Item10781: context passwords_modifyable is used to determine whether to display the secretEmailEnabled message on the change email address form.

pencil
Priority: Low
Current State: Needs Developer
Released In: n/a
Target Release: patch
Applies To: Engine
Component: ChangeEmailAddress
Branches:
Reported By: IridiumScaffold
Waiting For:
Last Change By: CrawfordCurrie
The default change email address form contains the following code:
%IF{
  "context passwords_modifyable"
  then="$percentINCLUDE{\"%TOPIC%\" section=\"secretEmailEnabled\"}$percent"
  else="$percentINCLUDE{\"%TOPIC%\" section=\"secretEmailNotEnabled\"}$percent"
}%

which controls how text is rendered on that page to indicate whether or not emails are hidden. This means even if someone has turned off {AntiSpam}{HideUserDetails}, the page will still render the message "these details are kept secret" - which they patently will not be (a setting which would be used for private wikis).

This situation is confusing when setting up Foswiki, or if the page is not modified.

It would seem that the default page should be changed so the text is determined by checking the value of {AntiSpam}{HideUserDetails}, and, whether or not you can use that form at all (if back-end emails aren't modifyable should be determined either by passwords_modifyable, or by another variable which checks whether (potentially) secret email addresses are modifyable.

-- IridiumScaffold - 23 May 2011

It is correct that the context passwords_modifyable is used as a condition.

This context is set by the password manager. This is also correct (unlike what CDot said on IRC).

It requires a password manager that implements the feature of changing email address for this page to work and for the moment only the built-in htpasswd manager does this.

In all other cases you change the email address simply by changing the field in the user form.

This is exactly what the form tells you to do when you select {PasswordManager} = none in configure or you use another password manager that does not implement changing password and email address.

In principle we could in future see a manager that can set passwords but cannot set emails. Then we would need to different contexts. But for the moment such thing does not exist. LDAP auth is normally handled at a corporate level where you set your password in a central place that has nothing to do with Foswiki. And email address you cannot change. You can just set it in your user topic.

There is a small docu update related to {AntiSpam}{HideUserDetails}.

Sven/Michael/Crawford suggested an additional context to future proof the password manager concept.

-- KennethLavrsen - 24 May 2011

Not seen any action on this from KennethLavrsen so kicking back to NeedsDeveloper

-- CrawfordCurrie - 19 Feb 2015

 

ItemTemplate edit

Summary context passwords_modifyable is used to determine whether to display the secretEmailEnabled message on the change email address form.
ReportedBy IridiumScaffold
Codebase 1.1.3
SVN Range
AppliesTo Engine
Component ChangeEmailAddress
Priority Low
CurrentState Needs Developer
WaitingFor
Checkins
TargetRelease patch
ReleasedIn n/a
CheckinsOnBranches
trunkCheckins
masterCheckins
ItemBranchCheckins
Release01x01Checkins
Topic revision: r3 - 19 Feb 2015, CrawfordCurrie
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy