[keycloak-dev] Readonly UserModel
Bruno Oliveira
bruno at abstractj.org
Thu Aug 11 15:12:02 EDT 2016
Ahoy, after exploring some ideas I implemented the initial draft[1] for KEYCLOAK-3060[2]. Before submitting any changes, I would like some feedback.
- Motivation
Disable input fields when read-only federation providers like SSSD or LDAP (read-only mode) are enabled.
Another alternative would be just hide sections which people are not supposed to edit. For example: account, OTP and password section.
To be honest, I'm 50/50 about it, because hiding sections could be confusing to users.
- Pros
* Users won't get frustrated trying to update their profile, to later find out that's not possible.
* Input fields will truly represent what our user is, into other words, read-only
- Cons
* UserModel from my perspective is the only possible place to introduce this change[3] (I can be wrong). The drawback is that the change will affect all the implementing classes.
- Options
1. If you are fine with the changes here[1]. I could do some clean up, write the proper integration tests and work to get it merged.
2. Do nothing and leave it as is.
Thoughts?
[1] - https://github.com/abstractj/keycloak/tree/KEYCLOAK-3060
[2] - https://issues.jboss.org/browse/KEYCLOAK-3060
[3] - https://github.com/abstractj/keycloak/blob/af30b4da101fd7f7775e74b93c6da2f611d364ae/server-spi/src/main/java/org/keycloak/models/UserModel.java#L61-L64
--
abstractj
PGP: 0x84DC9914
More information about the keycloak-dev
mailing list