Why do we need to have login permission for "selfsignup" role. We don't need to. "login" permission is to login to management console. We don't expect self signup users to login to management console. They can only login to dashboard, and for that we should not need "login" permission. Can you check if dashboard functions without "login" permission.
On Thu, Oct 27, 2016 at 6:12 PM, Ayesha Dissanayaka <[email protected]> wrote: > Hi all, > > While testing 5.3.0-M5, I came across below concerns around user self > sign-up. > > The user experience is broken for a *self registered user* in a *default > pack* and I have reported them in IDENTITY-5271 > <https://wso2.org/jira/browse/IDENTITY-5271> with reproducing steps and > sub-tasks. > > 1. User Profile Gadget doesn't work properly > 2. Unable to update Recovery Information > 3. Access Denied for Associated Accounts Gadget > > 1, 2 and 3 don't need any permission. Authentication is enough because user is trying to perform something on his account. > > 1. Monitor Users Login Sessions gadget only should be available to > users who have admin permission > > For this we can have a specific permission check. But need to be a specific permission not used for any other functions. It seems cause for most of the cases is not having required permissions for > the selfsigned-up user. The "Internal/selfsignup" role only has login > permission in the tree. However, in a default pack this user experience > seems not nice. > If above is done experience will be good. > > WDYT? > > Thanks! > -Ayesha > > -- > *Ayesha Dissanayaka* > Software Engineer, > WSO2, Inc : http://wso2.com > <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> > 20, Palmgrove Avenue, Colombo 3 > E-Mail: [email protected] <[email protected]> > -- Thanks & Regards, *Johann Dilantha Nallathamby* Technical Lead & Product Lead of WSO2 Identity Server Governance Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
