As part of https://jira.atlassian.com/browse/CWD-306, it allowed users to manage their accounts and view their details in a 'self service' console. With this users can update their profiles.
There is an ask from Customers to Allow ability to disable user profile updates in Crowd and only allow them to update/reset the password.
Expectation is that the users can only update the password. All other changes should be done by an Administrator.
As a workaround, we can modify the editprofile.jsp file, in order to block the update action from normal users, as follows:
- Stop Crowd
- Edit the <crowd-install>/crowd/atlassian-crowd-4.1.6-nested/crowd-webapp/console/user/editprofile.jsp file
- In the file, search for the following section:
- Edit it, adding a new scoped variable, as follows:
- Then, in the bottom of the file, search for the following section:
- Edit this part, surrounding the line between an if statement, as follows:
- Start Crowd again.
With the above, the Save button will still be there, but it won't trigger any update action.
If you also wish to remove the button, proceed as follows:
- Find the following line:
- Adjust the value argument, as follows:
- Restart Crowd.