Modify

Opened 10 years ago

Last modified 8 years ago

#12053 new defect

Users without password aren't displayed in dialogs

Reported by: Dirk Stöcker Owned by:
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords:
Cc: Trac Release:

Description

When a username has no password in PWD database, then it is not displayed in the auth-manager admin panels. This especially makes in impossible to delete or fix such accounts.

Fix these accounts should be displayed (e.g. in red) and it should be possible to remove them and also to set passwords for them.

Attachments (0)

Change History (5)

comment:1 in reply to:  description Changed 10 years ago by Steffen Hoffmann

Replying to stoecker:

When a username has no password in PWD database, then it is not displayed in the auth-manager admin panels. This especially makes in impossible to delete or fix such accounts.

Password stores do not necessarily reveal, for which username they hold a password. IIRC this has been true for LDAP-backed stores, maybe others too.

If there is no way to list available users other than querying Trac db table session, this would still only reveal those, who logged-in at least once. So what do you have in mind here, fix-up for incomplete account deletion as done by previous account manager versions?

Fix these accounts should be displayed (e.g. in red) and it should be possible to remove them and also to set passwords for them.

Again, none of these actions might work with these LDAP-backed stores mentioned above. But you're not looking at such a store here, right?

comment:2 Changed 10 years ago by Dirk Stöcker

When you have a username in session and emails ins session_attribute, but both are not displayed in the user overview than something is broken:

  • I want to add a new user and get told the user already exists, but it is not in the list
  • I want to set an email for an user and get told email already exists, but it is nowhere in the list.

If there is no way to list available users other than querying Trac db table session, this would still only reveal those, who logged-in at least once. So what do you have in mind here, fix-up for incomplete account deletion as done by previous account manager versions?

That's not true. The session entry contains data even when users have never logged in.

I simply want a consistent user interface. It should not present me error messages, which are not fixable at all and hidden in some strange database details.

comment:3 in reply to:  2 Changed 10 years ago by Steffen Hoffmann

Replying to stoecker:

When you have a username in session and emails ins session_attribute, but both are not displayed in the user overview than something is broken:

  • I want to add a new user and get told the user already exists, but it is not in the list
  • I want to set an email for an user and get told email already exists, but it is nowhere in the list.

If there is no way to list available users other than querying Trac db table session, this would still only reveal those, who logged-in at least once. So what do you have in mind here, fix-up for incomplete account deletion as done by previous account manager versions?

That's not true. The session entry contains data even when users have never logged in.

True, point taken, i. e. for (only) administratively added or (self-)registered user accounts.

I simply want a consistent user interface. It should not present me error messages, which are not fixable at all and hidden in some strange database details.

Will take care of this. It might fit into changes required by #11879 anyway.

comment:4 Changed 10 years ago by Ryan J Ollos

Cc: anonymous removed

comment:5 Changed 8 years ago by Ryan J Ollos

Owner: Steffen Hoffmann deleted

Modify Ticket

Change Properties
Set your email in Preferences
Action
as new The ticket will remain with no owner.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.