resources

A number of people are putting in short urls for user role display. This has been a feature request I've heard over and over for some time for xaraya roles, and one very simple to implement. So why hasn't it been done in xaraya core?

I'm not sure why it isn't in xaraya core, but it is implemented in our xarigami core for those that want it. However i would caution anyone who wants to use it (you can check it out at the xarigami demo at http://demo.xarigami.com). While we have implemented this as an option, we have made sure it can be turned on only if necessary, and turned off if required.

I had to think about whether to do this or not for a number of reasons. For short URLs we require a unique identifier per user and preferably a permanent identifier per user. This is, reliably and currently user id (uid). We could also rely on the uniqueness of username as is implemented in xaraya core. Display name is not necessarily unique so can't be used.

This is where we start to have problems.

We have to date, gone out of our way in xaraya and xarigami core to ensure username is not displayed on a site, and only Display name is used. It has been a topic of hot discussion in the past. However, using username in short urls raises a privacy issue, as it exposes a username to the public in the URL.

There are other issues that can arise but more so in custom core implementations we have done, especially in community sites, where username can becomes a transient identifier and only UID is unique and permanent.

So, while the option is available in xarigami core, the site administrator may need to update privacy policies at least to address the privacy issue it raises. Developers should consider site requirements, and the possibility of loss of a permanent url where custom core implementations in roles are required.