Sync-ing user records with pre-existing name data...
Posted: Tue Jun 21, 2005 12:01 pm
Please bear with the following description as the problem is a little complex:
In my application it is very common for some amount of data to be in the system prior to a user registering an account -- notably name and possibly a school affiliation and past competitive results. The vast majority of people will never need nor have an account. Likewise for teams, teams can either be created from scratch or more commonly partially pre-populated from past public results. Authorization is handled on a role-basis within a team, ie a given user may be given the "Captain" or a lessor role over a paticular team.
So I have a number of similar, but slightly different, cases where I need the ability to link existing data with new users or the ability to elevate permissions of various users -- all in a secure manner.
Starting with the "simplest" in my mind:
Existing User, requests "Captain" role for an existing team:
Permission elevation request is generated, resolution by site admin requires out-of-band confirmation from publicly available team contact information (most teams have captain contact information on their school sponsored website) (Captains can grant Captain and lower access within their team to other team members, sparing the site admin some of the requests). I can't think of any secure, in-band mechanism.
New User, existing person record:
Display a list of possible matches (ie matching/near-matching names) along with any team affiliation if known. Also display the non-selectable matches due to existing linkages with users (aka an already "claimed" person record). User may report a misclaimed person record to the site admin for investigation/resolution of claim. User may
select a single non-claimed entry. If non-claimed entry has no pre-existing team-membership, no further actions required. If non-claimed has a team-membership, an pending-approval record is created with request information forwarded to the team (any team role can approve). (Out-of-band verification of team-membership using combination of name and email addresss as "authentication" to the team.) (The worst result of an improper lnkage is the exposure of mailing address and phone number, but it is extremely unlikely such would have been entered into the person record of a non-user)
Can anyone think of any improvements? Has anyone else had to deal with a similar system and can offer related advice?
Thanks
In my application it is very common for some amount of data to be in the system prior to a user registering an account -- notably name and possibly a school affiliation and past competitive results. The vast majority of people will never need nor have an account. Likewise for teams, teams can either be created from scratch or more commonly partially pre-populated from past public results. Authorization is handled on a role-basis within a team, ie a given user may be given the "Captain" or a lessor role over a paticular team.
So I have a number of similar, but slightly different, cases where I need the ability to link existing data with new users or the ability to elevate permissions of various users -- all in a secure manner.
Starting with the "simplest" in my mind:
Existing User, requests "Captain" role for an existing team:
Permission elevation request is generated, resolution by site admin requires out-of-band confirmation from publicly available team contact information (most teams have captain contact information on their school sponsored website) (Captains can grant Captain and lower access within their team to other team members, sparing the site admin some of the requests). I can't think of any secure, in-band mechanism.
New User, existing person record:
Display a list of possible matches (ie matching/near-matching names) along with any team affiliation if known. Also display the non-selectable matches due to existing linkages with users (aka an already "claimed" person record). User may report a misclaimed person record to the site admin for investigation/resolution of claim. User may
select a single non-claimed entry. If non-claimed entry has no pre-existing team-membership, no further actions required. If non-claimed has a team-membership, an pending-approval record is created with request information forwarded to the team (any team role can approve). (Out-of-band verification of team-membership using combination of name and email addresss as "authentication" to the team.) (The worst result of an improper lnkage is the exposure of mailing address and phone number, but it is extremely unlikely such would have been entered into the person record of a non-user)
Can anyone think of any improvements? Has anyone else had to deal with a similar system and can offer related advice?
Thanks