FoundKeyGang/FoundKey
FoundKeyGang/FoundKey
7
19
Fork 22
Code Issues 37 Pull requests 4 Releases Activity

Frontend: Administration Creature Comforts #242

New issue
Closed
opened 2022-11-18 22:46:24 +00:00 by sc-milo · 2 comments
sc-milo commented 2022-11-18 22:46:24 +00:00
Copy link

Just a couple of ideas that would be useful for migrating a herd of users over to Misskey from another platform since the frontend already allows generation of new user accounts.

  • Modify a User's user_profile entry (such as Email, Verification Status).

Did this by hand by editing the database already.

  • A Button to execute password reset links (to copy paste, or send via SMTP).

Can be done by requesting a password reset like a normal user from the login page.

Just a couple of ideas that would be useful for migrating a herd of users over to Misskey from another platform since the frontend already allows generation of new user accounts. - [ ] Modify a User's user_profile entry (such as Email, Verification Status). > Did this by hand by editing the database already. - [ ] A Button to execute password reset links (to copy paste, or send via SMTP). > Can be done by requesting a password reset like a normal user from the login page.
Johann150 commented 2022-11-19 12:18:18 +00:00
Owner
Copy link

I think regarding to the 1st point we need to be clear on which columns exactly may be modified by an admin. Because I think many columns should not be modified by an admin.

For example, I do not think administrators should ever reset/remove two factor authentication, because that undermines the security advantage that 2FA provides if the admin can be social engineered into resetting it. Of course the admin can still do so through the database but we should not make it easy to do so IMHO.

Regarding the 2nd point: Why can you not use the already existing password recovery process?

I think regarding to the 1st point we need to be clear on which columns exactly may be modified by an admin. Because I think many columns should not be modified by an admin. For example, I do not think administrators should ever reset/remove two factor authentication, because that undermines the security advantage that 2FA provides if the admin can be social engineered into resetting it. Of course the admin can still do so through the database but we should not make it easy to do so IMHO. Regarding the 2nd point: Why can you not use the already existing password recovery process?
Johann150 added the
feature
 label 2022-12-23 10:29:53 +00:00
Johann150 commented 2023-01-12 18:53:59 +00:00
Owner
Copy link

There already is a button to reset the user's password to a randomly generated one. See users profile -> three dot menu -> About -> "Reset password" button at end of "Moderation" section.

There already is a button to reset the user's password to a randomly generated one. See users profile -> three dot menu -> About -> "Reset password" button at end of "Moderation" section.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
refactor-deliver-actor
markdown
move-autoblock
feature/requests
context
indicator-circle-v2
v13.0.0-preview6
v13.0.0-preview5.1
v13.0.0-preview5
v13.0.0-preview4
v13.0.0-preview3
v13.0.0-preview2
v13.0.0-preview1
Labels
Clear labels   
feature

task that proposes new feature(s)

  
fix

task to fix behavioral problems in the FoundKey codebase

  
upkeep

task that should make FoundKey smaller and more maintainable

No labels
feature
fix
upkeep
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: FoundKeyGang/FoundKey#242
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?