BTW, login permission is given to internal/selfsignup role [1]. Have we changed that ?
Thanks Isura. [1] https://github.com/wso2-extensions/identity-governance/blob/master/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/signup/UserSelfRegistrationManager.java#L128-128 *Isura Dilhara Karunaratne* Senior Software Engineer | WSO2 Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/ On Thu, Oct 27, 2016 at 7:26 AM, Johann Nallathamby <[email protected]> wrote: > Why do we need to have login permission for "selfsignup" role. We don't > need to. "login" permission is to login to management console. We don't > expect self signup users to login to management console. They can only > login to dashboard, and for that we should not need "login" permission. Can > you check if dashboard functions without "login" permission. > > On Thu, Oct 27, 2016 at 6:12 PM, Ayesha Dissanayaka <[email protected]> > wrote: > >> Hi all, >> >> While testing 5.3.0-M5, I came across below concerns around user self >> sign-up. >> >> The user experience is broken for a *self registered user* in a *default >> pack* and I have reported them in IDENTITY-5271 >> <https://wso2.org/jira/browse/IDENTITY-5271> with reproducing steps and >> sub-tasks. >> >> 1. User Profile Gadget doesn't work properly >> 2. Unable to update Recovery Information >> 3. Access Denied for Associated Accounts Gadget >> >> > 1, 2 and 3 don't need any permission. Authentication is enough because > user is trying to perform something on his account. > >> >> 1. Monitor Users Login Sessions gadget only should be available to >> users who have admin permission >> >> For this we can have a specific permission check. But need to be a > specific permission not used for any other functions. > > It seems cause for most of the cases is not having required permissions >> for the selfsigned-up user. The "Internal/selfsignup" role only has >> login permission in the tree. However, in a default pack this user >> experience seems not nice. >> > > If above is done experience will be good. > > >> >> WDYT? >> >> Thanks! >> -Ayesha >> >> -- >> *Ayesha Dissanayaka* >> Software Engineer, >> WSO2, Inc : http://wso2.com >> <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> >> 20, Palmgrove Avenue, Colombo 3 >> E-Mail: [email protected] <[email protected]> >> > > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Technical Lead & Product Lead of WSO2 Identity Server > Governance Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
