On Tue, Apr 09, 2013 at 04:31:41PM +0000, Pranav Saxena wrote: > HI, > > Do we allow deletion of users created by the admin within the admin account ? > Currently if we see the UI (4.1 /master) and create a User within the admin > account you won't be able to delete any user . Now when you create a user , > its account type is 1 , account is Admin and domain is ROOT . With this in > mind , how do you distinguish between the system generated Admin user and a > manual generated user . > > Also , the delete User API if invoked for the admin himself will delete the > admin account leading to a big problem , since the admin won't be able to > login to the UI as his credentials will be deleted from the db. So first of > all we should have a check at the API layer to disallow such an action . > > Next , If I need to put a check at the UI layer to hide/show delete options , > what would be the right conditions needed to be checked to distinguish > between the system generated user and admin generated manual users ? > > Thanks, > Pranav
Is this discussion tied to CLOUDSTACK-1941? Is the current state of 4.1 and master a change in behaviour from 4.0.0? If it isn't a change, I'd like to propose that we set the fix version to 4.2.0 at a minimum. Pending the outcome of this discussion thread, perhaps it will be closed with "won't fix", or perhaps it gets fixed. If it *is* a change, can we implement a fix that restores past behaviour as a first step? -chip
