Question -- How does a normal user change there own password??
Locked
Question -- How does a normal user change there own password??
 
|
Hi Philip,
has there been any improvement on this? I need the "change my password" feature for standard backend users (non admin) and I wonder if it has been decided how to implement it. Thank you, -Bruno ---------- Forwarded message ---------- From: Jacques Le Roux <[hidden email]> Date: 2008/8/21 Subject: Re: Question -- How does a normal user change there own password?? To: [hidden email], "Philip W. Dalrymple III" <[hidden email]> I guess they are aware now... Jacques From: "Philip W. Dalrymple" <[hidden email]> > Understood > How do I get in touch with Hans and Adrain, this is an area that > I might be able to add a small bit of manpower to but don't want > to either step on toes or re-invent the wheel on. > > > ----- Original Message ----- > From: "BJ Freeman" <[hidden email]> > To: [hidden email] > Sent: Thursday, August 21, 2008 8:05:43 AM GMT -05:00 US/Canada Eastern > Subject: Re: Question -- How does a normal user change there own password?? > > your are right it is something that is just being address. there is not > a lot of manpower to move it forward fast > currently Hans and Adrain are the ones that are involved in it. > I am more from a interested party but not involved. > The My page has profile info on it. > you just have to remove the permission for partymager from those that > you don't want to have access. > But there are other companies i have worked for that want everyone to > see everything. > so it is more once the installation goes in how security will be handled. > > Philip W. Dalrymple sent the following on 8/21/2008 4:53 AM: > >> I found the place in party (user name edit). >> >> I would think that, for most internal (backoffice) user, this is >> not a place that the admin would want to allow access even to there >> own login. I would think that most users would NOT have access to the >> user login edit rights even if they can modify other "party" data and >> I would think that most internal users would not have general party edit >> rights (they might change party data via other interfaces that are more >> limited). >> >> Am I missing something or is this just a place that has not been worked >> on in OfBiz much yet. >> >> I do note that in the "banner" at the top right there are two items that >> I would expect to be a part of the "users profile", time zone, and >> language. >> >> >> ----- Original Message ----- >> From: "Jacques Le Roux" <[hidden email]> >> To: [hidden email] >> Sent: Wednesday, August 20, 2008 9:30:34 AM GMT -05:00 US/Canada Eastern >> Subject: Re: Question -- How does a normal user change there own >> password?? >> >> This is done in the person's profile (in Party) in "User Name(s)" section >> : edit on login line >> >> Jacques >> >> From: "Philip W. Dalrymple" <[hidden email]> >> To: <[hidden email]> >> Sent: Wednesday, August 20, 2008 2:50 PM >> Subject: Re: Question -- How does a normal user change there own >> password?? >> >> >> I was not thinking about customers, (we would only have "backend" users) >>> >>> for a internal users who needs to change there password (say because of >>> company rules or just because they want to) should there be a way for >>> them to change passwords? >>> >>> (I tend to use the term "internal" user to refer to people who work >>> for the company who runs the system) >>> >>> >>> ----- Original Message ----- >>> From: "BJ Freeman" <[hidden email]> >>> To: [hidden email] >>> Sent: Wednesday, August 20, 2008 7:37:06 AM GMT -05:00 US/Canada Eastern >>> Subject: Re: Question -- How does a normal user change there own >>> password?? >>> >>> There was, at on time, an added dialog on the login, that allow the user >>> to request a new login if they had lost it. >>> a "customer" can not access the back end except for order status. >>> there has been talk on the dev list about letting the "customer" use the >>> new mypage feature that give them access to their profile. >>> this, at this time, is not the case. >>> >>> Philip W. Dalrymple sent the following on 8/20/2008 3:46 AM: >>> >>>> I am looking at OfBiz (current SVN head or as of a few days ago) >>>> and don't see how a normal user is supposed to change there password >>>> >>>> I see in the party section where a admin can change the password and >>>> found that when a user is created the admin creating the user can force >>>> a password change on the user but I can't find how a normal (non admin) >>>> user is supposed to change there own password. >>>> >>>> Also there does not appear to be a way for the admin to re-set a users >>>> password and then force them to change there password the next time the >>>> user logs in (except via the "Entity Engine Tools" in the web tools >>>> app. >>>> >>>> Am I just missing something or is this a missing bit of OfBiz? >>>> >>>> >>> >>> -- >>> This email, and any files transmitted with it, is confidential and >>> intended solely for the use of the individual or entity to whom they are >>> addressed. If you have received this email in error, please advise >>> [hidden email] <mailto:[hidden email]>. >>> >>> New MDT Software Headquarters (As of July 1, 2008): >>> 3480 Preston Ridge Road >>> Suite 450 >>> Alpharetta, GA 30005 >>> >>> >>> Philip W. Dalrymple III <[hidden email]> >>> MDT Software - The Change Management Company >>> +1 678 297 1001 >>> Fax +1 678 297 1003 >>> >>> >> >> > > > -- > This email, and any files transmitted with it, is confidential and intended > solely for the use of the individual or entity to whom they are addressed. > If you have received this email in error, please advise > [hidden email] <mailto:[hidden email]>. > > New MDT Software Headquarters (As of July 1, 2008): > 3480 Preston Ridge Road > Suite 450 > Alpharetta, GA 30005 > > > Philip W. Dalrymple III <[hidden email]> > MDT Software - The Change Management Company > +1 678 297 1001 > Fax +1 678 297 1003 > > |
Re: Question -- How does a normal user change there own password??
