Vote #76964
完了Security Notifications when security related things are changed
0%
説明
As a user I want to receive an email whenever something security related (e.g. my password, my account email address) is changed.
As an admin, I would like to receive also emails about global changes (e.g. "login required" disactivated) or the addition/removal of other admins.
The attached patch series against current trunk implements this. Would be great if that could be included in one of the next releases. Thanks!
journals
--------------------------------------------------------------------------------
Nice addition but maybe a bit late for 3.2.0. I'm assigning it to 3.3.0
--------------------------------------------------------------------------------
Jean-Philippe Lang wrote:
> Nice addition but maybe a bit late for 3.2.0. I'm assigning it to 3.3.0
Thanks for your feedback. 3.3.0 would be great!
After review, I'm also updating the patch series:
* replace bogus gmail address with more appropriate example.foo address
* rebase on current master (fixed a test)
* use correct time zone for mails
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fix Patch 4 so that the user whose email address is changed gets the mail (not the current user). They might differ in case an admin changes email addresses for a different user.
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fix patches 6 and 7 so that security notifications only get sent to active admins only.
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fix patch 3 to also send a security notification when the user's password is changed after a lost password.
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fix patch 7 to only send security notifications when admins are active.
--------------------------------------------------------------------------------
Adding patch 8 which allows overriding of originator and remote_ip causing a security notification and use these overrides in lost password procedure (where no real session is initiated).
--------------------------------------------------------------------------------
Feature added with a few changes, eg. we're sending one email about changed settings to all admins instead of one email to each amdin for each setting.
Thanks.
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
This is a nice feature. *How do I turn these notifications off?* Or limit the recipient list?
--------------------------------------------------------------------------------
Joel Bearden wrote:
> This is a nice feature. *How do I turn these notifications off?* Or limit the recipient list?
Please create new feature issue.
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
related_issues
relates,Closed,23369,encoding error in locales de.yml
relates,New,32193,Add turn on/off button to control sending security notifications