Add: requirements for disabling accounts, killing sessions

author: Lars Wirzenius <liw@liw.fi> 2019-03-28 14:21:41 +0200
committer: Lars Wirzenius <liw@liw.fi> 2019-03-28 14:21:41 +0200
commit: 1c6b65ca79a12803a5acdd98736f0559f538d54a (patch)
tree: 0975ab0cdb6fbab3e1b7c6b5dcb22fe4e8011a59
parent: 2fb6f6374604e17d4eb996e260b5ed8e7f7a3fb4 (diff)
download: ick.liw.fi-1c6b65ca79a12803a5acdd98736f0559f538d54a.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/yuck.mdwn b/yuck.mdwn
index 7f46226..7908b01 100644
--- a/yuck.mdwn
+++ b/yuck.mdwn
@@ -175,6 +175,11 @@ reference in discussions.
 * (ACLTRY) There must be a way to test ACL rules: if *this* user in
   *these groups* does *this* operation for *this* resource, is it
   allowed? This may require additional support from the RP.
+* (DISABLEACCT) It must be possible to disable an account (whether for
+  an end-user or an API client) so that it still exists, but
+  authentication cannot ever succeed.
+* (KILLSESSION) It must be possible to kill existing web sessions to
+  kick out someone who is logged in to Yuck.
 
 
 # Architecture: the ecosystem
author	Lars Wirzenius <liw@liw.fi>	2019-03-28 14:21:41 +0200
committer	Lars Wirzenius <liw@liw.fi>	2019-03-28 14:21:41 +0200
commit	1c6b65ca79a12803a5acdd98736f0559f538d54a (patch)
tree	0975ab0cdb6fbab3e1b7c6b5dcb22fe4e8011a59
parent	2fb6f6374604e17d4eb996e260b5ed8e7f7a3fb4 (diff)
download	ick.liw.fi-1c6b65ca79a12803a5acdd98736f0559f538d54a.tar.gz