Make favorites in the favorites application private

There is a big caveat with the Favorites Application: the favorites of anyone is world-readable because favorites are stored in user profiles ( Loading... ).

After discussion, here’s a new proposal:

  1. Move favorites in a XWiki.USERNAME.MyFavorites page
    • world-readable by default
    • the user can change this by setting view rights on the page
  2. Same, but at Favorites.Users.USERNAME

Migration:

  1. A code runs whenever the extension is updated to move the favorites from the user profiles to the dedicated page
  2. the migration is manual and done in an administration section
  3. the favorites are lazily migrated to the dedicated page when the user adds or removes a favorite.

Former proposal :


  1. I would like to make them private. This is a breaking change.

Storage:

  1. I was thinking of storing favorites in a sub space of the Favorites application, each user would have their favorites each in their own page, with rights set such as only the user can read it.

Migration:

  1. A code runs whenever the extension is updated to move the favorites from the user profiles to the dedicated page
  2. the migration is manual and done in an administration section.

Maybe later we could add a public favorites feature if the need arises.

WDYT?

cc @acotiuga

hmmm I like that favorites are public. I don’t think we should loose this. It’s also more in line with the collaboration idea and the wiki way.

So -1 to make them private by default.

I’d look more into the possibility to make them private by setting permissions. BTW isn’t it already possible to set a permission on the user profile?

Thx

BTW you didn’t explain why.

Wouldn’t it break a lot of things?

BTW you didn’t explain why.

Yes indeed. I was under the assumption that when you favorite pages, it’s for yourself and not others, and maybe if you want to share a list of pages, you should create a regular page with links.

The favorites application doesn’t currently have any UI to share favorites, the world-readable aspect seems like a accident as-is.

Now, I’m not opposed to make this obvious and intentional.

It’s already supported AFAIK and we’ve seen several organizations who don’t want to share user profiles and are setting rights on the user profile pages.

See https://snippets.xwiki.org/xwiki/bin/view/Extension/Initialize%20rights%20of%20user%20profiles/ for example.

I also think it’s for yourself (as a first basis), but it doesn’t mean you don’t want others to see them. For ex, there are plenty of apps on the internet that allows you to share your favorite books, your favorite music, etc.

I don’t know how the app is coded but one idea would be that the My Favorites tab in the user profile displays content located in a separate myfavorites page on which users could set rights (a page under the user profile maybe). Then, the my favorites tab would display a message if the current logged in user doesn’t have view rights on that myfavorites page. That would allow to make private just the favorites part and not the full user profile.

Note: There are discussions of where we’d put personal pages (see Personal Pages feature ) and under the user profile is a logical location. But I guess that could still work by having a sublevel.

For ex if you’re viewing the Admin user profile:

  • http://localhost:8080/xwiki/bin/view/XWiki/Admin/Favorites → My favorites
  • http://localhost:8080/xwiki/bin/view/XWiki/Admin/Personal → Personal Pages

Now this is probably overkill, and we just need a configuration parameter in the user profile, displayed in the My Favorites tab, above the favorites list, to decide if favorites are viewable by others or not. And then just have a check in the display of favorites.

WDYT?

Thx

I like this idea of putting a MyFavorites page under XWiki.XXX that the user would them decide to make public or not, thanks!

I’ll need to think more about this.

@vmassol, all, I added option 10:

Move favorites in a XWiki.User.MyFavorites page

  • world-readable by default

  • the user can change this by setting view rights on the page

We’d still need to choose between 3 and 4, or the new 5 for the migration.

ok cool. I’m a bit worried about the creation of a page under the user profile as it’s the first time we’d be doing this.

If you want to go that way, I’d ask the other devs too what they think, as a generic concept.

Re migration I have no idea. I guess step 3 is nicer if done right.

Thx

Technically, there can be no page “under” the user profile as user profiles are terminal pages. So those pages won’t be in any relation to the user profile, they’ll just happen to be in a space with the same name. Unfortunately, this has all the same disadvantages as a page in a separate space, for example that renaming the user won’t rename the space.

As much as I would like to have user profiles as non-terminal pages, I fear that’s not possible/realistic.

So I fear it’s not really a good idea to start introducing user spaces, I think the “page with user’s name in the application’s space” approach is the better solution.

Is it a technical problem that user profiles have to stay terminated? Or is it because of to many code that relies on those terminated user pages today?

Backward compatibility for sure. We have a lot of code trying to find users at XWiki.USERNAME instead of XWiki.USERNAME.WebHome.

See Personal Pages feature which points to https://design.xwiki.org/xwiki/bin/view/Proposal/PersonalPages which has some info