Uploaded image for project: 'OpenId Connect'
  1. OpenId Connect
  2. OIDC-138

Allow to configure the rights set for the user on their own profile page

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Major
    • 1.36.0
    • 1.35.0
    • Authenticator
    • None
    • Unknown

    Description

      Today all the mirror user profiles that are created on the wiki following an authentication through the OIDC authenticator have the following rights:

      • edit right is explicitly given to the user themselves only
        • admins will also be able to edit the profiles or whoever has 'admin' right at the level of XWiki space at least, because admin implies edit
      • all the other rights are inherited
        • this usually means that XWikiAllGroup - all other registered users - can see the profile page, because they inherit 'view' from the XWiki space level.
          • depending on the instance, this may be the case for the guest as well

      This new feature is about being able to configure the rights that are explicitly set at the level of the user profile page to the owner of that profile. This would mean, in practice, that by configuring this it will be possible to achieve the following (amongst other things):

      • disallow the users from modifying their own profiles
      • break inheritance for the 'view' right and make the user profiles private (admin would also be able to see the page)

      Attachments

        Activity

          People

            tmortagne Thomas Mortagne
            lucaa Anca Luca
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: