ChiliProject is not maintained anymore. Please be advised that there will be no more updates.
We do not recommend that you setup new ChiliProject instances and we urge all existing users to migrate their data to a maintained system, e.g. Redmine. We will provide a migration script later. In the meantime, you can use the instructions by Christian Daehn.
Task's "assignee" should be specified by login instead of user ID (Bug #449)
I'm trying to create a task in Redmine using REST API and assign to a specific user.
I know the login name (or full name) of the user I want to assign the new task to, but I don't know the user database ID.
I could get all users from the server and find the required one, but this operation requires "Administrator" permission, which is a non-starter in many cases.
so, I propose to allow specifying the "task's assignee" with user login name and not just user ID.
References are done by IDs throughout our whole app. This one of the few things which are really consistent (with the notable exception of project identifiers, which are consistently used on their own).
However, I think we could add an API to map the login to the user id (the reverse is already available). I'd like to hear some comments by the other guys as there are potential privacy issues or information disclosure here. We would effectively allow any user to verify the existence (and identity) of any random login name which might ease certain attacks.
After having thought a bit about the issue, I think, the Project#show (or maybe the members controller) action should include a list of members of a project (id and name). After all, these are the only relevant entities you have to deal with. That would allow us to keep the login data private which I think is a good idea after all. Also it would save us from having to open the complete user database for scraping.