|
|
a user that has the permissions to see their profile can change their
password thru https://localhost:8443/mypage/control/editlogin and be able to access this thru https://localhost:8443/mypage/control/main the user has to have mypage permission. I just tested this. Note: they can not change their permissions. Should be on the user mailing list Bruno Busco sent the following on 9/20/2008 10:45 PM: > Hi Philip, > has there been any improvement on this? > I need the "change my password" feature for standard backend users (non > admin) and I wonder if it has been decided how to implement it. > Thank you, > -Bruno > > > > ---------- Forwarded message ---------- > From: Jacques Le Roux <[hidden email]> > Date: 2008/8/21 > Subject: Re: Question -- How does a normal user change there own password?? > To: [hidden email], "Philip W. Dalrymple III" <[hidden email]> > > > I guess they are aware now... > > > Jacques > > From: "Philip W. Dalrymple" <[hidden email]> > >> Understood >> How do I get in touch with Hans and Adrain, this is an area that >> I might be able to add a small bit of manpower to but don't want >> to either step on toes or re-invent the wheel on. >> >> >> ----- Original Message ----- >> From: "BJ Freeman" <[hidden email]> >> To: [hidden email] >> Sent: Thursday, August 21, 2008 8:05:43 AM GMT -05:00 US/Canada Eastern >> Subject: Re: Question -- How does a normal user change there own password?? >> >> your are right it is something that is just being address. there is not >> a lot of manpower to move it forward fast >> currently Hans and Adrain are the ones that are involved in it. >> I am more from a interested party but not involved. >> The My page has profile info on it. >> you just have to remove the permission for partymager from those that >> you don't want to have access. >> But there are other companies i have worked for that want everyone to >> see everything. >> so it is more once the installation goes in how security will be handled. >> >> Philip W. Dalrymple sent the following on 8/21/2008 4:53 AM: >> >>> I found the place in party (user name edit). >>> >>> I would think that, for most internal (backoffice) user, this is >>> not a place that the admin would want to allow access even to there >>> own login. I would think that most users would NOT have access to the >>> user login edit rights even if they can modify other "party" data and >>> I would think that most internal users would not have general party edit >>> rights (they might change party data via other interfaces that are more >>> limited). >>> >>> Am I missing something or is this just a place that has not been worked >>> on in OfBiz much yet. >>> >>> I do note that in the "banner" at the top right there are two items that >>> I would expect to be a part of the "users profile", time zone, and >>> language. >>> >>> >>> ----- Original Message ----- >>> From: "Jacques Le Roux" <[hidden email]> >>> To: [hidden email] >>> Sent: Wednesday, August 20, 2008 9:30:34 AM GMT -05:00 US/Canada Eastern >>> Subject: Re: Question -- How does a normal user change there own >>> password?? >>> >>> This is done in the person's profile (in Party) in "User Name(s)" section >>> : edit on login line >>> >>> Jacques >>> >>> From: "Philip W. Dalrymple" <[hidden email]> >>> To: <[hidden email]> >>> Sent: Wednesday, August 20, 2008 2:50 PM >>> Subject: Re: Question -- How does a normal user change there own >>> password?? >>> >>> >>> I was not thinking about customers, (we would only have "backend" users) >>>> for a internal users who needs to change there password (say because of >>>> company rules or just because they want to) should there be a way for >>>> them to change passwords? >>>> >>>> (I tend to use the term "internal" user to refer to people who work >>>> for the company who runs the system) >>>> >>>> >>>> ----- Original Message ----- >>>> From: "BJ Freeman" <[hidden email]> >>>> To: [hidden email] >>>> Sent: Wednesday, August 20, 2008 7:37:06 AM GMT -05:00 US/Canada Eastern >>>> Subject: Re: Question -- How does a normal user change there own >>>> password?? >>>> >>>> There was, at on time, an added dialog on the