Details
-
New Feature
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
1.3.0
-
Important
Description
Background
A self-service user is a staff user assigned to a specific role which can perform certain actions. These users are used to login to the self-service web and mobile applications. The challenge is that there's no user-friendly way of creating a self-service user.
Where we are now
There's currently an open PR to the community app that allows the creation of a self-service user. In it, self-service user creation is done using the same API used to create a back-office user but while specifying a self-service role in the API call.
First, an API call is made to retrieve all available roles. These roles are presented to the admin who then selects which one is the self service role. With the role selected, an API call is made to create the self service user.
The problem
Since the admin is presented with all roles, if they select a wrong role [a non self-service role], the user will have more/less rights than they ought to.
The proposed solution
The solution is three-fold
1. Create a different template resource in the API which returns only the self-service related roles. Ref [ #https://demo.openmf.org/api-docs/apiLive.htm#users_template] i.e. Besides 'availableRoles', add a 'selfServiceRoles' in the returned data
2. With that done, update the open PR to use `selfServiceRoles`
3. The API call to create the self-service user is made to a custom endpoint, POST https://DomainName/api/v1/users/self, that evaluates that the role specified is a self-service role and then proceeds to create the user.
This card is to propose that items 1 and 3 are added to the fineract. I'm on hand to explore implementing the card if this is accepted.
Attachments
Issue Links
- links to
