Update of Personal Detail page for the SaaS API Management developer portal
From October 2nd, 2023, a security change to the Developer Portal requires your action. Take the necessary steps described in this article before this date.
When the new security feature is implemented, and a user wants to update their personal details in the Developer Portal of a 3scale Hosted (SaaS) account, they must also confirm their current password in a new mandatory field in the form. When you update your template (before October 2nd, 2023), the new field "Current Password" will appear on the Personal Details page but will not be mandatory, and any data entered will be disregarded. On October 2nd, the underlying functionality will be upgraded, the page will begin working with the new feature, "Current Password" will be required and will function as explained above.
We apologize for any inconvenience this may cause. If you have any questions, contact support at the Red Hat Customer Portal.
What's changing
We've added a new security feature to the built-in page User > Show Audience > Developer Portal > Content. Now, when a user wants to update their personal details, they must also confirm their current password in the new mandatory field in the form.
Action required
To avoid any issues, update your template to include the new CURRENT PASSWORD field. If your users work with a different login system, they won't see this field in the form. We recommend updating the template as a preventive measure.
You can use the following base template. For more details on the changes, check this pull request on GitHub
If there is no customization for the Developer Portal, the code at User > Show needs to be replaced with the code provided below. If there is a customization, the following code will be the starting point for the template.
<div class="row">
<div class="col-md-9">
{% include 'users_menu' %}
<div class="panel panel-default">
<div class="panel-heading important">
<a href="{{ urls.users }}">
<i class="fa fa-chevron-left"></i>
All users
</a>
</div>
<div class="panel-body panel-footer">
{% form 'user.personal_details', user, class: "form-horizontal" %}
<fieldset>
<legend>
<span>User information</span>
</legend>
{% for field in user.fields %}
{% include 'field' with field %}
{% endfor %}
</fieldset>
{% if user.using_password? %}
<fieldset>
<legend>
<span>Provide your current password</span>
</legend>
<div class="form-group {{ user.errors.current_password | error_class: 'has-error' }}">
<label for="user_current_password" class="col-md-4 control-label">
Current Password
</label>
<div class="col-md-6">
<input
id="user_current_password"
name="user[current_password]"
type="password"
class="form-control">
{{ user.errors.current_password | inline_errors: 'help-block' }}
</div>
</div>
</fieldset>
<fieldset>
<legend>
<span>Change password</span>
</legend>
<div class="form-group {{ user.errors.password | error_class: 'has-error' }}">
<label for="user_password_confirmation" class="col-md-4 control-label">
Password
</label>
<div class="col-md-6">
<input
id="user_password"
name="user[password]"
type="password"
class="form-control">
{{ user.errors.password | inline_errors: 'help-block' }}
</div>
</div>
<div class="form-group {{ user.errors.password_confirmation | error_class: 'has-error' }}">
<label for="user_password_confirmation" class="col-md-4 control-label">
Password confirmation
</label>
<div class="col-md-6">
<input
id="user_password_confirmation"
name="user[password_confirmation]"
type="password"
class="form-control">
{{ user.errors.password_confirmation | inline_errors: 'help-block' }}
</div>
</div>
</fieldset>
{% endif %}
<fieldset>
<div class="form-group">
<div class="col-md-10">
<input
class="btn btn-primary pull-right"
name="commit"
type="submit"
value="Update Personal Details">
</div>
</div>
</fieldset>
{% endform %}
</div>
</div>
</div>
</div>
Comments