Opened 13 years ago
Closed 13 years ago
#123 closed enhancement (fixed)
Allow search by officers' list
| Reported by: | adehnert | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | Sometime |
| Component: | Reporting | Version: | |
| Keywords: | Cc: | ||
| Size: | tiny |
Description
Allow searching by officers' list (as opposed to bringing up the reporting interface and using browser search...). This means either ACLing its use to logged in users, or deciding we don't care about the fact that this would let dedicated people without Athena accounts figure out group officer lists. I think the latter would be fine...
Change History (2)
comment:1 Changed 13 years ago by adehnert
- Component changed from Core to Data export
comment:2 Changed 13 years ago by adehnert
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
Fixed in commit 7b00af896e2166a8d5a421b3e0f6077613eee4b0
Author: Alex Dehnert <adehnert@mit.edu> Date: Thu Mar 14 04:55:16 2013 -0400 Allow search by account number, officer list Both had privacy concerns, but I think they're fine: Account numbers (ASA-#122) can already be looked up, entirely unauthenticated, with the account lookup tool (https://asa.mit.edu/groups/account_lookup/). Exposing a search for exact account numbers on the search page too seems acceptable in this light. Officer lists (ASA-#123) are mostly public --- they're available to anybody with certs, they're on most groups' websites, and I believe we'd display them obfuscated to the whole world if we had obfuscation code. The possibility of somebody scraping the search page with progressively more refined search terms to get this data seems acceptable.