Closed 2403905 closed 3 months ago
Did you check https://owncloud.dev/services/frontend/#define-read-only-attributes ?
When you set up an external IdP you basically need to tell the web ui that certain things are readonly. I always thought that we have an environment variable to set most of the user management UI to readonly, like adding and deleting users, but I can't find it anymore.
We have the FRONTEND_LDAP_SERVER_WRITE_ENABLED env variable, according to docs setting it to false, it will result in:
FRONTEND_READONLY_USER_ATTRIBUTES additionally will allow you to disable fields that should not be edited in web but managed via the IDP
See https://owncloud.dev/services/frontend/
So from my POV everything is working as intended but hard to understand (docs related)
Thank you. It looks like a misconfiguration of the deployment example.
Describe the bug
When the ocis installation is using an external IDP like keycloak we have disalow the user menegment actions in an ocis admin menu that can confuse an admin and lead to inconsistent data. There are two cases: rename user and create a new user.
Steps to reproduce
moss
and logoutadmin
-> openadmin-settings/users
-> renamemoss
tomossNew
mossNew
admin
logout and login agen he can see two recordsmoss
andmossNew
Expected behavior
You logged in as
mossNew
. OnlymossNew
exists.Actual behavior
Login is failed. There are two rows in an ocis user setings
moss
andmossNew
Setup
ocis 5.0.5 ocis_keycloak/docker-compose.yml
```console OCIS_XXX=somevalue OCIS_YYY=somevalue PROXY_XXX=somevalue ```
Additional context
Add any other context about the problem here.