Opened 6 years ago

Closed 6 years ago

#1930 closed new feature (fixed)

Allow user email address change by admins

Reported by: planetcruiser Owned by: shevek
Priority: critical Milestone: 1.5
Component: BW Admin Keywords:
Cc: jsfan, pablobd

Description

Issue:

  • Support got a number of requests by users to change their account's email address
  • No admin interface for this exists, email addresses need to be changed manually on the live database via BwUserEmailChange

Solution:

  • Add permission for "Can change user email address"
  • Either allow address change on /members/<username>/adminedit or add new volunteer tool /admin/user

Notes:

  • This is relatively urgent, because there is a queue of at least 5 people waiting for their email address to be changed, so an inclusion in the 1.5 milestone would be good. May the release coordinator please assign.

Attachments (1)

patch1930.diff (2.7 KB) - added by shevek 6 years ago.
Allow admin to edit email address as well.

Download all attachments as: .zip

Change History (30)

comment:1 Changed 6 years ago by planetcruiser

  • Owner set to planetcruiser
  • Status changed from new to accepted

i commit to get this done this week

comment:2 Changed 6 years ago by shevek

  • Milestone set to 1.5

Added milestone 1.5.

comment:3 follow-up: Changed 6 years ago by shevek

Wouldn't it be better to reset the password of these users and let them change their email addresses?

That would be much safer than the BwUserEmailChange query and could be done with a volunteer query I guess.

comment:4 in reply to: ↑ 3 ; follow-up: Changed 6 years ago by planetcruiser

Replying to shevek:

Wouldn't it be better to reset the password of these users and let them change their email addresses?

how do you send them the new password?

That would be much safer than the BwUserEmailChange query and could be done with a volunteer query I guess.

does a BwUserEmailChange already exist? i can't find anything by that name.

comment:5 Changed 6 years ago by planetcruiser

  • Priority changed from major to critical

i would like to make this critical, because it is stopping several users from using bw at the moment. jsfan, feel free to downgrade again, but i feel it should get priority and i can work on this as stated in comment:1

comment:6 Changed 6 years ago by jsfan

No objections. Just hold off on pushing until all tickets currently in develop have passed local_testing.

comment:7 Changed 6 years ago by planetcruiser

sounds like an excellent idea. will do. we are nearing the 5 ticket release! :)

comment:8 in reply to: ↑ 4 Changed 6 years ago by shevek

Replying to shevek:

Wouldn't it be better to reset the password of these users and let them change their email addresses?

how do you send them the new password?

How do we know they have the problem? As they obviously communicate with support and support would set the new password, they could sent the password as well.

That would be much safer than the BwUserEmailChange query and could be done with a volunteer query I guess.

does a BwUserEmailChange already exist? i can't find anything by that name.

Probably not. I don't have the real sqlforvolunteers table I guess.

I only followed the link in the description and checked the query and think that PASSWORD('newpassword') is simpler.

comment:9 Changed 6 years ago by shevek

Any news here?

comment:10 Changed 6 years ago by jsfan

As you have announced that you will sign out for a while and don't seem to have committed anything to your clone, yet, I suspect you will not be able to get this patch in in time. I might have a look at it myself today and/or tomorrow and either submit something myself or offload this ticket from 1.5.

comment:11 Changed 6 years ago by shevek

  • Owner changed from planetcruiser to shevek
  • Status changed from accepted to assigned

Taken over from Meinhard.

Adding a tool to administer users like the former update mandatory but for now limited to editing email addresses of a member.

comment:12 Changed 6 years ago by shevek

  • Status changed from assigned to local_testing

This needs a new row in the rights table (see http://trac.bewelcome.org/wiki/DatabaseChanges)

Commit: https://gitorious.org/bewelcome/rox/commit/97c18b277e03284cbf68646cd151036cf7529df2

Replace Adminmandatory in the volunteer menu with 'Change email': https://gitorious.org/bewelcome/rox/commit/44995877a834c1a1b0c8ae3803b4b8eca01fa3ab

Please test locally.

comment:13 Changed 6 years ago by crumbking

Not sure will importing the rights table I have seen "Cryptation"

Check the explanation it was doing what we wanna do in this ticket now ;-)

comment:14 Changed 6 years ago by shevek

Well, it says that you may change the values in the crypted table. But as far as I see it doesn't provide an interface to update the fields by itself.

But it might be a good idea to test with a member that only has 'Profile' rights and not cryptation to see if that works.

comment:15 Changed 6 years ago by crumbking

okay added the profile right. But why another interface?

We can edit already almost everything via admin edit. We should simply add the functionality to decrypt the mail value.

/members/USERNAME/adminedit

comment:16 Changed 6 years ago by shevek

The only reason I added a new tool was that I thought none existed... I obviously misread the sentence 'Either using .../adminedit or a new tool below /admin/...

So we probably want to drop this. The attached fix allows the admin to edit the member's email address.

Last edited 6 years ago by shevek (previous) (diff)

Changed 6 years ago by shevek

Allow admin to edit email address as well.

comment:17 Changed 6 years ago by jsfan

Did you want to push this patch and revert your earlier code additions?

comment:18 Changed 6 years ago by jsfan

  • Status changed from local_testing to to_alpha

I've now made your original patch live of alpha. If you push the alternative patch, I'll deploy again.

comment:19 Changed 6 years ago by jsfan

  • Status changed from to_alpha to testing

comment:20 Changed 6 years ago by shevek

I'd like to see someone testing it locally first before I push the alternative.

comment:21 Changed 6 years ago by shevek

Just checked if the changes to AdminReadCrypted? might have some side effect and one I can see is that guaka full name now shows up correctly in case of verification which would be fine I guess.

comment:22 Changed 6 years ago by shevek

Last edited 6 years ago by shevek (previous) (diff)

comment:23 Changed 6 years ago by shevek

  • Cc pablobd added

@pablo: Could you check if adminedit now also allows to change the email address (maybe just resolve one of the support tickets)?

comment:24 Changed 6 years ago by pablobd

is there a right I have to set to see this?

comment:25 Changed 6 years ago by shevek

That's just the admin right that you should already have.

comment:26 Changed 6 years ago by pablobd

It works on alpha

comment:27 Changed 6 years ago by jsfan

@pablobd: Would you mind giving some other volunteer access to this,so we can get a second successful test on alpha?

comment:28 Changed 6 years ago by shevek

That would mean admin access to the system!

comment:29 Changed 6 years ago by jsfan

  • Resolution set to fixed
  • Status changed from testing to closed

Fair enough. I'll close as fixed then.

Note: See TracTickets for help on using tickets.