Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

In modelPageContent,created_by andchanged_by shall be normalized#7855

jrief started this conversation inPolls
Discussion options

jrief
Mar 25, 2024
Collaborator

This is a big no-no in our database design of models: In modelPageContent, fieldscreated_by andchanged_by contain the full name of the user instead of their foreign key. This strongly violates the1st normalization rule according to Edgar F. Codd and should be out of debate.

Can anybody explain why this happened?

Normalize created_by and changed_by in model PageContent?
Yes
100%
No (please explain why you're against)
0%

3 votes

You must be logged in to vote

Replies: 2 comments 5 replies

Comment options

marksweb
Mar 25, 2024
MaintainerSponsor

I would suspect this is to handle users being deleted so that the name of the person persists.

You must be logged in to vote
2 replies
@fsbraun
Comment options

fsbraunMar 26, 2024
MaintainerSponsor

If someone needed to keep information on former users would the Django way not be to deactivate the user?
I am thinking of a field withon_delete=models.SET_NULL. User objects are also stored by versioning and potentially other apps.

@marksweb
Comment options

markswebMar 30, 2024
MaintainerSponsor

Yes historically that's how I've handled things.

Comment options

jrief
Mar 26, 2024
Collaborator Author

I agree with@fsbraun that users shall be deactivated. If they want to be removed from the database (GDPR compliance), we might add a function to hash their name, email, etc. on some way. But users shall not be removed. I would even argue to useon_delete=models.PROTECT on the foreign keys of CMS models pointing to User.

You must be logged in to vote
3 replies
@fsbraun
Comment options

fsbraunMar 26, 2024
MaintainerSponsor

That's an interesting take. I can imagine making this configurable and being reused throughout the CMS (esp. within versioning). Options would bePROTECT andSET_NULL and ... ? I can imaginePROTECT being the default giving max. accountability.

versioning has a similar setting to prevent deleting historical versions.

@jrief
Comment options

jriefMar 26, 2024
Collaborator Author

SET_NULL has the problem that such aForeigKey then must be nullable and on each lookup we must add code to check forNone. Since imo users shallnever be removed, this makes the code more brittle to errors.

@sepi
Comment options

I'd be ok with not allowing to remove users as a structure but then you would definitely need to roll out an action to scramble the personal data in the same release.

The only reason I see to store the users' names instead of references would be to have a better fidelity of the audit trail. A user changing their name to obscure something would still be recorded as it was at the time. It's pretty contrived I must agree.

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Category
Polls
Labels
None yet
4 participants
@jrief@sepi@marksweb@fsbraun
[8]ページ先頭
©2009-2025 Movatter.jp