I would call it: security issue :) IMO such destructive action like purging user should be very much secured ....
On Thu, 26 Aug 2021 at 12:44, Lee But <leesenglishless...@gmail.com> wrote: > Isn't there a way to send an ID key in the invitation email that can > automatically remove the record that matches the key. Or, match the email > address? > > On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <solomax...@gmail.com> > wrote: > >> >> >> On Thu, 26 Aug 2021 at 12:18, Lee But <leesenglishless...@gmail.com> >> wrote: >> >>> Hello Maxim, >>> >>> The <application.base.url> is just to point to the website that >>> openmeetings is on so that the user can recognise it. Example, Maxim >>> Solodonvik at www.openmeetings.apache.org has invited you to join their >>> online meeting room(s). >>> Perhaps, it would be better if the admin could create an 'organisation >>> name' and have that in the invitation instead. >>> >>> The <URL>, would point directly to a page to change the password and >>> complete registration. >>> >> >> Well >> Actually both URLs will be >> https://om.alteametasoft.com/openmeetings/signin >> This is why I'm asking :) >> >> >>> What I mean by 'deregister' is to remove the information that the admin >>> created: names, password and email address. That may not be clear. >>> >>> I suppose it could read, 'If you have received this invitation in error >>> or do not wish to join the meeting room(s), please *click here* to >>> deregister your information shown in this email.' >>> >> >> As I wrote before >> this is impossible without successful login >> which impossible without "change the password and complete registration" >> So the footer looks useless to me :( >> >> >>> >>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <solomax...@gmail.com> >>> wrote: >>> >>>> Thanks for the templates :) >>>> >>>> I'll do the following: >>>> >>>> 1) will create the key `send.invite.to.user.created.by.admin` >>>> 2) will use "Formal version" to create the template >>>> (you can modify it any time as described here >>>> https://openmeetings.apache.org/EditTemplates.html) >>>> >>>> Couple of questions: >>>> 1) why do we need both "<application.base.url>" and "<URL>"? >>>> 2) why do we need this "If you have received this invitation in error, >>>> please *click here* to deregister." footer? the only way to >>>> de-register is to complete registration then to delete themselves .... >>>> >>>> >>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary < >>>> ali.alhaid...@the5stars.org> wrote: >>>> >>>>> Nice :-) >>>>> >>>>> Ali >>>>> On 8/25/21 3:07 PM, Lee But wrote: >>>>> >>>>> Hello Maxim, >>>>> >>>>> Here are two templates. One is formal, the other informal. I think it >>>>> would be useful for admins to view default templates and create their own >>>>> invitations as well. >>>>> possible keys could be: >>>>> >>>>> send.formal.invite.to.user.created.by.admin >>>>> send.casual.invite.to.user.created.by.admin >>>>> send.custom.invite.to.user.created.by.admin >>>>> >>>>> In the examples below, the name order could be swapped according to >>>>> the language being used. >>>>> >>>>> ***************** >>>>> Formal version >>>>> >>>>> ***************** >>>>> >>>>> Dear <firstName> <lastName>, >>>>> >>>>> <adminFirstName> <adminLastName> at <application.base.url> has invited >>>>> you to join their online meeting room(s). >>>>> >>>>> To complete your registration and use the room(s), please visit the >>>>> link below and create a strong password. >>>>> >>>>> <URL> >>>>> >>>>> Your username for logging in is <username>. >>>>> >>>>> Thank you for joining our meeting rooms. >>>>> >>>>> Best regards, >>>>> >>>>> <adminFirstName> <adminLastName> >>>>> >>>>> >>>>> If you have received this invitation in error, please *click here* to >>>>> deregister. >>>>> >>>>> >>>>> >>>>> ***************** >>>>> Casual version >>>>> >>>>> ***************** >>>>> >>>>> Hi <firstName> <lastName>, >>>>> >>>>> <adminFirstName> <adminLastName> here from <application.base.url>. >>>>> I’ve added you as a user to our online meeting room(s). >>>>> >>>>> To use the room(s), you need to complete your registration. Click the >>>>> link below and create a strong password. >>>>> >>>>> <URL> >>>>> >>>>> Your username for logging in is <username>. >>>>> >>>>> Thanks for joining our meeting room(s). >>>>> >>>>> See you soon! >>>>> >>>>> <adminFirstName> >>>>> >>>>> >>>>> If I’ve sent you this invitation by mistake, please *click here* to >>>>> deregister. >>>>> >>>>> >>>>> >>>>> >>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <solomax...@gmail.com> >>>>> wrote: >>>>> >>>>>> Maybe you can help to create a template for such email (as text) >>>>>> here? :) >>>>>> and maybe propose a configuration key name? >>>>>> >>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :)) >>>>>> >>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <leesenglishless...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> Hello Maxim, >>>>>>> >>>>>>> I'm testing with my own email addresses until I am sure that I have >>>>>>> everything right. >>>>>>> I think that would be great. Also, a link to the login page would be >>>>>>> useful, as without it, users don't know the URL of the website. >>>>>>> >>>>>>> Regards, >>>>>>> Lee >>>>>>> >>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik < >>>>>>> solomax...@gmail.com> wrote: >>>>>>> >>>>>>>> Hello Lee, >>>>>>>> >>>>>>>> this is by design >>>>>>>> these email settings are for self-registration only >>>>>>>> Password is not being sent for security reasons >>>>>>>> >>>>>>>> As workaround your users can click "Forget password" >>>>>>>> enter login/email and change the password >>>>>>>> >>>>>>>> We can add some additional setting to send email to newly created >>>>>>>> users with instructions above :) >>>>>>>> WDYT? >>>>>>>> >>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <leesenglishless...@gmail.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hello, >>>>>>>>> >>>>>>>>> I turned off self-registering, and when I set up a user as admin, >>>>>>>>> no verification email is sent despite the key being set to true. >>>>>>>>> [image: image.png] >>>>>>>>> >>>>>>>>> Also, the email that contains the user's account details does not >>>>>>>>> contain the password, nor a link to the openmeetings page, so they >>>>>>>>> cannot >>>>>>>>> log in. >>>>>>>>> Here's the message: >>>>>>>>> >>>>>>>>> [image: image.png] >>>>>>>>> >>>>>>>>> Thank you, >>>>>>>>> Lee >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Best regards, >>>>>>>> Maxim >>>>>>>> >>>>>>> >>>>>> >>>>>> -- >>>>>> Best regards, >>>>>> Maxim >>>>>> >>>>> >>>> >>>> -- >>>> Best regards, >>>> Maxim >>>> >>> >> >> -- >> Best regards, >> Maxim >> > -- Best regards, Maxim
