Closed Bug 1131717 Opened 9 years ago Closed 9 years ago

remove username from UserProfile model

Categories

(Marketplace Graveyard :: Code Quality, defect, P3)

Product:
Marketplace Graveyard
Component:
Code Quality
Version:
Avenir
Platform:
x86_64
Windows 7
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
2015-03-03

People

(Reporter: eviljeff, Assigned: mat)

References

Details

(Whiteboard: [repoman]) 

Marketplace doesn't expose the 'username' field anywhere, and post FxA its just a hex number string anyway.  So lets change any code checking it to use email or id and remove it.
Priority: -- → P4
This is storing the user's FxA ID. username is misleading so perhaps we should rename the column instead. I don't think we want to expose this due to privacy concerns but I think it is worth tracking for when we add support for users changing their email address (or we already support this because we check the id and the user can change it through FxA, I'm not sure).
It seems confusing (and potentially risky) to have a mix of uses of username from AMO-era code, where it was user set and widely displayed; and username as FxA ID, which is a generated code and shouldn't be exposed at all.

I'm thinking the column should be renamed as you suggest and any inappropriate use changed to ID or email. The tricky part will be establishing where use is legitimate. Any suggestions?
https://github.com/mozilla/zamboni/commit/08fec7f7a5d5556f115eaf67bcf5f4fe47e4fcea changes many uses of username in the code (mainly tests) to email.
Bumping to P3 because I'll use this occasion to cleanup some old authentication code at the same time, and having old authentication code laying around makes me nervous :)
Assignee: nobody → mpillard
Priority: P4 → P3
Whiteboard: [repoman]
Status: NEW → ASSIGNED
Fixed in https://github.com/mozilla/zamboni/commit/16b5afdf956c10366af9d81a5617be1d5d1bbb1a

QA:
- Please check that logging in/out and creating a new user still works.
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2015-03-03
Logging in/out, creating a new user work as expected.
We haven't found other regressions regarding this issue (except Bug 1137678 which is now fixed)
Closing bug.
Status: RESOLVED → VERIFIED
Blocks: 1139188
This was partially reverted because we decided it would incur too much downtime in prod as is. The username column change takes about 3 minutes and during that time old Zamboni login code would be running and raising tracebacks.

Here is the patch (not on master) that reverted it so we can push without it: https://github.com/mozilla/zamboni/pull/2959

Here is a new bug to figure out a better way to push the change: bug 1139188
You need to log in before you can comment on or make changes to this bug.