Canonical SSO provider

allow admin to delete/invalidate a user's 2-f device

Bug #911949 reported by Ricardo Kirkner on 2012-01-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Canonical SSO provider	Fix Released	High	Stuart Metcalfe	Canonical SSO provider 2-factor-internal-production-ready

Bug Description

User story:

As a SSO admin, I want to be able to delete a 2nd factor device from a user's individual admin page so that I can respond quickly to reported loss/theft.

Details:

List all 2-f auth devices a user has registered in the user's account page in the admin, so that an administrator can easily remove or invalidate a device upon request by an user.

For deletion, a link/button should be available. For invalidation, a checkbox or status dropdown could be used.

Tags:

Related branches

lp:~canonical-isd-hackers/canonical-identity-provider/add-2f-to-account-admin

Merged into lp:canonical-identity-provider/release

Michael Foord (community): Approve on 2012-02-10

lp:~canonical-isd-hackers/canonical-identity-provider/add-2f-to-account-admin-test-fixes

Merged into lp:canonical-identity-provider/release at revision 328

Canonical ISD hackers: Pending requested 2012-02-10

Ricardo Kirkner (ricardokirkner) on 2012-01-10

Changed in canonical-identity-provider:
importance:	Undecided → Medium
status:	New → Triaged

David Owen (dsowen) on 2012-01-10

tags:

added: kb-feature sp-1

Stuart Metcalfe (stuartmetcalfe) on 2012-01-23

Changed in canonical-identity-provider:
milestone:	none → 2-factor-internal-production-ready

David Owen (dsowen) on 2012-02-08

Changed in canonical-identity-provider:
importance:	Medium → High

Revision history for this message

Stuart Metcalfe (stuartmetcalfe) wrote on 2012-02-10:

Adding an inline form to the account admin ui gives us add, edit and delete for free

Changed in canonical-identity-provider:
assignee:	nobody → Stuart Metcalfe (stuartmetcalfe)

Revision history for this message

Stuart Metcalfe (stuartmetcalfe) wrote on 2012-02-10:

I've gone for deletion, not invalidation, as invalidation would (presumably) require a new db field.

Revision history for this message

Stuart Metcalfe (stuartmetcalfe) wrote on 2012-02-10:

Screenshot at 2012-02-10 12:08:24.png Edit (91.8 KiB, image/png)

Screenshot shows the proposed inline admin form

David Owen (dsowen) on 2012-02-10

Changed in canonical-identity-provider:
status:	Triaged → In Progress

Stuart Metcalfe (stuartmetcalfe) on 2012-02-10

Changed in canonical-identity-provider:
status:	In Progress → Fix Committed

Ricardo Kirkner (ricardokirkner) on 2012-03-05

Changed in canonical-identity-provider:
status:	Fix Committed → Fix Released

David Owen (dsowen) on 2012-04-12

Changed in canonical-identity-provider:
status:	Fix Released → Fix Committed

David Owen (dsowen) on 2012-04-12

Changed in canonical-identity-provider:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Screenshot at 2012-02-10 12:08:24.png Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.