Bug #5897
closed
Missing user mail address should not be required for admin updating a user
Added by Dominic Cleal over 10 years ago.
Updated over 6 years ago.
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1099988
Description of problem:
When creating a user the --mail option is not required but when updating it is.
Version-Release number of selected component (if applicable):
hammer (0.1.0)
* hammer_cli_foreman (0.1.0)
* hammer_cli_katello (0.0.3)
How reproducible:
Aways
Steps to Reproduce:
1. # hammer user create --login testuser --password userpasswd --auth-source-id 1
User created
2. # hammer user list --per-page 10000 | grep testuser
48 | testuser | |
3. # hammer user update --id 48 --login usertest
Could not update the user:
Email address can't be blank
4. # hammer user update --id 48 --login usertest --mail test@user.com
User updated
5. # hammer user list --per-page 10000 | grep "48 "
48 | usertest | | test@user.com
Actual results:
Expected results:
If the --mail is required on creation then should ensure that it is filled on update. But if it is not required on creation it should be not required when updating.
Additional info:
- Category set to Authentication
- Assignee deleted (
Dominic Cleal)
This is currently by design, so an admin can create a user without an e-mail address and they're forced to update it on their first login. I'm not sure that's a great design though and would prefer to simply make it optional. Thoughts?
- Assignee set to Tom Caspy
proposed solution - user's auth source defaults to requiring email. in case of hidden, external and LDAP auth sources, they allow blank emails. creating pull request.
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/2065 added
- Pull request deleted (
Not a bug in my opinion, only users that have never logged in the UI can be in the db without a password, as soon as they log in they have to set one.
There are two parts to this, in my opinion.
The bug here is that an admin who creates a user without an e-mail address then updates it before the user has logged in, shouldn't be required to provide the e-mail address on update. I think this is valid.
The design issue of forcing a user to set their e-mail address on login is perhaps a separate issue, but I thought when filing this that if we fixed the design, we might eliminate the bug above. My view on the design is that we should perhaps simply have the e-mail address as an optional field and not force anybody to set it - or have it required, but that'd introduce issues with certain auth sources.
- Status changed from Ready For Testing to Assigned
- Pull request added
- Pull request deleted (
https://github.com/theforeman/foreman/pull/2065)
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/2244 added
- Pull request deleted (
- Subject changed from User mail address should either be always optional or always required to Missing user mail address should not be required for admin updating a user
- Translation missing: en.field_release set to 35
- Translation missing: en.field_release deleted (
35)
- Related to Refactor #10946: User mail address should either be always optional or always required added
- Translation missing: en.field_release set to 63
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by