Each user should access a page to edit their info: alias, email, password.

[matt]

Users can't edit their profile information. Currently users can only request a new password by clicking on "forgot password" link.

We should expose to all users the UI to edit their data:

• for normal user & admin user, can edit alias/password/email
• super user can edit its login, password, email (which updates the configuration file)
• (feature already available) super user can edit info of all users: alias, password, email.
• all editing of the profile is under a tab "My Profile" in the admin section

Therefore:

• the "Settings" link in top bar should always be shown
• for user with 'view', only show the "My Profile" tab
• for user with 'admin', show by default the "Websites" tab
• for super user, show by default the "Plugins" tab

(see redirectToIndex() in Piwik_CoreAdminHome_Controller)

This will make it easy for any plugins to add new menu entry in the admin section which will be shown for all users (not only for admin and super user)

[matt]

Note that it would be a bit complicated to have a setting "Week starts on: Monday/Sunday/Saturday" as it would mean that each user would be accessing different reports (weekly reports would have different value). Reports would have to be processed for weeks starting on Mon and weeks starting on Sun which is a performance overhead.

[matt]

(In [2036]) * Added General settings page to: enable browser archiving, define today's archive time to live (fixes #1149)

• added User settings page, that all logged in users can access to edit: Alias, email, default report to load, default date. Implemented settings in the _option table (rather than adding new fields to the table). Fixes #401 refs #526
• the super user can edit settings for the anonymous user and force the anonymous to the login screen or a specific website
• added order feature in admin menu + colored current menu + hiding menu entries that are not visible to the logged in user anyway
• improved styles of admin forms

[matt]

still open as I think

• super user should be able to change the Username
• all users should be able to change their password

[matt]

(In [2069]) Fixes #526

• Added possibility to change password, for super user and normal users
• Refactored Login to add a new hook that is meant to init the session (set the cookies). this hook is called when the password is changed.
• Added general feedback message at top of the admin screens, to let users know that changes have been successful.

[shopmaker]

I think for some admins it would make sense to disallow this function. We are managing the users' passwords in another database. The user has an interface in another application where he can change his password. Doing so, we change it in the piwik database via an api call to keep in sync.

Right now i "prevent" users to change their passwords in piwik by hiding the "password change table row" in plugins/UsersManager/templates/userSettings.tpl with css (display:none)

Since this is just a workaround, I would love to have an option to disable the possibility to change the passwords.

[shopmaker]

with this patch you can specify whether users can change their password or not.

add in config/config.inc.php:

[General]
; If set to 1, users are permitted to change their password
permit_changing_user_password = 0

[vipsoft]

shopmaker: this ticket is closed; your feature request is covered by #1568

[matt]

why would you want to not allow your users to change their pwd?