Allow password change while prevent other account changes

matthias sartor 5 years ago updated by Vlad R 5 years ago 4


if a user (role) has the permission "User can change the password", but not the permission "User can change personal information", and the setting "Require user to change the password" is set when creating the user, the popup upon initial user login to change the pwd does not come up.

If the permission "User can change personal information" is added, it works. Does this make sense in that combination? I might want to pre-define my user names, emails, etc but would like to give them control only on their pwd.




I've edited the title and changed it into a feature request. As noticed, the password changing permissions is indeed dependent on the "User can change personal information" permission, although not obvious from the settings.

We'll allow the two permissions to function independently, with the next update.

Thanks for pointing it out!

Thanks Vlad! It might also make change to be able to still change personal information, but not the user ID. Usually, user ID should be chosen once (either by inviting admin or by user upon initial user creation) - my opinion. So maybe it would be nice to be at least able to also toggle user ID change with an own independent permission. What do you think?

No user (other than the admins, who can access the control panel) can currently change his own username (if that is what you mean by ID).