<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Sep 4, 2013 at 4:34 PM, Sebastien Blanc <span dir="ltr"><<a href="mailto:scm.blanc@gmail.com" target="_blank">scm.blanc@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr">Hi,<div>Start point is this jira <a href="https://issues.jboss.org/browse/AGPUSH-282" target="_blank">https://issues.jboss.org/browse/AGPUSH-282</a> for allowing the creation of additional users/developers.</div>
<div>
In the current situation we have just one role : "developer" , so the first question is :</div><div><br></div><div>- Should a user with the role "developer" be able to create another user ?</div></div>
</blockquote><div><br></div><div>not sure an ordinary should be able to create other users</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div dir="ltr">
<div>- Should we introduce a "admin" role that can manage users (create, reset password, delete) ? </div></div></blockquote><div><br></div><div>+1 on that</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div dir="ltr"><div>- A mix of permissions ? (a developer can create other users but not remove them nor reset (except its own) password ) </div></div></blockquote><div><br></div><div>not sure on mixing. Do you have something concrete in mind? </div>
<div><br></div><div>I think it would be good if a 'developer' could be promoted to be come an 'admin' (to give an example);</div><div><br></div><div> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div dir="ltr">
<div><br></div><div>From there the second question regarding password management : </div><div>In the current situation, our default user (called "admin" , yeah a bit confusing :) ) has a temporary password that must be changed the first time he logs in.</div>
<div><br></div><div> - Do we want to keep this ?</div><div> - Shall we move to a script that creates a user(s) ?</div></div></blockquote><div><br></div><div>yeah, we have also a bug for removing what we currently have and replacing it with something more powerful:</div>
<div><a href="https://issues.jboss.org/browse/AGPUSH-223">https://issues.jboss.org/browse/AGPUSH-223</a><br></div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div dir="ltr"><div><br></div><div>- When we add a user through the admin UI, should we provide a password or should it be generated and changed on first login ?</div></div></blockquote><div><br></div><div>I like the idea from Bruno of sending an email, containing an URL for changing the password;</div>
<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr">
<div><br></div><div>In other words, I think we must concretely spec out the user management for the UPS and we could use this thread to discuss that !</div></div></blockquote><div><br></div><div>That would be great!</div>
<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div><br></div></div>
<br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br>
<br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>