Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bring back an option for Add Users / New user the old way #19772

Open
atom-box opened this issue Sep 26, 2022 · 14 comments
Open

Bring back an option for Add Users / New user the old way #19772

atom-box opened this issue Sep 26, 2022 · 14 comments
Labels
c: Onboarding For issues that make the experience of getting Matomo up and running better. Enhancement For new feature suggestions that for example enhance Matomo's cabapilities..

Comments

@atom-box
Copy link

atom-box commented Sep 26, 2022

About twice a week we get an email asking for the old way. Could this be present as an option?

examples:

" The new 'send an invite' for my client to choose their own password isn't necessary and just adds extra painful steps."

"My clients access their stats without ever needing to know their password as they access them in the admin area of their Content Management System which is where I put in the integration to Matomo for them. It also generates a lot of emails for me which are unecessary saying they have accepted their invitation etc - they haven't - I have accepted for them as I'm jumping through email hoops to just set a password! Annoying!"

@atom-box atom-box added the Enhancement For new feature suggestions that for example enhance Matomo's cabapilities.. label Sep 26, 2022
@bx80
Copy link
Contributor

bx80 commented Sep 27, 2022

It's obviously a better security practice to have users set their own password in a secure session rather than have someone else enter a password for them and then send it (insecurely) to them. It sounds like this might not be the best approach for every scenario though.

Perhaps invite user should be the default but with an additional option (with a warning about security risks) so that an administrator can directly create the user and set a password? (maybe Matomo should suggest a quality password?). This option could then also be disabled by a config setting for sites that need to enforce high security.

@tsteur, @peterhashair Any thoughts?

@peterhashair
Copy link
Contributor

while I suggest bringing the old way back as well, maybe is too late. but my thoughts are here #19707 (comment)

@atom-box
Copy link
Author

atom-box commented Sep 29, 2022

A user asks

"can we create accounts with password directly in matomo without sending a validation mail?
Thanks in advance"

"peut'on créer des comptes avec mot de passe directement dans matomo sans envoyer de mail de validation ?
Merci d'avance"

@atom-box
Copy link
Author

atom-box commented Sep 29, 2022

A non technical user asks

"I try to create a new user but this person never receives an activation email. I tried to return and even to recreate the user but it does not change anything. I am not a developer and I am not the person who installed Matomo within the company. We don't manage ourself the exchange server of mail but I can tell you that we also use MailInblack as a solution to filter the mails and the account creation mail doesn't even reach them while it did for others.
I know by research that I am not the only one who ever got this problem so I was hoping you could tell me in general what are the issues in those situations."

@atom-box
Copy link
Author

A user has declined to update to version 4.11 because of the Create New User feature change:

4.10.1 - if we will do update, we cant set password for users - cutrrently working propertly on ver 4.10.1

@justinvelluppillai justinvelluppillai added this to the For Prioritization milestone Sep 29, 2022
@justinvelluppillai justinvelluppillai added the c: Onboarding For issues that make the experience of getting Matomo up and running better. label Sep 29, 2022
@justinvelluppillai
Copy link
Contributor

@jane-twizel this might be something we could work with Product Team on to define and deliver. If it wasn't a bit of a trade off between security and usability we might be treating this as a regression since the feature makes some valid use cases no longer possible.

@peterbo
Copy link
Contributor

peterbo commented Sep 30, 2022

There is another use-case that doesn't work anymore. If you're using the LoginLDAP plugin, and you e.g. want to create "external" accounts for the web/seo/marketing agency (which are not in your LDAP), then you'd have to enable the Login plugin.

But you can't use both plugins at the same time ("Warning: Both the Login and LoginLdap plugins are enabled! This will cause logins for LDAP users to fail, please disable the Login plugin.").

@AltamashShaikh
Copy link
Contributor

@peterbo Just FYI, the LoginLdap issue will be resolved with release of Matomo 4.12
Refer - #19717

@atom-box
Copy link
Author

atom-box commented Oct 3, 2022

A user writes:
"If I want to invite a new user the email invitation does not work."

@peterhashair
Copy link
Contributor

@atom-box we create a copy user link that should be in the next release soon.

@atom-box
Copy link
Author

Excellent -- I will spread the word. Thank you!

@atom-box
Copy link
Author

Just in case it is helpful in thinking about the User Experience, here is a sysadmin with their specific details:

PROBLEM;:
I tried to create a new user but Matomo doesn't send any email.
I want to use "local mail function" (see "Email server settings" )
because i already use a specific and working mail accunt to send
mail with my Joomla and it works fine.

Sometimes this command works: "./console core:test-email info@example.com"
But the from the page "Add new user" Matomo always fails.

Note:
I follow also these guides but i didn't resolve.
https://matomo.org/faq/how-to/faq_93/
https://matomo.org/faq/troubleshooting/faq_34856/

@justinvelluppillai
Copy link
Contributor

@atom-box we now also have this option which may help - https://matomo.org/faq/invite-a-new-user-if-email-hasnt-worked/

@scott-amgen
Copy link

scott-amgen commented Oct 28, 2022

Old way is also better for us for the following 2 reasons:

  1. Our system is integrated with LoginSAML / LoginOIDC, so that user never needs to enter their password.
  2. As of 4.11, I was not able to assign new users to groups immediately after I invite them. There seems to be some wait time between user creation and username being available in the assign user to group dropdown.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c: Onboarding For issues that make the experience of getting Matomo up and running better. Enhancement For new feature suggestions that for example enhance Matomo's cabapilities..
Projects
None yet
Development

No branches or pull requests

7 participants