On 12/24/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Author: rinku
Date: Sun Dec 24 00:12:41 2006
New Revision: 49
URL: http://svn.apache.org/viewvc?view=revrev=49
Log:
o updates to store unit tests for refactorings.
Modified:
@@ -896,7 +902,9 @@
{
try
{
-
In 1.1-SNAPSHOT, on 'Create New User', I can create an account with no
password, even though the two password fields have asterisks displayed
next to them.
If I then edit the user and uncheck the 'Change Password Next Login'
box, the user can log in without a password.
Should this be possible?
I'm having trouble with new user registration. (The
creation-verification-change password flow works, but so do some
things that shouldn't.)
1. Register for an account
2. Ignore the confirmation email
3. Attempt to log in with the new userid. Leave the password blank
4. You are prompted to
imo, yes :)
only the administrator has the ability to make those decisions and
they ought to be allowed to do it...
we restrict it already that users are not by default allowed to make
empty passwords but with a but of configuration they should be allowed
to not have passwords, if that is the
On 12/26/06, Jesse McConnell [EMAIL PROTECTED] wrote:
imo, yes :)
only the administrator has the ability to make those decisions and
they ought to be allowed to do it...
Works for me, but let's fix the UI so the password fields are not
marked with an asterisk if they're not actually
hehe, please file jira issue
On 12/26/06, Wendy Smoak [EMAIL PROTECTED] wrote:
I'm having trouble with new user registration. (The
creation-verification-change password flow works, but so do some
things that shouldn't.)
1. Register for an account
2. Ignore the confirmation email
3. Attempt to
On 26 Dec 06, at 10:58 AM 26 Dec 06, Jesse McConnell wrote:
imo, yes :)
only the administrator has the ability to make those decisions and
they ought to be allowed to do it...
Definitely, as it might be used in a small group, in an already
secure environment. Assume the driver has a
On 11/28/06, Christian Edward Gruber [EMAIL PROTECTED] wrote:
Hey. Just FYI, in the trunk the unauthenticated user (and other
logged-in, unempowered users) can create new project groups.
Thanks, this appears to be fixed in the latest code. (The 'Add
project group' button no longer appears.)
there are a number of things along these lines that I noticed in an
little audit of the action classes that I noticed.
Once rahul and I get the key based refactor wrapped up I think we'll
try and link up with some work jason has been kicking around to
improve the UI and xmlrpc code interface and
On 12/22/06, Wendy Smoak [EMAIL PROTECTED] wrote:
If I remove all the roles from the guest user [1] and log out, I can
still see everything from project groups down to build results.
Is this being worked on already?
[1] including the mysterious 'Guest' role, which, once removed, is not
in the
Hi,
A few observations on these. Does anyone else have outstanding
todos in this area? Would like to gatehr them up and get them
resolved to make them useful.
1) these need to be run regularly to be really useful. They aren't
part of the main build ( a good idea, since it requires a UI
On 27/12/2006, at 2:08 PM, Brett Porter wrote:
Hi,
A few observations on these. Does anyone else have outstanding
todos in this area? Would like to gatehr them up and get them
resolved to make them useful.
1) these need to be run regularly to be really useful. They aren't
part of the
see below
On 27/12/2006, at 3:09 PM, Brett Porter wrote:
On 27/12/2006, at 2:08 PM, Brett Porter wrote:
Hi,
A few observations on these. Does anyone else have outstanding
todos in this area? Would like to gatehr them up and get them
resolved to make them useful.
1) these need to be
13 matches
Mail list logo