login, that allow the user >>>> to request a new login if they had lost it. >>>> a "customer" can not access the back end except for order status. >>>> there has been talk on the dev list about letting the "customer" use the >>>> new mypage feature that give them access to their profile. >>>> this, at this time, is not the case. >>>> >>>> Philip W. Dalrymple sent the following on 8/20/2008 3:46 AM: >>>> >>>>> I am looking at OfBiz (current SVN head or as of a few days ago) >>>>> and don't see how a normal user is supposed to change there password >>>>> >>>>> I see in the party section where a admin can change the password and >>>>> found that when a user is created the admin creating the user can force >>>>> a password change on the user but I can't find how a normal (non admin) >>>>> user is supposed to change there own password. >>>>> >>>>> Also there does not appear to be a way for the admin to re-set a users >>>>> password and then force them to change there password the next time the >>>>> user logs in (except via the "Entity Engine Tools" in the web tools >>>>> app. >>>>> >>>>> Am I just missing something or is this a missing bit of OfBiz? >>>>> >>>>> >>>> -- >>>> This email, and any files transmitted with it, is confidential and >>>> intended solely for the use of the individual or entity to whom they are >>>> addressed. If you have received this email in error, please advise >>>> [hidden email] <mailto:[hidden email]>. >>>> >>>> New MDT Software Headquarters (As of July 1, 2008): >>>> 3480 Preston Ridge Road >>>> Suite 450 >>>> Alpharetta, GA 30005 >>>> >>>> >>>> Philip W. Dalrymple III <[hidden email]> >>>> MDT Software - The Change Management Company >>>> +1 678 297 1001 >>>> Fax +1 678 297 1003 >>>> >>>> >>> >> >> -- >> This email, and any files transmitted with it, is confidential and intended >> solely for the use of the individual or entity to whom they are addressed. >> If you have received this email in error, please advise >> [hidden email] <mailto:[hidden email]>. >> >> New MDT Software Headquarters (As of July 1, 2008): >> 3480 Preston Ridge Road >> Suite 450 >> Alpharetta, GA 30005 >> >> >> Philip W. Dalrymple III <[hidden email]> >> MDT Software - The Change Management Company >> +1 678 297 1001 >> Fax +1 678 297 1003 >> >> > |
Adding permission so MYPAGE_EMPLOYEE group can edit password like in 691430 Was ==>Question -- How does a normal user change there own password??
|
|
In light of this I agree that this should be on dev list.
Hans: in 691430 I am able to change the userlogin with just the MYPAGE_EMPLOYEE. As Bruno pointed out the current Svn does not allow this. Solution would be to have a Permission to allow editing ones login. the default is that permission is not set in the MYPAGE_EMPLOYEE but can be added. BJ Freeman sent the following on 9/21/2008 3:26 AM: > I remember adrian and hans having a converstaion on the dev list about > this. some weeks ago. > > BJ Freeman sent the following on 9/21/2008 2:29 AM: >> I validated you findings on the demo server. >> I compared the security permission for the group and see no difference >> so I assume the security permission for the user login has been changed >> since >> svn 691430 >> but I don't have time to check it out the commit list as to when or how. >> >> >> Bruno Busco sent the following on 9/21/2008 2:09 AM: >>> I may be blind, >>> I am trying also with https://demo.hotwaxmedia.com/mypage using user >>> DemoEmployee >>> I can't find the edit userlogin button. >>> -Bruno >>> >>> 2008/9/21 BJ Freeman <[hidden email]> >>> >>>> My understanding of Dev is if it has to do with changing the design of >>>> ofbiz >>>> I may be wrong but this sounds more like a bug. >>>> that could be dev but I see as user >>>> I am open to a clarification. >>>> :D >>>> my permission is MYPAGE_EMPLOYEE only. >>>> So only mypage and projects show when the user logs in. >>>> I am taken to the My page. >>>> I click on profile >>>> then edit userlogin >>>> when I click on save i get no error messages. >>>> >>>> this is with svn 691430 >>>> >>>> >>>> Bruno Busco sent the following on 9/21/2008 12:50 AM: >>>>> Hi BJ, >>>>> I have created