Create Screens to allow a system user to a create self-service user ID and password for a client

[edcable]

As a system administrator, from the user interface of the web app, I should be able to create and assign a self-service user ID and password to a client.

This should be possible from both the admin section and directly from the client screen.

See https://goo.gl/M00xMJ for details on user requirements.

[edcable]

Wireframes for this have been drafted by Denila at https://drive.google.com/drive/folders/0ByeK44WJrHIvSjZuQW1pTGZpYzQ?usp=sharing

[edcable]

Here is some accompanying explanations for Denila on those wireframes. We're still finalizing how system IDs would get auto-generated when created by back-office user:

Attached are wires for the two workflows to create a self-service user from the Mifos admin web app.

Although the requirements stated that the admin can specify user id, I spoke to a few of my friends who work in fintech with banks, and they mentioned that as a best practice it's more secure to have a system generated user ID that has a random component within it ( so that it is not susceptible to brute force hacking).

Also, the password would be system generated and emailed to the email ID on file for the client.

So essentially the admin would click on a button that says 'Activate Self-Service User' and that would - a) Autogenerate a user ID b) Send an email to the user with the user ID and a link to create password

I have added some notes in red for some of the wires and attached the wires with and without notes. Let me know if additional clarifications are required.

CLIENT PAGE workflow:

1. Once the admin has navigated to the client page, and selected 'Add Self-Service Account' under the 'More' dropdown, the screen as shown in wire would show a form which has some of the client details such as Name, Email ID, whether the self-service account is active or not, and a button that says 'Activate Self-service account'.

2. The activate button would be greyed out, if the self-service account is already active

3. Next to the activate button is a help icon which on hover would show an information pop-up box indicating what would happen on clicking the button

4. Once the button has been clicked, a success confirmation dialog popup would appear that indicates the user id created, and that an email has been sent to the client email id on file. Also, the activate button would become greyed out.

MANAGE SELF-SERVICE USER workflow:

1. On navigating to Admin > Organization > Manage Self-Service User, a list of all self-service users would be shown in a table as shown in the wire.

2. There are filters on top of the table which can used to narrow down the search by Client name, Office, Staff, User ID, or Activation Date ( not sure if this would be an AND or OR if multiple search criteria are entered - leaving this as a technical question/decision)

3. I have also added a functionality by which multiple rows can be selected from the table, in case some one wants to bulk deactivate accounts which would turn the Active switch off in one go for the selected rows. Individually, the accounts can be deactivated using the switch under the Active column of the table.

4. On clicking the '+Self Service User' button on top, admin will be taken to a form where they select Office, Staff from dropdown lists. As stated in requirements document, only the client names that apply to the selected Office and Staff entries would be displayed in the Client dropdown. Also, an additional constraint that I believe should be added is that only the clients that do not yet have a self-service account should be displayed in the dropdown.

5. On clicking the Activate Self-Service User button, the same functionality as in the previously described workflow would apply - system generated user id and link to password will be emailed to the selected client, and a success confirmation dialog popup would appear that shows the user id created, and that an email has been sent to the client email id on file. Also, the activate button would become greyed out.

[botraunak]

@edcable I'd like to take up this issue. I would require some help implementing this. I'll update if I run into some issues!

[mbj36]

Go for it @botraunak It's one of the critical issue that really needs to be work upon

[botraunak]

@mbj36 @edcable I have created the form for creating the user, I had a few doubts:

• There is currently no email field in the client so I am using mobile number in the form for now. Is it okay, or maybe I'm missing where to fetch client email from?
• I read the docs on how the user is created with a random id password and details are notified then but I wasn't able to find a matching API endpoint in the self service or client creation API docs, maybe I'm looking in the wrong place?

[edcable]

@nazeer1100126 Can you please help Raunak with some his queries. We have all the API endpoints in place for creation of self-service users by back-office staff via the web app correct?

We still need an API to allow users to self-register and create their own credentials though, correct?

