Feature #3906
Updated by Yalavarthi Thriveni 3 months ago
Role: Admin
As an Admin,
I want to create a new system user with roles, configurable notification settings, and a secure password policy,
So that new users can log in securely, update their credentials, and receive relevant notifications.
Acceptance Criteria
1.User Creation Form
Admin can enter: First Name, Last Name, Email, Mobile, Username/Login ID.
Admin can create any role users.
Manager can't create an admin but create other users.
Roles can be assigned (multi-select).
Notification preferences: Email / SMS (toggle on/off).
2.Password Management
System auto-generates a random password when creating the user.
Random password must be time-bound (e.g., valid for 48 hours).
User receives login credentials via email/SMS (if enabled).
On first login, user is forced to change the password.
3.Password Expiration
If the temporary password expires before use, the system prompts Admin to reset/regenerate a new temporary password.
Expired users cannot log in with the old password.
4.User Activation
User account is created with status = Active.
If password not updated within the expiration period, status = Inactive until reset.
5.Security Rules
Passwords must meet security criteria (e.g., min 8 chars, uppercase, lowercase, number, special character).
Password history should prevent reuse of last N passwords.
6.System Audit
Logs who created the user, when, and which roles were assigned.
Tracks when the user updated their password.
7.Log the request & responses in separate file & action history need to be saved & show it in the UI
8.Roles of this application as super admin, owner/admin, sales manager, delivery manager, field engineer, field staff
9.User can able to upload their picture also
10.If user doesn’t update within validity period, password expires , admin must regenerate.