Hi Dilini, It true that we ideally should special case this claim and not show in the profile so a normal end user cannot disable himself.
But this feature is just a renaming of the previous account lock feature we had, except that account lock was previously used for two purposes. 1. Locking the account of a user by admin (current user disable feature) 2. Locking the account when invalid password attempts exceeded. Even in 5.1.0 this was the case; one can lock himself out using the profile and unexpected errors are thrown from management console. However due to following reasons we are thinking of not addressing this in 5.2.0 release. 1. It is highly unlikely end users of applications are allowed access to the IS management console to update their profile. Generally they update the profile through custom screens in the application side. Carbon admin console is not exposed to end users generally. 2. Very soon we are going to move away from management console UI to a jaggery based portal separate for end users and admin users. Due to above reasons we are thinking of deprioritizing this change request. Regards, Johann. On Mon, Mar 21, 2016 at 5:32 PM, Dilini Gunatilake <[email protected]> wrote: > Hi Pushpalanka, > > Any update on this? Is there any change done in the Alpha release? > > Regards, > Dilini > > On Fri, Mar 11, 2016 at 12:39 PM, Pushpalanka Jayawardhana <[email protected] > > wrote: > >> Hi Dilini, >> >> Intended use of this feature is only for administrators/users with >> user-mgt previlleges to disable/enable user accounts. >> Therefore a user should not be able to disable own account. We discussed >> to hide this claim from user profile UI by default and move the >> disable/enable click to user list view. This is not done yet though. >> >> Will get to you after discussing with the team on our stand on this. >> >> Thanks, >> Pushpalanka. >> -- >> Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). >> Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ >> Mobile: +94779716248 >> Blog: pushpalankajaya.blogspot.com/ | LinkedIn: >> lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka >> >> >> On Fri, Mar 11, 2016 at 12:30 PM, Dilini Gunatilake <[email protected]> >> wrote: >> >>> Hi IS Team, >>> >>> When identifying test scenarios for User Account Disability feature in >>> IS 520, I noticed that users can disable their own accounts and carry out >>> work until the session expires or they log out. But the system will throw >>> exceptions for the operations they do in both management console and >>> dashboard. eg: change the password >>> >>> What should be the ideal behaviour in this scenario? Should the user >>> have privileges to disable their own account? >>> >>> Thank you, >>> >>> Regards, >>> >>> -- >>> >>> *Dilini GunatilakeSoftware Engineer - QA Team* >>> Mobile : +94 (0) 771 162518 >>> [email protected] >>> >> >> > > > -- > > *Dilini GunatilakeSoftware Engineer - QA Team* > Mobile : +94 (0) 771 162518 > [email protected] > -- Thanks & Regards, *Johann Dilantha Nallathamby* Technical Lead & Product Lead of WSO2 Identity Server Governance Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
