= The Gumby Management System (GMS) =

Read {{{/services/gms/README }}}

With [[LDAP/UCCSchema]] in place, the road is open for a web-based member management system that doesn't suck too badly.

== Goals ==

'''Stage 1'''
 * Members can log in and view their information
 * Committee can log in and view other people's information

'''Stage 2'''
 * Members can edit the relevant parts of their information
 * Committee can log in and edit other people's information

'''Stage 3'''
 * Members can renew online (perhaps with automatic confirmation if they pay via PayPal?)
  * This will probably require some sort of staging, such as storing changes in ou=pending within the uid's DN until they are confirmed by a committee member.

'''In the future'''
 * Creating new accounts?
 * Other?

== Security ==

 * GMS should only run over SSL
 * GMS should let users authenticate as themselves to LDAP, at least for viewing
  * However, attributes like uccAccountRenewed should probably not be writeable by users - GMS will probably need a service-specific LDAP account
 * The updates that GMS makes will be logged in the LDAP audit log, which might need to be archived for a longer period of time. Alternatively, GMS could make its own logs.

== Other thigns to remember