Return-Path: X-Original-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 05E56E82B for ; Mon, 17 Dec 2012 05:04:14 +0000 (UTC) Received: (qmail 44532 invoked by uid 500); 17 Dec 2012 05:04:13 -0000 Delivered-To: apmail-incubator-cloudstack-dev-archive@incubator.apache.org Received: (qmail 44403 invoked by uid 500); 17 Dec 2012 05:04:13 -0000 Mailing-List: contact cloudstack-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-dev@incubator.apache.org Delivered-To: mailing list cloudstack-dev@incubator.apache.org Received: (qmail 44377 invoked by uid 99); 17 Dec 2012 05:04:12 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 17 Dec 2012 05:04:12 +0000 Date: Mon, 17 Dec 2012 05:04:12 +0000 (UTC) From: "gavin lee (JIRA)" To: cloudstack-dev@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (CLOUDSTACK-648) The normal users could change their own login password MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/CLOUDSTACK-648?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13533650#comment-13533650 ] gavin lee commented on CLOUDSTACK-648: -------------------------------------- Hi, Isaac You remind me. I think it makes sense for the domain admin change following (we only talk about the password): 1. Its own password like normal user 2. The users' password who are in this domain 3. The subdomain user password 4. The subdomain admin password UI should check the user and domain co-relation to decide add entry or not. Wha't your opinion? > The normal users could change their own login password > ------------------------------------------------------ > > Key: CLOUDSTACK-648 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-648 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the default.) > Components: Management Server > Affects Versions: 4.1.0 > Environment: DevCloud2 and others > Reporter: gavin lee > Priority: Minor > Labels: changes, password, user > Fix For: 4.1.0 > > Original Estimate: 48h > Remaining Estimate: 48h > > After created normal users by administrator, using the normal users login should let them change their own password. > The easiest way to change this is enable it on the UI by changing scripts/accounts.js and changing access level for api: updateUser in file commands.properties. > If there are concerns of security, new api may be introduced. > please comment. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira