Cryosparcm updateuser requires knowing a user's password

closed

#1

Today I tried to give a user admin status in cryoSPARC but encountered an issue. It seems that if you want to update a user you have to input the user’s password and in fact in the update_user function defined in the file cryosparc2_master/cryosparc2_command/command_core/init.py it checks to ensure the password entered matches the password in the database. Why is this?

As the administrator of the cryoSPARC instance I do not want to know what a user’s password is (Despite having to set it upon user creation) and in this case I do not think it should be required to change the admin status of a user. Would you please rework this?


#2

Hi @clil16,

User management functions like this one haven’t been fully developed in the UI at the moment, and they were not intended to be run using the command line because of the obvious security holes. Sorry about that! We will definitely have future updates where you’ll be able to manage users more efficiently and securely! Stay tuned.


#3

Running this/these user management commands via the command line is the only option. Whenever people ask about these user management issues the response is always that it is being worked on and will be available in an upcoming release. This was the response with version 2.0 and the software is now at version 2.11.
Would it be possible to move these issues higher on the priority list?


#4

Hi @clil16,

This is definitely an important feature for us to add into cryoSPARC and it is in development.

Thanks for your patience.

- Suhail