a new user and given him the following permission: >>>>> CATALOG_VIEW, MYPAGE_EMPLOYEE, OFBTOOLS_VIEW, ORDERMGR_VIEW >>>>> >>>>> the UI button to go the editlogin is not present anywhere. >>>>> if I put the url https://localhost:8443/mypage/control/editloginmanually I >>>>> get the screen but I get a getUserPreferences service error when I press >>>> the >>>>> "save" button. >>>>> >>>>> I switch, as suggested, the thread back to the user ML but I definetely >>>>> think its a dev issue ;-) >>>>> >>>>> Thank you, >>>>> Bruno >>>>> >>>>> >>>>> ---------- Forwarded message ---------- >>>>> From: BJ Freeman <[hidden email]> >>>>> Date: 2008/9/21 >>>>> Subject: Re: Question -- How does a normal user change there own >>>> password?? >>>>> To: [hidden email] >>>>> Cc: [hidden email] >>>>> >>>>> >>>>> a user that has the permissions to see their profile can change their >>>>> password thru >>>>> https://localhost:8443/mypage/control/editlogin >>>>> and be able to access this thru >>>>> https://localhost:8443/mypage/control/main >>>>> the user has to have mypage permission. >>>>> I just tested this. >>>>> Note: they can not change their permissions. >>>>> Should be on the user mailing list >>>>> >>>>> >>>>> Bruno Busco sent the following on 9/20/2008 10:45 PM: >>>>>> Hi Philip, >>>>>> has there been any improvement on this? >>>>>> I need the "change my password" feature for standard backend users (non >>>>>> admin) and I wonder if it has been decided how to implement it. >>>>>> Thank you, >>>>>> -Bruno >>>>>> >>>>>> >>>>>> >>>>>> ---------- Forwarded message ---------- >>>>>> From: Jacques Le Roux <[hidden email]> >>>>>> Date: 2008/8/21 >>>>>> Subject: Re: Question -- How does a normal user change there own >>>>> password?? >>>>>> To: [hidden email], "Philip W. Dalrymple III" <[hidden email]> >>>>>> >>>>>> >>>>>> I guess they are aware now... >>>>>> >>>>>> >>>>>> Jacques >>>>>> >>>>>> From: "Philip W. Dalrymple" <[hidden email]> >>>>>> >>>>>>> Understood >>>>>>> How do I get in touch with Hans and Adrain, this is an area that >>>>>>> I might be able to add a small bit of manpower to but don't want >>>>>>> to either step on toes or re-invent the wheel on. >>>>>>> >>>>>>> >>>>>>> ----- Original Message ----- >>>>>>> From: "BJ Freeman" <[hidden email]> >>>>>>> To: [hidden email] >>>>>>> Sent: Thursday, August 21, 2008 8:05:43 AM GMT -05:00 US/Canada Eastern >>>>>>> Subject: Re: Question -- How does a normal user change there own >>>>> password?? >>>>>>> your are right it is something that is just being address. there is not >>>>>>> a lot of manpower to move it forward fast >>>>>>> currently Hans and Adrain are the ones that are involved in it. >>>>>>> I am more from a interested party but not involved. >>>>>>> The My page has profile info on it. >>>>>>> you just have to remove the permission for partymager from those that >>>>>>> you don't want to have access. >>>>>>> But there are other companies i have worked for that want everyone to >>>>>>> see everything. >>>>>>> so it is more once the installation goes in how security will be >>>> handled. >>>>>>> Philip W. Dalrymple sent the following on 8/21/2008 4:53 AM: >>>>>>> >>>>>>>> I found the place in party (user name edit). >>>>>>>> >>>>>>>> I would think that, for most internal (backoffice) user, this is >>>>>>>> not a place that the admin would want to allow access even to there >>>>>>>> own login. I would think that most users would NOT have access to the >>>>>>>> user login edit rights even if they can modify other "party" data and >>>>>>>> I would think that most internal users would not have general party >>>> edit >>>>>>>> rights (they might change party data via other interfaces that are >>>> more >>>>>>>> limited). >>>>>>>> >>>>>>>> Am I missing something or is this just a place that has not been >>>> worked >>>>>>>> on in OfBiz much yet. >>>>>>>> >>>>>>>> I do note that in the "banner" at the top right there are two items >>>> that >>>>>>>> I would expect to be a part of the "users profile", time zone, and >>>>>>>> language. >>>>>>>> >>>>>>>> >>>>>>>> ----- Original Message ----- >>>>>>>> From: "Jacques Le Roux" <[hidden email]> >>>>>>>> To: [hidden email] >>>>>>>> Sent: Wednesday, August 20, 2008 9:30:34 AM GMT -05:00 US/Canada >>>> Eastern >>>>>>>> Subject: Re: Question -- How does a normal user change there own >>>>>>>> password?? >>>>>>>> >>>>>>>> This is done in the person's profile (in Party) in "User Name(s)" >>>>> section >>>>>>>> : edit on login line >>>>>>>> >>>>>>>> Jacques >>>>>>>> >>>>>>>> From: "Philip W. Dalrymple" <[hidden email]> >>>>>>>> To: <[hidden email]> >>>>>>>> Sent: Wednesday, August 20, 2008 2:50 PM >>>>>>>> Subject: Re: Question -- How does a normal user change there own >>>>>>>> password?? >>>>>>>> >>>>>>>> >>>>>>>> I was not thinking about customers, (we would only have "backend" >>>>> users) >>>>>>>>> for a internal users who needs to change there password (say because >>>> of >>>>>>>>> company rules or just because they want to) should there be a way for >>>>>>>>> them to change passwords? >>>>>>>>> >>>>>>>>> (I tend to use the term "internal" user to refer to people who work >>>>>>>>> for the company who runs the system) >>>>>>>>> >>>>>>>>> >>>>>>>>> ----- Original Message ----- >>>>>>>>> From: "BJ Freeman" <[hidden email]> >>>>>>>>> To: [hidden email] >>>>>>>>> Sent: Wednesday, August 20, 2008 7:37:06 AM GMT -05:00 US/Canada >>>>> Eastern >>>>>>>>> Subject: Re: Question -- How does a normal user change there own >>>>>>>>> password?? >>>>>>>>> >>>>>>>>> There was, at on time, an added dialog on the login, that allow the >>>>> user >>>>>>>>> to request a new login if they had lost it. >>>>>>>>> a "customer" can not access the back end except for order status. >>>>>>>>> there has been talk on the dev list about letting the "customer" use >>>>> the >>>>>>>>> new mypage feature that give them access to their profile. >>>>>>>>> this, at this time, is not the case. >>>>>>>>> >>>>>>>>> Philip W. Dalrymple sent the following on 8/20/2008 3:46 AM: >>>>>>>>> >>>>>>>>>> I am looking at OfBiz (current SVN head or as of a few days ago) >>>>>>>>>> and don't see how a normal user is supposed to change there password >>>>>>>>>> >>>>>>>>>> I see in the party section where a admin can change the password and >>>>>>>>>> found that when a user is created the admin creating the user can >>>>> force >>>>>>>>>> a password change on the user but I can't find how a normal (non >>>>> admin) >>>>>>>>>> user is supposed to change there own password. >>>>>>>>>> >>>>>>>>>> Also there does not appear to be a way for the admin to re-set a >>>> users >>>>>>>>>> password and then force them to change there password the next time >>>>> the >>>>>>>>>> user logs in (except via the "Entity Engine Tools" in the web tools >>>>>>>>>> app. >>>>>>>>>> >>>>>>>>>> Am I just missing something or is this a missing bit of OfBiz? >>>>>>>>>> >>>>>>>>>> >>>>>>>>> -- >>>>>>>>> This email, and any files transmitted with it, is confidential and >>>>>>>>> intended solely for the use of the individual or entity to whom they >>>>> are >>>>>>>>> addressed. If you have received this email in error, please advise >>>>>>>>> [hidden email] <mailto:[hidden email]>. >>>>>>>>> >>>>>>>>> New MDT Software Headquarters (As of July 1, 2008): >>>>>>>>> 3480 Preston Ridge Road >>>>>>>>> Suite 450 >>>>>>>>> Alpharetta, GA 30005 >>>>>>>>> >>>>>>>>> >>>>>>>>> Philip W. Dalrymple III <[hidden email]> >>>>>>>>> MDT Software - The Change Management Company >>>>>>>>> +1 678 297 1001 >>>>>>>>> Fax +1 678 297 1003 >>>>>>>>> >>>>>>>>> >>>>>>> -- >>>>>>> This email, and any files transmitted with it, is confidential and >>>>> intended >>>>>>> solely for the use of the individual or entity to whom they are >>>>> addressed. >>>>>>> If you have received this email in error, please advise >>>>>>> [hidden email] <mailto:[hidden email]>. >>>>>>> >>>>>>> New MDT Software Headquarters (As of July 1, 2008): >>>>>>> 3480 Preston Ridge Road >>>>>>> Suite 450 >>>>>>> Alpharetta, GA 30005 >>>>>>> >>>>>>> >>>>>>> Philip W. Dalrymple III <[hidden email]> >>>>>>> MDT Software - The Change Management Company >>>>>>> +1 678 297 1001 >>>>>>> Fax +1 678 297 1003 >>>>>>> >>>>>>> >> >> >> > > > > |
«
Return to OFBiz - Dev
|
1 view|%1 views
| Free forum by Nabble | Edit this page |