Opened 5 years ago

Closed 4 years ago

Last modified 3 years ago

#526 closed New feature (fixed)

Each user should access a page to edit their info: alias, email, password.

Reported by: matt Owned by: matt
Priority: critical Milestone: Piwik 0.6
Component: Core Keywords:
Cc: Sensitive: no

Description (last modified by matt)

Users can't edit their profile information. Currently users can only request a new password by clicking on "forgot password" link.

We should expose to all users the UI to edit their data:

  • for normal user & admin user, can edit alias/password/email
  • super user can edit its login, password, email (which updates the configuration file)
  • (feature already available) super user can edit info of all users: alias, password, email.
  • all editing of the profile is under a tab "My Profile" in the admin section

Therefore:

  • the "Settings" link in top bar should always be shown
  • for user with 'view', only show the "My Profile" tab
  • for user with 'admin', show by default the "Websites" tab
  • for super user, show by default the "Plugins" tab

(see redirectToIndex() in Piwik_CoreAdminHome_Controller)

This will make it easy for any plugins to add new menu entry in the admin section which will be shown for all users (not only for admin and super user)

Attachments (1)

permitChangingUserPassword.diff (2.1 KB) - added by shopmaker 4 years ago.

Download all attachments as: .zip

Change History (21)

comment:1 Changed 5 years ago by matt (mattab)

  • Description modified (diff)

comment:2 Changed 5 years ago by matt (mattab)

  • Description modified (diff)

comment:3 Changed 5 years ago by matt (mattab)

  • Priority changed from major to critical

comment:4 Changed 5 years ago by matt (mattab)

  • Description modified (diff)

comment:5 Changed 5 years ago by albass

comment:6 Changed 5 years ago by vipsoft (robocoder)

  • Milestone changed from 4- Stable release to 2- DigitalVibes
  • Sensitive unset

comment:7 Changed 5 years ago by matt (mattab)

  • Milestone changed from 2- DigitalVibes to 2 - Piwik 0.8 - A Web Analytics platform

comment:8 Changed 5 years ago by domtop

comment:9 Changed 5 years ago by vipsoft (robocoder)

  • Type changed from Bug to New feature

comment:10 Changed 4 years ago by matt (mattab)

Note that it would be a bit complicated to have a setting "Week starts on: Monday/Sunday/Saturday" as it would mean that each user would be accessing different reports (weekly reports would have different value). Reports would have to be processed for weeks starting on Mon and weeks starting on Sun which is a performance overhead.

comment:11 Changed 4 years ago by matt (mattab)

  • Milestone changed from 3 - Piwik 0.8 - A Web Analytics platform to 1 - Piwik 0.6
  • Owner set to matt

comment:12 Changed 4 years ago by matt (mattab)

(In [2036]) * Added General settings page to: enable browser archiving, define today's archive time to live (fixes #1149)

  • added User settings page, that all logged in users can access to edit: Alias, email, default report to load, default date. Implemented settings in the _option table (rather than adding new fields to the table). Fixes #401 refs #526
  • the super user can edit settings for the anonymous user and force the anonymous to the login screen or a specific website
  • added order feature in admin menu + colored current menu + hiding menu entries that are not visible to the logged in user anyway
  • improved styles of admin forms

comment:13 Changed 4 years ago by matt (mattab)

still open as I think

  • super user should be able to change the Username
  • all users should be able to change their password

comment:14 Changed 4 years ago by matt (mattab)

  • Resolution set to fixed
  • Status changed from new to closed

(In [2069]) Fixes #526

  • Added possibility to change password, for super user and normal users
  • Refactored Login to add a new hook that is meant to init the session (set the cookies). this hook is called when the password is changed.
  • Added general feedback message at top of the admin screens, to let users know that changes have been successful.

comment:15 Changed 4 years ago by shopmaker

I think for some admins it would make sense to disallow this function. We are managing the users' passwords in another database. The user has an interface in another application where he can change his password. Doing so, we change it in the piwik database via an api call to keep in sync.

Right now i "prevent" users to change their passwords in piwik by hiding the "password change table row" in plugins/UsersManager/templates/userSettings.tpl with css (display:none)

Since this is just a workaround, I would love to have an option to disable the possibility to change the passwords.

Changed 4 years ago by shopmaker

comment:16 Changed 4 years ago by shopmaker

with this patch you can specify whether users can change their password or not.

add in config/config.inc.php:

[General]
; If set to 1, users are permitted to change their password
permit_changing_user_password = 0

comment:17 Changed 4 years ago by vipsoft (robocoder)

shopmaker: this ticket is closed; your feature request is covered by #1568

comment:18 Changed 3 years ago by matt (mattab)

why would you want to not allow your users to change their pwd?

comment:19 Changed 3 years ago by jackiboa

comment:20 Changed 3 years ago by jackiboa

Note: See TracTickets for help on using tickets.