Feature Proposal: getEffectiveUser() and getRealUser() in TWiki::Users

Motivation

When user masquerading is in action, you may need to get the effective user and real user.

Description and Documentation

TWiki::Users will have getEffectiveUser($cUID) and getRealUser($cUID) methods, which return the effective and real canonical UIDs respectively while user masquerading is in effect.

Those methods check if the user handler for $cUID has getEffectiveUser() and getRealUser() methods. If those methods exist, they are called and the result is returned. Otherwise, $cUID is returned.

Examples

Let's assume

• The user mapping handler supports TWikibug:TWiki.UserMasquerading.
• JaneSmith is masquerading as JoeSchmoe.
  • The current wikiname is JaneSmithOnBehalfOfJoeSchmoe - the user mapping handler is implemented as such
• DynamicAccessControl is used
  • Topics a user can edit is listed on the Canedit form field of the user's profile topic named Profile%WIKINAME%, e.g. ProfileJaneSmith.

ALLOWWEBCHANGE would be set as follows.

   * Set ALLOWWEBCHANGE = %IF{"%CALCULATE{$SEARCH(\b%TOPIC%\b, %FORMFIELD{"Canedit" topic="Profile%WIKINAME%"}%)"}%" then="%WIKINAME% else="nobody"}%

For the dynamic access control to work even in user masquerading, %WIKINAME% in ALLOWWEBCHANGE needs to be expanded to the effective user's wiki name (JoeSchmoe) instead of the masqueraded identity (JaneSmithOnBehalfOfJoeSchmoe).

For this, there needs to be a way to get the effective user.

Impact

Implementation

-- Contributors: Hideyo Imazu - 2013-03-25

Discussion

This feature is accepted by JerusalemReleaseMeeting2013x03x29

-- Peter Thoeny - 2013-03-29