Thanks Johann. Raised a jira [1] to track the issue.
[1] https://wso2.org/jira/browse/IDENTITY-4442 Regards, Dilini On Wed, Mar 23, 2016 at 2:50 PM, Johann Nallathamby <joh...@wso2.com> wrote: > > On Wed, Mar 23, 2016 at 2:38 PM, Dilini Gunatilake <dili...@wso2.com> > wrote: > >> Hi Johann, >> >> Thanks for the information. You have mentioned that it is highly unlikely >> that users are accessing their profiles via the management console. Can you >> please clarify whether it is the same for the Dashboard also? Because the >> end users can disable their profiles via the dashboard as well. >> > > That could be a issue. In that case we will special case this claim in the > dashboard and not show it. > @Pushpalanka: please note. > > Ideally we should have application specific profile in IS and each > application should decide what claims to show and what not to. > > Thanks. > > >> >> Thank you. >> >> Regards, >> Dilini >> >> >> On Tue, Mar 22, 2016 at 9:42 PM, Johann Nallathamby <joh...@wso2.com> >> wrote: >> >>> Hi Dilini, >>> >>> It true that we ideally should special case this claim and not show in >>> the profile so a normal end user cannot disable himself. >>> >>> But this feature is just a renaming of the previous account lock feature >>> we had, except that account lock was previously used for two purposes. >>> 1. Locking the account of a user by admin (current user disable feature) >>> 2. Locking the account when invalid password attempts exceeded. >>> Even in 5.1.0 this was the case; one can lock himself out using the >>> profile and unexpected errors are thrown from management console. >>> >>> However due to following reasons we are thinking of not addressing this >>> in 5.2.0 release. >>> 1. It is highly unlikely end users of applications are allowed access to >>> the IS management console to update their profile. Generally they update >>> the profile through custom screens in the application side. Carbon admin >>> console is not exposed to end users generally. >>> 2. Very soon we are going to move away from management console UI to a >>> jaggery based portal separate for end users and admin users. >>> >>> Due to above reasons we are thinking of deprioritizing this change >>> request. >>> >>> Regards, >>> Johann. >>> >>> >>> On Mon, Mar 21, 2016 at 5:32 PM, Dilini Gunatilake <dili...@wso2.com> >>> wrote: >>> >>>> Hi Pushpalanka, >>>> >>>> Any update on this? Is there any change done in the Alpha release? >>>> >>>> Regards, >>>> Dilini >>>> >>>> On Fri, Mar 11, 2016 at 12:39 PM, Pushpalanka Jayawardhana < >>>> la...@wso2.com> wrote: >>>> >>>>> Hi Dilini, >>>>> >>>>> Intended use of this feature is only for administrators/users with >>>>> user-mgt previlleges to disable/enable user accounts. >>>>> Therefore a user should not be able to disable own account. We >>>>> discussed to hide this claim from user profile UI by default and move the >>>>> disable/enable click to user list view. This is not done yet though. >>>>> >>>>> Will get to you after discussing with the team on our stand on this. >>>>> >>>>> Thanks, >>>>> Pushpalanka. >>>>> -- >>>>> Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). >>>>> Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ >>>>> Mobile: +94779716248 >>>>> Blog: pushpalankajaya.blogspot.com/ | LinkedIn: >>>>> lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka >>>>> >>>>> >>>>> On Fri, Mar 11, 2016 at 12:30 PM, Dilini Gunatilake <dili...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi IS Team, >>>>>> >>>>>> When identifying test scenarios for User Account Disability feature >>>>>> in IS 520, I noticed that users can disable their own accounts and carry >>>>>> out work until the session expires or they log out. But the system will >>>>>> throw exceptions for the operations they do in both management console >>>>>> and >>>>>> dashboard. eg: change the password >>>>>> >>>>>> What should be the ideal behaviour in this scenario? Should the user >>>>>> have privileges to disable their own account? >>>>>> >>>>>> Thank you, >>>>>> >>>>>> Regards, >>>>>> >>>>>> -- >>>>>> >>>>>> *Dilini GunatilakeSoftware Engineer - QA Team* >>>>>> Mobile : +94 (0) 771 162518 >>>>>> dili...@wso2.com >>>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> *Dilini GunatilakeSoftware Engineer - QA Team* >>>> Mobile : +94 (0) 771 162518 >>>> dili...@wso2.com >>>> >>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Technical Lead & Product Lead of WSO2 Identity Server >>> Governance Technologies Team >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >> >> >> >> -- >> >> *Dilini GunatilakeSoftware Engineer - QA Team* >> Mobile : +94 (0) 771 162518 >> dili...@wso2.com >> > > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Technical Lead & Product Lead of WSO2 Identity Server > Governance Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > -- *Dilini GunatilakeSoftware Engineer - QA Team* Mobile : +94 (0) 771 162518 dili...@wso2.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev