View Issue Details

IDProjectCategoryView StatusLast Update
0013444mantisbtapi soappublic2016-03-12 16:13
Reportervboctor Assigned To 
PrioritynormalSeverityfeatureReproducibilityhave not tried
Status confirmedResolutionopen 
Product Version1.2.8 
Summary0013444: Make avatars accessible to client applications
Description

The same way we expose file attachments, we should expose the user avatars. The advantage of MantisBT wrapping gravatar or whatever implementation is the following:

  1. Client application can get the avatar without knowing the email address of the user (i.e. using the username).
  2. The provider of the avatar is transparent to the client applications.
Tagsavatar

Activities

rombert

rombert

2011-10-28 13:04

reporter   ~0030095

Sounds like a good feature to me.

rombert

rombert

2011-11-11 07:45

reporter   ~0030224

I think that MantisBT should send a reference - a URL - to the client, including both http and https values. Sending a base64-encoded value of the avatar can get messy . But shouldn't this be done as part of 0013445 ?

rombert

rombert

2011-11-13 04:13

reporter   ~0030228

By reviewing the gravatar API it seems that there are multiple parameters we can take into account - http://en.gravatar.com/site/implement/images/ . I think we should return just the hash and let the client worry about exactly what to retrieve.

dregad

dregad

2016-03-11 11:45

developer   ~0052748

I think we should return just the hash and let the client worry about exactly what to retrieve.

Not so sure about that.

The avatar settings are defined in MantisBT config_inc.php level, so I don't think we'd want a SOAP client displaying 'monster' default avatars if we've set that to 'identicon'.

Moreover, in the new context of Avatar plugins, we may have an implementation which does not rely on a hash (e.g. local storage).

vboctor

vboctor

2016-03-11 12:42

manager   ~0052749

As I said in the description of the plugin, it should look as follows:

http://mantisbt/avatar.php?user_id=123&size=32
http://mantisbt/avatar.php?username=vboctor&size=32

The above urls can be embedded in an image tag for example. I believe they should always return an avatar (assuming user threshold meets the bar). It is up to the client to check if show_avatar is ON or not, but that shouldn't be enforced in the script, otherwise, we can get broken images for example.

dregad

dregad

2016-03-12 02:11

developer   ~0052757

As I said in the description of the plugin

I must have missed it, where is that ?

Currently the avatar.php page you refer does not exist, I assume this is a target implementation ? I think it would be a good approach.

should always return an avatar (assuming user threshold meets the bar). [...]
that shouldn't be enforced in the script, otherwise, we can get broken images

Are you saying that we should always return a default image ?

What happens if client doesn't have access ? Shouldn't we return a 403 ?
And if the requested user doesn't exist ? 404 ?

rombert

rombert

2016-03-12 16:13

reporter   ~0052762

I agree that we should use URLs to point to avatars rather than hashes, given that we may have multiple implementations.

It's probably better to point the links to the MantisBT instance, for constrained networks.

I am not sure we should include the size in the link, various client applications will probably need different sizes.

Come to think of it, it might be enough to expose a avatar URL as @vboctor indicated and not necessarily include this in the SOAP API since it can be inferred from the user name.