On Wed, Mar 23, 2016 at 2:38 PM, Dilini Gunatilake <[email protected]> wrote:
> Hi Johann, > > Thanks for the information. You have mentioned that it is highly unlikely > that users are accessing their profiles via the management console. Can you > please clarify whether it is the same for the Dashboard also? Because the > end users can disable their profiles via the dashboard as well. > That could be a issue. In that case we will special case this claim in the dashboard and not show it. @Pushpalanka: please note. Ideally we should have application specific profile in IS and each application should decide what claims to show and what not to. Thanks. > > Thank you. > > Regards, > Dilini > > > On Tue, Mar 22, 2016 at 9:42 PM, Johann Nallathamby <[email protected]> > wrote: > >> Hi Dilini, >> >> It true that we ideally should special case this claim and not show in >> the profile so a normal end user cannot disable himself. >> >> But this feature is just a renaming of the previous account lock feature >> we had, except that account lock was previously used for two purposes. >> 1. Locking the account of a user by admin (current user disable feature) >> 2. Locking the account when invalid password attempts exceeded. >> Even in 5.1.0 this was the case; one can lock himself out using the >> profile and unexpected errors are thrown from management console. >> >> However due to following reasons we are thinking of not addressing this >> in 5.2.0 release. >> 1. It is highly unlikely end users of applications are allowed access to >> the IS management console to update their profile. Generally they update >> the profile through custom screens in the application side. Carbon admin >> console is not exposed to end users generally. >> 2. Very soon we are going to move away from management console UI to a >> jaggery based portal separate for end users and admin users. >> >> Due to above reasons we are thinking of deprioritizing this change >> request. >> >> Regards, >> Johann. >> >> >> On Mon, Mar 21, 2016 at 5:32 PM, Dilini Gunatilake <[email protected]> >> wrote: >> >>> Hi Pushpalanka, >>> >>> Any update on this? Is there any change done in the Alpha release? >>> >>> Regards, >>> Dilini >>> >>> On Fri, Mar 11, 2016 at 12:39 PM, Pushpalanka Jayawardhana < >>> [email protected]> wrote: >>> >>>> Hi Dilini, >>>> >>>> Intended use of this feature is only for administrators/users with >>>> user-mgt previlleges to disable/enable user accounts. >>>> Therefore a user should not be able to disable own account. We >>>> discussed to hide this claim from user profile UI by default and move the >>>> disable/enable click to user list view. This is not done yet though. >>>> >>>> Will get to you after discussing with the team on our stand on this. >>>> >>>> Thanks, >>>> Pushpalanka. >>>> -- >>>> Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). >>>> Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ >>>> Mobile: +94779716248 >>>> Blog: pushpalankajaya.blogspot.com/ | LinkedIn: >>>> lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka >>>> >>>> >>>> On Fri, Mar 11, 2016 at 12:30 PM, Dilini Gunatilake <[email protected]> >>>> wrote: >>>> >>>>> Hi IS Team, >>>>> >>>>> When identifying test scenarios for User Account Disability feature in >>>>> IS 520, I noticed that users can disable their own accounts and carry out >>>>> work until the session expires or they log out. But the system will throw >>>>> exceptions for the operations they do in both management console and >>>>> dashboard. eg: change the password >>>>> >>>>> What should be the ideal behaviour in this scenario? Should the user >>>>> have privileges to disable their own account? >>>>> >>>>> Thank you, >>>>> >>>>> Regards, >>>>> >>>>> -- >>>>> >>>>> *Dilini GunatilakeSoftware Engineer - QA Team* >>>>> Mobile : +94 (0) 771 162518 >>>>> [email protected] >>>>> >>>> >>>> >>> >>> >>> -- >>> >>> *Dilini GunatilakeSoftware Engineer - QA Team* >>> Mobile : +94 (0) 771 162518 >>> [email protected] >>> >> >> >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Technical Lead & Product Lead of WSO2 Identity Server >> Governance Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> > > > > -- > > *Dilini GunatilakeSoftware Engineer - QA Team* > Mobile : +94 (0) 771 162518 > [email protected] > -- Thanks & Regards, *Johann Dilantha Nallathamby* Technical Lead & Product Lead of WSO2 Identity Server Governance Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
