User Registration semantics (enabled >< accountLocked)

grails / grails-spring-security-ui

The Spring Security UI plugin provides CRUD screens and other user management workflows.

https://grails.github.io/grails-spring-security-ui/

73 stars 97 forks source link

User Registration semantics (enabled >< accountLocked) #15

Closed wavyx closed 6 years ago

wavyx commented 12 years ago

Hi,

I have a question about the proper use of user.enabled and user.accountLocked By default the registration, create a user with enabled=true and accountLocked = true. When clicking the verification link https://github.com/grails-plugins/grails-spring-security-ui/blob/master/grails-app/controllers/grails/plugins/springsecurity/ui/RegisterController.groovy accountLocked is set to false.

This works but I wonder if by default, it should not be user.enabled = false and user.accountLocked = false. Locking is a manual decision to prohibit user access, enabled sounds the right place to handle opt-in registrations.

What do you think ?

ddelponte commented 6 years ago

Thank-you @wavyx for submitting this issue and bringing your perspective to our attention.

I do not have plans to modify the way user.enabled and user.accountLocked are utilized during registration. It has worked well thus far ✨

If different functionality is desired, overriding the RegistrationController will allow you to use the fields in a way you feel makes more sense.

Thank-you again for your contribution.

wavyx commented 6 years ago

@ddelponte glad to see you're still around to update this plugin ;)

ddelponte commented 6 years ago

Thanks @wavyx ! I'm slowly chipping away at the issues :)