Ahoy, after exploring some ideas I implemented the initial draft[1] for KEYCLOAK-3060[2].
Before submitting any changes, I would like some feedback.
- Motivation
Disable input fields when read-only federation providers like SSSD or LDAP (read-only
mode) are enabled.
Another alternative would be just hide sections which people are not supposed to edit. For
example: account, OTP and password section.
To be honest, I'm 50/50 about it, because hiding sections could be confusing to
users.
- Pros
* Users won't get frustrated trying to update their profile, to later find out
that's not possible.
* Input fields will truly represent what our user is, into other words, read-only
- Cons
* UserModel from my perspective is the only possible place to introduce this change[3] (I
can be wrong). The drawback is that the change will affect all the implementing classes.
- Options
1. If you are fine with the changes here[1]. I could do some clean up, write the proper
integration tests and work to get it merged.
2. Do nothing and leave it as is.
Thoughts?
[1] -
https://github.com/abstractj/keycloak/tree/KEYCLOAK-3060
[2] -
https://issues.jboss.org/browse/KEYCLOAK-3060
[3] -
https://github.com/abstractj/keycloak/blob/af30b4da101fd7f7775e74b93c6da2...
--
abstractj
PGP: 0x84DC9914