Details
-
Type:
Suggestion
-
Status: Gathering Interest (View Workflow)
-
Resolution: Unresolved
-
Fix Version/s: None
-
Component/s: REST
-
Environment:- Using the standalone version
- CentOS 6.0 final
- java version "1.6.0_14"
Java(TM) SE Runtime Environment (build 1.6.0_14-b08)
Java HotSpot(TM) 64-Bit Server VM (build 14.0-b16, mixed mode)
-
Feedback Policy:
Description
When using the Crowd Rest API to update a user one can send an xml message like this to activate a user:
<user name=USERNAME> <active>true</active> </user>
This update will succeed leaving the user in an invalid state:
- The email address is empty
- The first name is empty
- The last name now contains the username
I suggest the following fixes:
- Make sure you can never leave a user in an invalid state. In this case I would expect another status_code
- Not providing a field should not result in emptying it when updating.