Dear Mark and companions,
somehow I can not cope with the user management... (I am running a venv-installation, latest stable versions)
I read this manual: https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/rest/docs/u... and played with the RestAPI calls...
I know about the fine grained differences between user and member, admin/owner, superuser... and about the two user databases in PostgreSQL and Django-Framework.
What I stumble upon is the RestAPI calls to create a "working" user (with the ability to login via WebUI). When I follow the manual (from the url above) I create a user (including password) that appears in the PostgreSQL database. (And this user is visible on the User-URL (https://example.com/mailman3/users)) Even when I (via WebUI) set the user as "approved" this user is not able to log in... I assume this restriction is in accordance to the fact that there is not equivalent Django user. (There was a mail in the archive of the MM3 user group...stating that one has to use the Django RestAPI to create the appropriate user)
When I create the user using the WebUI (https://example.com/accounts/signup/?next=/mailman3/lists/) the new user is created in the right (complete) way...appearing in the PostgreSQL database and as a user in Django. How is this sync between the two databases realized? (The Django user also has the correct status (no staff status / no superuser status / just active status) how is this realized?)
As I am not very familiar with python programming (I know Perl/Java/C++ and have an (maybe outdated) concept of OOP), is there a quick way to implement this kind of sync by copying the register logic from mailman's python action script for registering?
Other questions: Will there be a create_admin_user-script that is callable via CLI (like createsuperuser or create_list)? (This script ought create a user in PostgreSQL and as Django user)
How will a social account provider (like oidc) linkage (in Django) fit in this concept? Will oidc-accounts be copied to the Django's user database (or PostgreSQL db) or is it an on-the-fly check against the oidc-provider? (I assume second option) What are the status-flags (staff status/superuser status/active status) of the linked oidc-accounts? (Can I specify the status flags?)
A conceptual thought: When "user1" (with email user1@example.com) is known to django via oidc linkage and I create "user1" (also with email user1@example.com) via RestAPI calls (following the url https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/rest/docs/u...) do I have a "complete" user then? I mean a user who is able to login and who can be assigned to a list as admin (e.g.) (In this case I would not have to care about the Django user database... ;-))
Thank you for some clarifying hints... :-)
Chris