Missing user mail address should not be required for admin updating a user
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1099988
Description of problem:
When creating a user the --mail option is not required but when updating it is.
Version-Release number of selected component (if applicable):
hammer (0.1.0) * hammer_cli_foreman (0.1.0) * hammer_cli_katello (0.0.3)
Steps to Reproduce:
1. # hammer user create --login testuser --password userpasswd --auth-source-id 1
2. # hammer user list --per-page 10000 | grep testuser
48 | testuser | |
3. # hammer user update --id 48 --login usertest
Could not update the user:
Email address can't be blank
4. # hammer user update --id 48 --login usertest --mail firstname.lastname@example.org
5. # hammer user list --per-page 10000 | grep "48 "
48 | usertest | | email@example.com
If the --mail is required on creation then should ensure that it is filled on update. But if it is not required on creation it should be not required when updating.
#1 Updated by Dominic Cleal about 5 years ago
- Category set to Authentication
- Assignee deleted (
This is currently by design, so an admin can create a user without an e-mail address and they're forced to update it on their first login. I'm not sure that's a great design though and would prefer to simply make it optional. Thoughts?
#5 Updated by Dominic Cleal over 4 years ago
There are two parts to this, in my opinion.
The bug here is that an admin who creates a user without an e-mail address then updates it before the user has logged in, shouldn't be required to provide the e-mail address on update. I think this is valid.
The design issue of forcing a user to set their e-mail address on login is perhaps a separate issue, but I thought when filing this that if we fixed the design, we might eliminate the bug above. My view on the design is that we should perhaps simply have the e-mail address as an optional field and not force anybody to set it - or have it required, but that'd introduce issues with certain auth sources.