HI,

Do we allow deletion of users created by the admin within the admin account ? 
Currently if we  see the UI (4.1 /master) and create a User within the admin 
account you won't be able to delete any user . Now when you create a user , its 
account type is 1 , account is Admin and domain is ROOT . With this in mind ,  
how do you distinguish between the system generated Admin user and a manual 
generated user .

Also  , the delete User API if invoked for the admin himself will delete the 
admin account leading to a big problem , since the admin won't be able to login 
to the UI as his credentials will be deleted from the db.  So first of all we 
should have a check at the API layer to disallow such an action .

Next , If I need to put a check at the UI layer to hide/show delete options , 
what would be the right conditions needed to be checked to distinguish between 
the system generated user and admin generated manual users ?

Thanks,
Pranav

Reply via email to