[nazeer1100126]

@botraunak @edcable

1. Currently email field is not available for the client. However with PR https://github.com/apache/incubator-fineract/pull/316/ this will be added.
2. Ed is correct. Current implementation is only by back office staff. You need to add API(s) to manage,create self service users. I believe self-register and creating their own credentials needs different design and implementation. So for now we should allow staff to create and manage the self service users.

[botraunak]

@nazeer1100126 Could you guide me where are the apis that enable staff to create and manage the self service users?

[nazeer1100126]

@botraunak Current API(s) are used in the context of creating a user. But in your case, you need to add these API(s) to platform. For reference check SELF SERVICE section in https://demo.openmf.org/api-docs/apiLive.htm and https://demo.openmf.org/api-docs/apiLive.htm#users_create

[botraunak]

UPDATED: resolved. @nazeer1100126 When I try to create a user the api is throwing me an error { "developerMessage": "The request was invalid. This typically will happen due to validation errors which are provided.", "httpStatusCode": "400", "defaultUserMessage": "Validation errors exist.", "userMessageGlobalisationCode": "validation.msg.validation.errors.exist", "errors": [ { "developerMessage": "The parameter email is invalid.", "defaultUserMessage": "The parameter email is invalid.", "userMessageGlobalisationCode": "error.msg.user.email.invalid", "parameterName": "email", "value": null, "args": [ { "value": "[email protected]" } ] } ] }

This is my post body { "isSelfServiceUser": true, "sendPasswordToEmail": true, "roles": [ "1" ], "firstname": "Andrew", "lastname": "Tester", "email": "[email protected]", "officeId": 1, "username": "botraunak" }

Can you tell me what am I doing wrong? It's giving me this on any email

[botraunak]

@edcable @mbj36 I'm done with the self service user creation. from the flow of view client > more > create self service user

[edcable]

@nazeer1100126 @mbj36 @santoshmath Is this ready to be closed and merged and shipped with the upcoming point release.

[edcable]

Is this blocked by merge of https://github.com/apache/fineract/pull/316?

[santoshconflux]

Related PR yet to b reviewed and merged. https://github.com/openMF/community-app/pull/2139

[santoshconflux]

Related backend(Fineract) Ticket: https://issues.apache.org/jira/browse/FINERACT-787 and it's PR: https://github.com/apache/fineract/pull/649

[Nayan]

@edcable @santoshconflux I have merged the PR, it has dependency from Fineract, please test the same once it is ready, if any issues, I will help you to get it fixed.

[santoshconflux]

@Nayan , Thanks. It was pending for long time. @edcable, now if someone can review and merge https://github.com/apache/fineract/pull/642 and https://github.com/apache/fineract/pull/649 , I can update staging with latest code from Fineract and Community App. However, this feature testing requires at least one to two days.

[awasum]

backend issue now merged on Fineract... this can be tested.

[edcable]

@santoshconflux can you test this? I was trying to test on https://dev.mifos.io but I get an error message saying a role needs to be specified but there is no way to input or select a role.

[jamesidw]

@edcable The backend changes were to add a section in the response with just the self service role. The other purpose (besides for the admin) was to enable self sign up by the client (where they should not be presented with a list of options - they have to take the self service role)

What's happening here is that you have not enabled the Self Service Role and so that section in the response is empty. The front end should probably indicate that to the administrator (that they haven't enabled/configured the self service role) and not try to submit without any roles specified.

[Argez]

Has someone got this error when registering a client? { "developerMessage":"The request was invalid. This typically will happen due to validation errors which are provided.", "httpStatusCode":"400", "defaultUserMessage":"Validation errors exist.", "userMessageGlobalisationCode":"validation.msg.validation.errors.exist", "errors":[ { "developerMessage":"The parameter email is invalid.", "defaultUserMessage":"The parameter email is invalid.", "userMessageGlobalisationCode":"error.msg.user.email.invalid", "parameterName":"email","value":null,"args":[{"value":"[email protected]"}]}]}