You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It's often that we need to have details about a user (name, email, authorizations, etc.). The list of users is pretty rough and is not accessible to agents without admin permissions.
Solution
Create a page to display information about a user and access actions on them.
Add a page (/users/:uid) to display information about a user (profile info + authorizations)
It must be accessible only if the current user has permission orga:see:users in the default organization of the user, or if they have permission admin:manage:users
It should allow to revoke a permission, but not to add a new one
An "Actions" menu should allow to edit the user if the current user has the permission admin:manage:users
In the list of users, add a link to the users' page
Control
Login with a user with the orga:see:users permission (and not admin:manage:users)
Access the URL of a user who is in the given organisation
Check that it works and that you can see information about the user, but not their authorizations
Check that you can't edit the user
Login with a user with the admin:manage:users permission and navigate to the URL of the same user
Check that you see their authorizations and that you can revoke them
Check that you can edit the user
The text was updated successfully, but these errors were encountered:
Problem
It's often that we need to have details about a user (name, email, authorizations, etc.). The list of users is pretty rough and is not accessible to agents without admin permissions.
Solution
Create a page to display information about a user and access actions on them.
Related to
#579
Specifications
orga:see:users
/users/:uid
) to display information about a user (profile info + authorizations)orga:see:users
in the default organization of the user, or if they have permissionadmin:manage:users
admin:manage:users
Control
orga:see:users
permission (and notadmin:manage:users
)admin:manage:users
permission and navigate to the URL of the same userThe text was updated successfully, but these errors were encountered: