Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Management of users through UI #633

Open
zlobober opened this issue Jun 20, 2024 · 2 comments
Open

Management of users through UI #633

zlobober opened this issue Jun 20, 2024 · 2 comments
Assignees
@vrozaev
Labels
auth users

Comments

@zlobober
Copy link

zlobober commented Jun 20, 2024
edited
Loading

This one is similar to #634, but for users.

There is a page with users (/users). It allows some of the actions with users, but lacks various useful administration primitives.

  1. Deleting a user - I'd suggest adding it as a trash bin icon in the row corresponding to a user to the right. A modal window "Are you sure you want to delete..." should appear.

image

  1. Renaming a user: I'd suggest adding a text box "Name" here, and if the name is changed, a Cypress request set("//sys/users/<username>/@name", "<new name>") should be issued

image

  1. Creating a new user

I'd suggest adding a new button "create new" which opens a modal window with the only text field "name"; to create a user, a Cypress request create("user", attributes={"name": "<name>"}) should be issued. NB: this is a special form of a Cypress create request that lacks target path, and it is perfectly fine.

image

  1. Set user password

Let's add a new vertical tab here called "Change password"

image

First, you should check a check-permission request in order to see if logged user has a permission to change the selected user's password. This may be done via request check_permission("<logged user>", "administer", "//sys/users/<selected user>").

a) If the result is deny, let's just write a following red text:

No permission to change user <selected user> password. In order to change the password for a user, the "administer" permission on the user is required, or you must be a superuser.

b) If the result is allow, let's have a text box with masked characters:

New password: <********>

On save the request set_user_password("<selected user>", "<new_password_sha256>") should be issued.
@ma-efremoff
Copy link
Collaborator

Is it a good check below for delete, rename and create actions?
check_permission("<logged user>", "administer", "//sys/users")

@zlobober zlobober mentioned this issue Jun 20, 2024
Open
@zlobober
Copy link
Author

Unfortunately there is no direct relation between "administer" and ("delete"+"create") in this case (btw, there is no permission like "rename"). Server-side checks exactly the "administer" action, and nothing else.

@vrozaev vrozaev self-assigned this Oct 18, 2024
vrozaev added a commit that referenced this issue Oct 18, 2024
@vrozaev
feat(Users): introduce "Name" field in UsersPageEditor dialog, now we…
c85646f 
… can rename users via UI [#633]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vrozaev vrozaev

Labels
auth users
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zlobober @vrozaev @ma-efremoff