Closed Bug 1074947 Opened 10 years ago Closed 10 years ago

[buddyup] API to edit user profiles

Categories

(support.mozilla.org :: Users and Groups, task, P2)

Product:
support.mozilla.org
Component:
Users and Groups
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
2014Q4

People

(Reporter: mythmon, Assigned: mythmon)

References

Details

(Whiteboard: u=user c=api p=1 s=2014.19) 

Clients should be able to edit user profiles via the API. A user should be able to edit their own profile. Some users should be able to edit other users' profiles.

Outstanding questions

* Who can edit other users' profiles? Admins? Mods? Superusers only?
* Do we need to add any new fields to the user profiles to support Buddyup user profiles? (These should probably be more bugs).
OS: Linux → All
Priority: -- → P2
Hardware: x86_64 → All
Target Milestone: --- → 2014Q4
This should be easy. 1pt.
Assignee: nobody → mcooper
Whiteboard: u=user c=api p= s=2014.18 → u=user c=api p=1 s=2014.18
Blocks: 1074989
(In reply to Mike Cooper [:mythmon] from comment #0)
> Clients should be able to edit user profiles via the API. A user should be
> able to edit their own profile. Some users should be able to edit other
> users' profiles.
> 
> Outstanding questions
> 
> * Who can edit other users' profiles? Admins? Mods? Superusers only?

I'd say moderators and higher, as per bug 1048119. Looping in Madalina to be sure, but that should not be blocking.

> * Do we need to add any new fields to the user profiles to support Buddyup
> user profiles? (These should probably be more bugs).

Yeah, we need at least two more fields: preferred operator, preferred handset as per bug 1074989
Flags: needinfo?(mana)
(In reply to Mike Cooper [:mythmon] from comment #0)
> * Who can edit other users' profiles? Admins? Mods? Superusers only?

It should be whatever we implement in bug 1048119. I am pretty sure it will be all users with users.edit_profile permission or similar. Then this will be assigned to the pertinent groups.
Flags: needinfo?(mana)
Assignee: mcooper → iamderekries
Assignee: iamderekries → nobody
Assignee: nobody → mcooper
Status: NEW → ASSIGNED
This needs to move to the next sprint. Didn't make it here.
Whiteboard: u=user c=api p=1 s=2014.18 → u=user c=api p=1 s=2014.19
If it makes it faster to implement, we can start by only allowing the current user to update their profile. This is the only part needed for Buddyup. And open a followup bug for the users with higher privileges.
Blocks: 1061537
Per an email thread, reminder that we need to get the user's avatar as part of this API. (setting it is out of scope for now)
PR: https://github.com/mozilla/kitsune/pull/2195

Landed: https://github.com/mozilla/kitsune/commit/72490539c7b1c552d21672e155d8fcae26ab6792

Ricky pushed this to stage earlier.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Apparently this API requires us to send the username and password. Given that we already send the token, this sounds redundant. Is there a reason for this?
Flags: needinfo?(mcooper)
Depends on: 1112575
The username and password here aren't be asked for authorization, but as required fields to update the user. That's not needed, it's a mistake in the API. I'll fix that up today.
Flags: needinfo?(mcooper)
No longer blocks: 1118688
Hey Mike,

On the profile we are missing two fields:

1) handset_type, which will be an array
2) operator

Can you add these or, should I store these in settings?
Flags: needinfo?(mcooper)
Mike on second thought, it actually makes total sense to store those values in settings.
Flags: needinfo?(mcooper)
I agree, these should be a part of settings.
You need to log in before you can comment on or make changes to this bug.