Re: [Dev] [IS] User's can disable their own accounts

2016-03-23 Thread Dilini Gunatilake
Thanks Johann. Raised a jira [1] to track the issue. [1] https://wso2.org/jira/browse/IDENTITY-4442 Regards, Dilini On Wed, Mar 23, 2016 at 2:50 PM, Johann Nallathamby wrote: > > On Wed, Mar 23, 2016 at 2:38 PM, Dilini Gunatilake > wrote: > >> Hi Johann,

Re: [Dev] [IS] User's can disable their own accounts

2016-03-23 Thread Johann Nallathamby
On Wed, Mar 23, 2016 at 2:38 PM, Dilini Gunatilake wrote: > Hi Johann, > > Thanks for the information. You have mentioned that it is highly unlikely > that users are accessing their profiles via the management console. Can you > please clarify whether it is the same for the

Re: [Dev] [IS] User's can disable their own accounts

2016-03-23 Thread Dilini Gunatilake
Hi Johann, Thanks for the information. You have mentioned that it is highly unlikely that users are accessing their profiles via the management console. Can you please clarify whether it is the same for the Dashboard also? Because the end users can disable their profiles via the dashboard as

Re: [Dev] [IS] User's can disable their own accounts

2016-03-22 Thread Johann Nallathamby
Hi Dilini, It true that we ideally should special case this claim and not show in the profile so a normal end user cannot disable himself. But this feature is just a renaming of the previous account lock feature we had, except that account lock was previously used for two purposes. 1. Locking

Re: [Dev] [IS] User's can disable their own accounts

2016-03-21 Thread Dilini Gunatilake
Hi Pushpalanka, Any update on this? Is there any change done in the Alpha release? Regards, Dilini On Fri, Mar 11, 2016 at 12:39 PM, Pushpalanka Jayawardhana wrote: > Hi Dilini, > > Intended use of this feature is only for administrators/users with > user-mgt previlleges to

Re: [Dev] [IS] User's can disable their own accounts

2016-03-10 Thread Pushpalanka Jayawardhana
Hi Dilini, Intended use of this feature is only for administrators/users with user-mgt previlleges to disable/enable user accounts. Therefore a user should not be able to disable own account. We discussed to hide this claim from user profile UI by default and move the disable/enable click to user

[Dev] [IS] User's can disable their own accounts

2016-03-10 Thread Dilini Gunatilake
Hi IS Team, When identifying test scenarios for User Account Disability feature in IS 520, I noticed that users can disable their own accounts and carry out work until the session expires or they log out. But the system will throw exceptions for the operations they do in both management console