On 1/28/22 00:58, dave--- via Mailman-users wrote:
The concept of a Django user sounds like the big thing I was missing
now that is something that i wanted to get clarifified in the context of my "getting all registered users" question as well.
i'm afraid i still do not fully understand which types of "users" there are.
afaics, there are three different types:
- django users this is what get's listed under <https://lists.mailman3.org/admin/auth/user/>
- mailman accounts this is what is created when you visit <https://lists.mailman3.org/accounts/signup/>
- email addresses this is what is created when i subscribe to a list *without* having an account. e.g. via the "Subscribe" button on <https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/>
afaiu, (multiple) "email addresses" can be associated with a single "mailman account" (but this is strictly optional). if an "email address" is first used to subscribe to a list without a mailman account, and later a mailman account is created with that very email address, they get automatically associated. a single "email address" cannot be associated with more than one "mailman accounts". i think i got this one right (as it seems pretty straightforward).
what i don't fully grasp yet is the relation between "django users" and "mailman accounts". intuitively, i would have thought that they are identical.
now mark wrote:
a Django user, which is distinct from a Mailman user. The users you added via the web API are Mailman users, but in order to access their lists via the web UI they have to
sign upto create a Django account.
that seems to indicate, that a "django user" is a (strict) superset of a "mailman account". you (as admin) can create "mailman accounts" via the web API¹, but they are only expanded to "mailman accounts" if you (as user) go through the "Sign Up" process. otoh, if you create an initial "django user" by signing up, you automatically create a "mailman account".
so are the two distinct concepts that are just associated via some common property (e.g. the email address), or is there some intrinsic relationship between the two (e.g. parent-child inheritance relationship)?
so my recent experiment (comparing the output of
<https://lists.example.com/admin/auth/user/> with that of [u for u in getUtility(IUserManager).users]) indicates that they are indeed
distinct objects that *can* be associated with each other.
could you please clarify this?
so why am i interested in this? "users" are often associated with some capabilities/powers (which can of course be exploited) it makes me rather uneasy to not understand the core permission model.
also (as indicated in my original mail), i'm running mailman3-3.2.1, a rather outdated version, on Debian/buster (an outdated Debian release as well). i would like to upgrade rather sooner than later. otoh, just recently there was a thread on how upgrading a Debian-based mailman3 installation (from buster to bullseye, just like what i plan to do) can go wrong. if things do go wrong, i would rather like to understand where they go wrong, so i'd like to prepare myself :-)
fmdsf IOhannes
¹ totally OT, but thanks: finally somebody who calls it "web API" rather than just "API" as if there was no non-RESTful world.