feat(users): admin password reset + account disable/enable#600
Closed
remyluslosius wants to merge 1 commit into
Closed
feat(users): admin password reset + account disable/enable#600remyluslosius wants to merge 1 commit into
remyluslosius wants to merge 1 commit into
Conversation
Admin user-management on the existing /api/v1/users surface, gated on
admin:user_manage:
- POST /users/{id}:reset-password - set any user's (or one's own) password on
admin authority, no current password required; runs the role-aware policy +
breach screen and revokes the target's sessions.
- POST /users/{id}:disable / :enable - disable sets users.disabled_at
(migration 0038) and revokes the target's sessions; a disabled user cannot
authenticate (login rejected, generic invalid-credentials, audit reason
account_disabled). An admin cannot disable their own account (409).
- Audit: admin.user.{password_reset,disabled,enabled}.
- Frontend: Manage-user modal gains Reset password + Disable/Enable (gated on
admin:user_manage || isAdmin); a Disabled chip on the roster.
- Spec api-users v1.2.0 (C-06..C-08, AC-14..AC-19), frontend-settings v1.10.0.
Note: cookie sessions are cut off immediately via revocation + the login
block; full Bearer-JWT / API-token disable enforcement is a documented
hardening follow-up.
remyluslosius
added a commit
that referenced
this pull request
Jun 19, 2026
TestAPI_AdminDisableEnable carried // @ac AC-16/17/18 (structural coverage passed) but ran one t.Run("api-users/AC-16") covering all three — so the outcome gate, which credits per-AC t.Run tokens, only saw AC-16 and left api-users at 89% under the 100% gate. Hoist the shared setup and split into ordered AC-16/AC-17/AC-18 subtests (no behavior change; subtests run in order so enable still observes disable). Same slip-through cause as the AC-07 fix: #600 targeted feat/remediation-governance, so go-ci never ran on it.
remyluslosius
added a commit
that referenced
this pull request
Jun 19, 2026
…k + admin user-mgmt (#601) Lands the full remediation stack (formerly #599 + #600 + #601) in one squash merge. - Governance (was #599): request/approve/reject workflow + projected-lift estimate; remediation_requests + remediation_transactions (migration 0037). - Admin user management (was #600): admin password reset + account disable/enable; users.disabled_at (migration 0038), login rejects disabled accounts, sessions revoked on disable. - Execution engine (was #601): per-rule Fix + rollback over Kensa v0.5.1 (pkg/kensa.Default Remediate/Rollback), queued RemediationWorker, host-detail Fix button. Single-rule manual execute/rollback is FREE CORE; bulk/auto remediation is the licensed track (license.EnforceFeature(remediation_execution)). Validated against main's 100% Specter gate (structural + outcome). Two stale-test gaps that #600/#601 never gate-tested (they targeted intermediate stack branches; go-ci only runs on PRs to main) were fixed: system-rbac/AC-07 (remediation:execute is ungated) and api-users/AC-16-18 (per-AC subtest tokens).
Contributor
Author
|
Superseded by #601, which landed the full remediation stack (governance + admin + execution) in a single squash merge to |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Admin user-management: password reset + account disable/enable
Builds the capability for an
adminto (1) reset their own or another user's password, and (2) disable/enable an account — into the product, used via Settings → Users.0038:users.disabled_at.admin:user_manage):POST /users/{id}:reset-password(admin authority, no current password; role-aware policy + breach screen; revokes target sessions),:disable/:enable.admin.user.{password_reset,disabled,enabled}.api-usersv1.2.0 (AC-14..AC-19),frontend-settingsv1.10.0. Endpoint tests cover RBAC, self-disable, disabled-login-blocked, session revocation.Stacked PRs: this is 2 of 3 (base:
feat/remediation-governance). Independent feature; shares generated-file lineage so it's stacked. Retarget tomainonce PR 1 merges.