Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add endpoint in admin api to list/delete users #22

Closed
FreddyDevelop opened this issue Nov 23, 2023 · 4 comments · Fixed by #67
Closed

Add endpoint in admin api to list/delete users #22

FreddyDevelop opened this issue Nov 23, 2023 · 4 comments · Fixed by #67

Comments

@FreddyDevelop
Copy link
Contributor

Add an endpoint to the admin API to list, get and delete users (including the credentials).
@shentschel
Copy link
Collaborator

A question for clarification: As we want to introduce transactions in #23, do we also want to be able to delete users who made a transaction? Without the user we would loose some information about the person who initiated the transaction. I don't know which impact this will have on regulations and their compliance.

@FreddyDevelop
Copy link
Contributor Author

I would say yes, you can delete a user with transactions but I also think we need a way to get those transaction data. Then we can show (e.g. in Hanko Cloud) that a user has transactions and the Hanko Cloud user must confirm that he really wants to delete the user. This way we can also allow the Hanko Cloud user to download the transactions for the user before he deletes the user. What do you think @FlxMgdnz?

Also forgot to mention, each credential from each user should also be deletable from the admin api.

@FlxMgdnz
Copy link
Member

User deletion seems reasonable. I assume there's still an immutable audit log entry for each transaction, right?

@shentschel
Copy link
Collaborator

there will be one, yes but we only persist the userId in that audit log entry. Information like userName/displayname will be lost on delete.

shentschel pushed a commit that referenced this issue May 14, 2024
feat(admin): add user list/get/remove method
6521771 
* add admin user service to add user get, list and remove method
* rename misspelled file
* add router for user requests
* extend webauthn user persister
* update spec

Closes: #22
@shentschel shentschel mentioned this issue May 14, 2024
Merged
FreddyDevelop pushed a commit that referenced this issue Jun 3, 2024
@shentschel
feat(admin): add user list/get/remove method (#67)
3a1c27b 
* feat(admin): add user list/get/remove method

* add admin user service to add user get, list and remove method
* rename misspelled file
* add router for user requests
* extend webauthn user persister
* update spec

Closes: #22

* fix(review): fix review findings

* update public spec for transaction list
* cleanup public spec
  * switch tenant_id path entries with reference to component
  * add transaction tag
  * add user_id as path param
* add paging to user list in admin api call
* add paging to admin spec
* rename userid to user_id in transaction list handler

---------

Co-authored-by: Stefan Jacobi <stefan.jacobi@adesso.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(admin): add user list/get/remove method teamhanko/passkeys
3 participants
@shentschel @FlxMgdnz @FreddyDevelop