.
>
> But I'm curious how this should behave. For example, should a user be allowed to delete their own account? Should there be an option to remove all references as well? I lean toward yes on both.
>
> Best,
> Jeff
>
> --
> Jeff Harmon
> Chief Executive Officer
> Colorhythm LLChttp://www.colorhythm.com
> jhar...@colorhythm.com
> >> On Thu, Feb 23, 2012 at 12:50 PM, Jeff Harmon <jeffreyhhar...@gmail.com>
> > tglea...@colorhythm.com
separated in this discussion. To me, the notions of an RS user account
and the creator of a resource in RS are conceptually different. One is
an RS access control and logging construct that's associated at any
given point in time with a person and the other is a person. Granted,
when a resource gets created in RS the person associated with a
specific user account creates it, but -- as this discussion points out
-- it's not so clear what should happen when the association between
the RS account and the person changes. Ideally, I think, what happens
should depend on the policy of the RS instance.
Some RS instances might want the resource creator to be tied forever
to a particular user account. Others might want the creator to be tied
forever to the person who had the account at the point of creation.
Others still might want the resource to be tied to a creator only so
long as the user account exists and then to no creator at all. No
doubt there are other sensible policies.
Perhaps it would be possible to separate the idea of "user account"
from the idea of "person" in the RS data model? Doing so would enable
(with more work, of course) many different policies.
Just a thought.
David Ehnebuske
On Feb 23, 1:12 pm, Jeff Harmon <jeffreyhhar...@gmail.com> wrote:
> I know that on more apparently socially centered platforms such as Facebook and Tribe.net, etc., when a user leaves, the references to that user's contributions become empty, eg "Facebook User" or "Deleted account" or something. This is done to allow users the ability to truly leave a platform. Am I right?
>
> DAMs are not the same, but are they that different?
>
> I got everyone's finer point about fixing the bug and being consistent. I agree.
>
> But I'm curious how this should behave. For example, should a user be allowed to delete their own account? Should there be an option to remove all references as well? I lean toward yes on both.
>
> Best,
> Jeff
>
> --
> Jeff Harmon
> Chief Executive Officer
> jhar...@colorhythm.com
> >> wrote:
>
> >>> Is there a privacy issue here? You're suggesting that a user would never
> >>> be able to remove their name from the system.
>
> >>> Jeff
>
> >>> --
> >>> Jeff Harmon
> >>> Chief Executive Officer
> >>> Colorhythm LLC
> >>>http://www.colorhythm.com
>
> >>> Main Office: +1 415-399-9921
> >>> Fax: +1 253-399-9928
> >>> Mobile: +1 510-710-9590
>
> >>> jhar...@colorhythm.com
>
> >>> Is there a privacy issue here? You're suggesting that a user would never
> >>> be able to remove their name from the system.
>
> >>> Jeff
>
> >>> --
> >>> Jeff Harmon
> >>> Chief Executive Officer
> >>> Colorhythm LLC
> >>>http://www.colorhythm.com
>
> >>> Main Office: +1 415-399-9921
> >>> Fax: +1 253-399-9928
> >>> Mobile: +1 510-710-9590
>
John HOLMES
Feb 23, 2012, 9:19:24 PM2/23/12
to resour...@googlegroups.com
Perhaps the resources could change "ownership".
We have implemented a customization that allows the current owner to change the ownership.
Our use case is AV dept will film events at our school, but have no idea what meta data to include about the event. They therefore film, upload and then change ownership to requestor who can now manage the resource.
In our case managing means if an item is flagged as inappropriate the owner gets notification (as well as admin), and when a comment is left the owner is also notified.
So when an account is to be deleted, a decision could be made about what resources remain and ownership is changed. This is what happens with a Google Apps account when a member leaves. The admin can change ownership of docs from one user to another.
mrpatulski
Feb 23, 2012, 9:53:00 PM2/23/12
to resour...@googlegroups.com
@John: WordPress does something similar when a user account is deleted--you can reassign the content to a new user or you delete the user AND owned content
Reply all
Reply to author
Forward
0 new messages