Anon7614a
Considering
Problems of managing users and admins
I found there're might be two systems/mechanisms of user management. One is signing up from xxxx.com/login page and this will by default create a new project with that user and make him as owner. Another is with OAuth/SSO or manually added by the owner, which belongs to current project.
My requirement is, there should be only one project, it has one owner and multiple admins, other normal users should create there account with OAuth. I tested and found following problems:
- Cannot directly add existing account as project admin (in the teammate page), I have to send invitation email to the corresponding email address of that user, and he has to do sign up again from the invitation url, he cannot use the existing OAuth created account to login to dashboard as this account has no way to set password (maybe the real reason is there're two different accounts, described below). But because I want only one project, it is better to not allow signing up after initializing the first project.
- Actually when signing up the email being input do not really need to be the same as the address which received the invitation, so it seems the user owns two accounts now, one for dashbord admin of the project, another for frontend usage of the same project. Even though the user input same email as his frontend OAuth account, these are still two different accounts, and the admin user has to remember yet another password. The good news is if he use same email, then jumping from dashboard to frontend will automatically use the corresponding frontend account.
- After adding new user in the dashboard (ADD button in xxxx.com/dashbord/users), it cannot login from the xxxx.com/login entry and it always says email or password incorrect. It seems this is just a frontend account so cannot login from backend. However there's no way to directly login a frontend account using email and password, so I don't know what's the meaning of manually adding users in the dashboard, is it just used for on-behalf things? Another bug is after deleting this manually created user from dashboard and trying to sign up using the same email, it says the email already exists, so it looks like it's not really deleted, but still exists in database.