Feature #19301: Let non admin users update their account via the REST API - Redmine

Actions

Copy link

Feature #19301

closed

Let non admin users update their account via the REST API

Added by Alex Last over 9 years ago. Updated over 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

REST API

Target version:

Start date:

Due date:

% Done:

Estimated time:

Resolution:

Fixed

Description

Using Redmine Java API library:

User user = rmf.getUserManager.getCurrentuser; user.setFirstName("new name"); rmf.getUserManager.update(user);

Error: BadAuthentication.

I believe this is because Redmine requires authorization for "update user" action, which requires admin privileges.
What it should do instead is to check permissions basing on resources. In this example user should be able to change his/her own details.

Related issues

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Redmine

Custom queries

Feature #19301

Let non admin users update their account via the REST API

Updated by Jean-Philippe Lang over 9 years ago

Updated by Go MAEDA over 4 years ago

Updated by Go MAEDA over 4 years ago