53 enhanced user privacy

[ThrawnCA]

Improve the privacy of user data. If ckan.public_user_details is False, then user profiles should only be visible to their owners or relevant admins.

[markstuart]

This looks great @ThrawnCA, love your work!

Could you add something to the README describing this behaviour? Happy to merge after that :)

[ThrawnCA]

README is updated; feedback welcome.

[markstuart]

After reviewing this again, I'm a little concerned that this feature could be too opinionated for many consumers. Would it make sense to provide a flag like ckanext.security.admin_only_user_details? For example, in our application all logged in users should be able to see other users of the system, but public users are not allowed to, so the standard ckan.public_user_details flag is fine.

[ThrawnCA]

For example, in our application all logged in users should be able to see other users of the system, but public users are not allowed to, so the standard ckan.public_user_details flag is fine.

I assume that you don't allow public registration, then?

Why would one regular user need to see another's profile?

[ThrawnCA]

@markstuart How about a middle ground?

Suppose there were a flag to allow any member of an organisation - not just an org admin - to view the user profiles of other members of the same organisation. That way, if you really want to allow every account on the site to view each other's profiles, you can create an umbrella organisation and make them all members of it.

That would also give more flexibility if you only want most profiles to be visible to each other, retaining a few exceptions.