When a user with a staff account updates their email to a non-staff account they retain their 'staff' group privileges. When a vouched non-staff user updates their email to a staff account Mozillians does not auto-add them to the staff group. When a non-vouched non-staff account updates their email to a staff account Mozillians does not auto-vouch their account nor are they added to the 'staff' group. Steps to reproduce: 1. with a staff account goto https://mozillians.allizom.org/user/edit/ 2. update email address to a non @mozilla.com domain 3. save changes Expected: The updated non @mozilla.com account should lose 'staff' group privileges Actual: The updated account remains retains the trusted 'staff' group.
I can re-produce this but I'm not sure if the previous behavior is the needed one. We have an conflicting request in bug 858327. Also relying just on email address to determine 'staff' status is not a complete solution, since we have mozillians with old profiles who are not staff anymore but never updated their entry, thus the still hold the 'staff' status. E.g. https://mozillians.org/en-US/u/limi/ Ideally we should hook mozillians with ldap and run a daily cronjob to update staff group. Thoughts? (note that re-saving your profile with current code, removes you from the 'staff' group. So this is definitely something we need to fix, I just want to find the best fix for it.)
Also related bug https://bugzilla.mozilla.org/show_bug.cgi?id=860498
I agree with comment 1: Staff group status should be based on canonical data, and I think email address in a Mozillians profile is one hop away from canonical. Bug 860498 is the place to solve this. Suggestion: WONTFIX
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → WONTFIX
QA verified WONTFIX - thanks Giorgos & Justin.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.