[user changed email address] changing an address from a staff account to non-staff shouldn't retain staff privileges

VERIFIED WONTFIX

Status

VERIFIED WONTFIX
5 years ago
5 years ago

People

(Reporter: mbrandt, Unassigned)

Tracking

Details

(Whiteboard: [kb=1126918] [stage], URL)

(Reporter)

Description

5 years ago
When a user with a staff account updates their email to a non-staff account they retain their 'staff' group privileges.

When a vouched non-staff user updates their email to a staff account Mozillians does not auto-add them to the staff group.

When a non-vouched non-staff account updates their email to a staff account Mozillians does not auto-vouch their account nor are they added to the 'staff' group.

Steps to reproduce:
1. with a staff account goto https://mozillians.allizom.org/user/edit/
2. update email address to a non @mozilla.com domain
3. save changes

Expected:
The updated non @mozilla.com account should lose 'staff' group privileges 

Actual:
The updated account remains retains the trusted 'staff' group.
I can re-produce this but I'm not sure if the previous behavior is the needed one. We have an conflicting request in bug 858327. 

Also relying just on email address to determine 'staff' status is not a complete solution, since we have mozillians with old profiles who are not staff anymore but never updated their entry, thus the still hold the 'staff' status. E.g. https://mozillians.org/en-US/u/limi/

Ideally we should hook mozillians with ldap and run a daily cronjob to update staff group. 

Thoughts?

(note that re-saving your profile with current code, removes you from the 'staff' group. So this is definitely something we need to fix, I just want to find the best fix for it.)
Whiteboard: [stage] → [kb=1126918] [stage]
I agree with comment 1: Staff group status should be based on canonical data, and I think email address in a Mozillians profile is one hop away from canonical. Bug 860498 is the place to solve this. 

Suggestion: WONTFIX
(Reporter)

Comment 4

5 years ago
Agreed .. bumping to wontfix per comment 1 and comment 3.
(Reporter)

Updated

5 years ago
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → WONTFIX
(Reporter)

Comment 5

5 years ago
QA verified WONTFIX - thanks Giorgos & Justin.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.