[MEN-4046] Readonly user can not edit his own profile - Northern.tech AS

XML

Word

Printable

Details

Type: Bug
Status: Done
Priority: (None)
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.6.0
Labels:
- Backend

Sprint:
MEN Sprint 127
Story Points:
1
Backlog:
yes
Days in progress:
1

Description

A user restricted by the readonly role is not allowed to change his own 1) email, 2) password nor 3) 2FA settings. The error message is shown in the attachment. I verified that adding Admin / PERMIT_ALL permissions to this same user allowed him to complete these steps.

All users, including readonly limited, should be allowed to change these three things about their own profile. We probably need to make an exception so that any user can update any of these fields regardless of their roles assigned.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

Screenshot from 2020-10-14 10-03-25.png
59 kB
14/Oct/20 7:08 PM

Release management

Activity

People

Assignee:: Fabio Tranchitella

Reporter:: Eystein Maloy Stenberg

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 14/Oct/20 7:07 PM

Updated:: 16/Dec/20 12:13 PM

Resolved:: 16/Dec/20 12:13 PM