Indicate locked users in Admin Area
What does this MR do and why?
Related to #335032 (closed)
A user is locked after 10 failed login attempts. The lock expires after 10 minutes. An Admin can unlock a user from the Rails console or the Admin Area.
Previously there was no indication in the UI that a user is locked. This MR adds (Locked)
after the user's name in the Admin Area.
This MR also documents the following:
- That a lock on a user expires after 10 minutes.
- How to unlock a user from the Admin Area.
There is a follow-up to add a Locked
badge to the list view.
Screenshots or screen recordings
Before | After |
---|---|
![]() |
![]() |
How to set up and validate locally
- Sign in as an Admin.
- Navigate to
/admin/users
. - Click on a user and make note of their username.
- In the Rails console (
bin/rails console
) runUser.find_by_username(<Username from step 3>).update_column(:locked_at, DateTime.current)
. - Refresh the page opened in step 3
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Peter Hegman