Details
-
Type:
New Feature
-
Status: Closed
-
Priority:
Should
-
Resolution: Won't Fix
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Complexity:Medium
Description
On the 25-Feb-2010 dev call, inspired by ticket TRUNK-451 we decided that saying a User needs to change their password (possibly including account expiration) needs to be part of the core API. If your password is disabled/expired, you should not be able to do anything in the system, even in a non-web context.
(This is related to past discussions on adding a user status that's richer than just having User.retired.)