Replacing registered e-mail address in message body with link to Profiles
From:
Michael JasonSmith
Date:
Jan 16 22:58 UTC
Short link
> "...privacy has been violated because someone else form the
> e-mail world replied and included their deducible e-mail in the
> *MESSAGE*..." (emphasis mine)
I was unsure where in the message the deducible email was: I presumed
the From-line in the header, but I am more that willing to accept that I
presumed wrong and the email address was in the body ☺
If the user's email address was disclosed in the body of a email
message, sent by another group member, I would argue that the user has
experienced a privacy breach; the breach was made by the user who
included the email address in the body of the message. On OGN, this is
in violation of a strict interpretation of our privacy policy, and the
breaching-user could be kicked. However, the breach is reasonable, given
users' common experience with email.
Redacting the email address of logged-in users would not be too hard to
implement, but we are constrained for development resources at the
moment.
Currently the obfuscation of email addresses is done very crudely
retval = text.replace('@', ' ( at ) ')
To redact the address, we would have to parse out each address
(*shudder*)
EMAIL_RE = r'[a-zA-Z0-9\._%-]+@([a-zA-Z0-9\-]+\.)+[a-zA-Z]{2,4}'
emailRe = re.sub(EMAIL_RE, emailRepl, text)
The "emailRepl" would then look each address up
user = self.context.acl_users.get_userByEmail(email)
and replace the email with the a link to the user's profile
if user:
email = '<a href="/contacts/%s" title="Profile of %s">%s</a>' % \
(user.getId(), user.getProperty('fn', ''),
user.getProperty('fn', ''))
else:
email = email.replace('@', ' ( at ) ')
Damn your interesting problems, I have almost written the thing ☺
[Not to self: add a URL property to Custom Users.]