Allow admins to change email addresses easily

Current setup:

Site is locked down for members to be invited or request access.
We don’t want people changing their own email address, so the related email change site-setting is disabled. Of course, sometimes an admin must.

###Expectation:
go to the user’s admin page, see the email, and edit it, potentially have that pending confirmation of the new email. :sunny:

###Actual

  • visit the admin page

  • click a button to see what it is.

  • there’s no way to edit it

  • Click Show Public Profile,

  • realize you have to click Preferences too.

  • No way to edit the email address… grrr

  • Go back to admin

  • disable the site setting

  • go back to publich profile/preferences

  • edit

  • go back to admin

  • disable the site setting.

As an admin, can we please just edit a user’s address at all times, from the Admin page?

extra brownie points from this customer if @techAPJ could allow the name to be edited while he’s there.

Please?

13 Likes

Yeah, we are fine with allowing email/name/username editing on admin page. We must account for the sso override stuff though that disables editing here.

Of course, there are a couple of things that should be added related to this.

  • We should log all the name/email/username changes and have that visible somewhere

  • If an admin changes a users email, its probably sane to allow them to send an email right away to that user explaining that the email changed, doing this (optionally) automatically would be good.

1 Like

I guess API considerations, such as this post by @SnipersCode, would come in to play as well.

2 Likes

As an admin, I can change an email now it just takes too many steps.

Addressing either (or both) of these two needs would help a lot"

  • Allowing an admin to change a user’s email from its Admin view (not only the public profile)

  • Allowing the change even if the site setting is disabled.

As for SSO, presumably the source of authentication already knows about the new email… the goal of the change in discourse would be to prevent an undesired second account from being created on the user’s next visit.

3 Likes

Currently this happens… we need to click an email confirmation link.

Maybe that would have to change when SSO is enabled, however I don’t think bringing the control from the user-side preferences to the admin side preferences changes the current SSO workflow.

Hello,

sorry for warming up this old thread but the behavior of discourse is really causing problems right now.

If a user activates their Accounts on our platform (Discourse is only one of many platforms) we automatically create a Discord user via the API. We need to do this in order to assign the correct groups. If the user changes his email before first logging into Discourse via Discourse SSO, he will create a new Account (<username>1) and we have to manually merge the 2 accounts together.

Allowing the API to change the email would help to reduce a lot of manual work. And I guess Admins should also be allowed since they normally know what they are doing.

I would like to disallow users to change their Email Addresses but not the Admins and the API.

Configure your sso so that it assigns the groups on login.

That is unfortunately not possible with our setup.

(at least not at the moment)

One other easy solution for us would be if either Discourse SSO or SAML could be setup to just log in the account with the same name WITHOUT doing email-based checks. But unfortunately Discourse always wants to be smarter than anyone using it :frowning: