Bug #5897
closedMissing user mail address should not be required for admin updating a user
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1099988
Description of problem:
When creating a user the --mail option is not required but when updating it is.
Version-Release number of selected component (if applicable):
hammer (0.1.0)
* hammer_cli_foreman (0.1.0)
* hammer_cli_katello (0.0.3)
How reproducible:
Aways
Steps to Reproduce:
1. # hammer user create --login testuser --password userpasswd --auth-source-id 1
User created
2. # hammer user list --per-page 10000 | grep testuser
48 | testuser | |
3. # hammer user update --id 48 --login usertest
Could not update the user:
Email address can't be blank
4. # hammer user update --id 48 --login usertest --mail test@user.com
User updated
5. # hammer user list --per-page 10000 | grep "48 "
48 | usertest | | test@user.com
Actual results:
Expected results:
If the --mail is required on creation then should ensure that it is filled on update. But if it is not required on creation it should be not required when updating.
Additional info:
Updated by Dominic Cleal over 10 years ago
- Category set to Authentication
- Assignee deleted (
Dominic Cleal)
This is currently by design, so an admin can create a user without an e-mail address and they're forced to update it on their first login. I'm not sure that's a great design though and would prefer to simply make it optional. Thoughts?
Updated by Tom Caspy over 9 years ago
- Assignee set to Tom Caspy
proposed solution - user's auth source defaults to requiring email. in case of hidden, external and LDAP auth sources, they allow blank emails. creating pull request.
Updated by The Foreman Bot over 9 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/2065 added
- Pull request deleted (
)
Updated by Daniel Lobato Garcia over 9 years ago
Not a bug in my opinion, only users that have never logged in the UI can be in the db without a password, as soon as they log in they have to set one.
Updated by Dominic Cleal over 9 years ago
There are two parts to this, in my opinion.
The bug here is that an admin who creates a user without an e-mail address then updates it before the user has logged in, shouldn't be required to provide the e-mail address on update. I think this is valid.
The design issue of forcing a user to set their e-mail address on login is perhaps a separate issue, but I thought when filing this that if we fixed the design, we might eliminate the bug above. My view on the design is that we should perhaps simply have the e-mail address as an optional field and not force anybody to set it - or have it required, but that'd introduce issues with certain auth sources.
Updated by Tom Caspy over 9 years ago
- Status changed from Ready For Testing to Assigned
- Pull request added
- Pull request deleted (
https://github.com/theforeman/foreman/pull/2065)
Updated by The Foreman Bot over 9 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/2244 added
- Pull request deleted (
)
Updated by Dominic Cleal over 9 years ago
- Subject changed from User mail address should either be always optional or always required to Missing user mail address should not be required for admin updating a user
- Translation missing: en.field_release set to 35
Updated by Dominic Cleal over 9 years ago
- Translation missing: en.field_release deleted (
35)
Updated by Dominic Cleal over 9 years ago
- Related to Refactor #10946: User mail address should either be always optional or always required added
Updated by Dominic Cleal about 9 years ago
- Translation missing: en.field_release set to 63
Updated by Tom Caspy about 9 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 564b322f82ec9c4b8f6d4d1b9be82c71c801c16d.