Details
-
Suggestion
-
Resolution: Fixed
-
None
Description
Problem Definition
For licensing purposes, Stash administrators sometimes want to delete/deactivate users that have not used their account ever (or for a very long time in fact). For this, they would need to see these login dates,
Workaround
Until Stash 3.7 was released, that is currently only possible by querying directly the database as described on the KB below (with the exception of "Delegated LDAP users"):
Implementation
Stash 3.7 will include a last authentication time in the UI regardless of which directory type they belong to. It is important to notice that the timestamp is also included in the REST payload for /rest/api/latest/admin/users. Hence, there is no more need to query the database.
For example:
$ curl -H "Content-Type:application/json" --user admin:admin -H "Accept:application/json" -X GET http://localhost:7990/bitbucket/rest/api/1.0/admin/users { "size":3, "limit":25, "isLastPage":true, "values":[ { "name":"admin", "emailAddress":"admin@example.com", "id":1, "displayName":"Administrator", "active":true, "slug":"admin", "type":"NORMAL", "directoryName":"Bitbucket Internal Directory", "deletable":true, "lastAuthenticationTimestamp":1450221817844, "mutableDetails":true, "mutableGroups":true, "links":{ "self":[ { "href":"http://localhost:7990/bitbucket/users/admin" } ] } }, { "name":"user", "emailAddress":"user@example.com", "id":2, "displayName":"User", "active":true, "slug":"user", "type":"NORMAL", "directoryName":"Bitbucket Internal Directory", "deletable":true, "mutableDetails":true, "mutableGroups":true, "links":{ "self":[ { "href":"http://localhost:7990/bitbucket/users/user" } ] } }, { "name":"user2", "emailAddress":"user@2.com", "id":51, "displayName":"User 2", "active":true, "slug":"user2", "type":"NORMAL", "directoryName":"Bitbucket Internal Directory", "deletable":true, "lastAuthenticationTimestamp":1449467319385, "mutableDetails":true, "mutableGroups":true, "links":{ "self":[ { "href":"http://localhost:7990/bitbucket/users/user2" } ] } } ], "start":0 }
Important info:
This information can't be gleaned retroactively, so it will be maintained from the upgrade on. Until a user first logs in after the upgrade their last timestamp will show as "Unknown" in the UI.
Each time a user authenticates via HTTP or SSH (including accessing a Git repository over HTTP or SSH, push or pull), or via the login page, their timestamp will be updated. If a user selects "Remember me" on the login screen, each time their session times out (generally ~30 minutes of inactivity unless reconfigured), when they get a new session using their remember me token their timestamp will also be updated.
Attachments
Issue Links
- duplicates
-
- Closed
- is incorporated by
-
- Gathering Interest
- mentioned in
-
Page Loading...
-
-
-
-
-