View Issue Details

IDProjectCategoryView StatusLast Update
0010687mantisbtadministrationpublic2009-10-07 14:19
Reportervboctor Assigned Todhx  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.2.0rc1 
Target Version1.2.0rc2Fixed in Version1.2.0rc2 
Summary0010687: Administrators shouldn't be allowed to delete their own account
Description

If a user deletes their own record, the following errors show up:

Warning: 403 in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 735

Warning: 403 in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 735

Warning: 403 in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 735

Warning: 403 in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 735
Logged in as: (@0@) 2009-07-05 21:35 PDT
Warning: 403 in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 735
Project:

Warning: 403 in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 735

Warning: user_get_field() for NO_USER in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 725

Warning: user_get_field() for NO_USER in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 725

Warning: user_get_field() for NO_USER in /Applications/MAMP/htdocs/mantisbt/core/user_api.php on line 725

TagsNo tags attached.

Relationships

has duplicate 0010713 closedvboctor Deleting current user doesn't redirect to login page 
has duplicate 0010719 closedvboctor Administrator delete myself and got APPLICATION ERROR #811 
has duplicate 0010736 closeddhx Administrator User 
has duplicate 0005109 closeddhx BugTracker can have (0) administrator ! 
has duplicate 0003819 closeddregad delete currently logged user 

Activities

dhx

dhx

2009-07-06 02:01

reporter   ~0022405

This needs to be consistent with the current check performed when changing the access level of a user account. Currently when doing that, a check is performed to make sure the last administrator is not demoted below admin_site_threshold.

From IRC today:
<vb1231> A user can delete another user as long as the following conditions are met:
<vb1231> 1. Not to delete the last admin account.
<vb1231> 2. Not to delete a user with a higher access level.
<vb1231> See if there is a place in the manual to document these rules. That would be great.

I'll add that administrators should be exempt from condition 2 as they have the ability to change global configuration anyway. To start placing limits on administrators is much like limiting what the root user can do - it doesn't make sense.

On my TODO list for 1.2.x :)

dhx

dhx

2009-08-07 03:12

reporter   ~0022690

Should be all good now. Let me know if you can still reproduce the problems you were having.

Related Changesets

MantisBT: master-1.2.x 17ae3fc0

2009-08-07 05:17:52

dhx

Details Diff
Fix 0010687: don't allow deletion of the last admin account

The last administrator account should be protected from deletion or
demotion. It is still possible to delete the last administrator account
from the database via way of a raw SQL query if an installation
absolutely must not contain any admin accounts.
Affected Issues
0010687
mod - manage_user_delete.php Diff File
mod - account_delete.php Diff File
mod - lang/strings_english.txt Diff File

MantisBT: master fe113064

2009-08-07 05:17:52

dhx

Details Diff
Fix 0010687: don't allow deletion of the last admin account

The last administrator account should be protected from deletion or
demotion. It is still possible to delete the last administrator account
from the database via way of a raw SQL query if an installation
absolutely must not contain any admin accounts.
Affected Issues
0010687
mod - manage_user_delete.php Diff File
mod - lang/strings_english.txt Diff File
mod - account_delete.php Diff File

MantisBT: master-1.2.x 1d837ae7

2009-08-07 06:24:59

dhx

Details Diff
Fix 0010687: call auth_logout before user_delete

auth_logout() does stuff that requires a valid user ID. When a user
attempts to delete their own account, we should first ensure that
they're logged out as per normal. Then we can delete their account as a
last step before redirecting them elsehwere.

The html headers/footers and redirect message have also been adjusted
for ease of use, and to ensure that the user doesn't miss the notice
about their account being deleted successfully.
Affected Issues
0010687
mod - account_delete.php Diff File

MantisBT: master dce1691b

2009-08-07 06:24:59

dhx

Details Diff
Fix 0010687: call auth_logout before user_delete

auth_logout() does stuff that requires a valid user ID. When a user
attempts to delete their own account, we should first ensure that
they're logged out as per normal. Then we can delete their account as a
last step before redirecting them elsehwere.

The html headers/footers and redirect message have also been adjusted
for ease of use, and to ensure that the user doesn't miss the notice
about their account being deleted successfully.
Affected Issues
0010687
mod - account_delete.php Diff File

MantisBT: master-1.2.x fd39c78b

2009-08-07 07:08:36

dhx

Details Diff
Fix 0010687: Force use of account_delete when deleting own account

The case of deleting ones own account is quite different to deleting the
account of another user. Therefore if an administrator wants to delete
their own account, account_delete.php should be used instead. It
correctly handles logging out and redirection of the administrator who
has just deleted their own account.

This fix will force account_delete.php to be used in a way that is
transparent to an administrator who is deleting their account.

For the purpose of this commit message, "administrator" is any user who
has an access level equal to or beyond manage_user_threshold.
Affected Issues
0010687
mod - account_delete.php Diff File
mod - manage_user_delete.php Diff File

MantisBT: master f27b0e9c

2009-08-07 07:08:36

dhx

Details Diff
Fix 0010687: Force use of account_delete when deleting own account

The case of deleting ones own account is quite different to deleting the
account of another user. Therefore if an administrator wants to delete
their own account, account_delete.php should be used instead. It
correctly handles logging out and redirection of the administrator who
has just deleted their own account.

This fix will force account_delete.php to be used in a way that is
transparent to an administrator who is deleting their account.

For the purpose of this commit message, "administrator" is any user who
has an access level equal to or beyond manage_user_threshold.
Affected Issues
0010687
mod - account_delete.php Diff File
mod - manage_user_delete.php Diff File

Issue History

Date Modified Username Field Change
2009-07-06 00:37 vboctor New Issue
2009-07-06 02:01 dhx Note Added: 0022405
2009-07-06 02:01 dhx Assigned To => dhx
2009-07-06 02:01 dhx Status new => confirmed
2009-07-06 02:01 dhx Target Version => 1.2.2
2009-07-12 17:13 vboctor Relationship added has duplicate 0010713
2009-07-14 03:28 vboctor Relationship added has duplicate 0010719
2009-07-18 09:57 dhx Relationship added has duplicate 0010736
2009-08-07 01:30 dhx Resolution open => fixed
2009-08-07 01:30 dhx Fixed in Version => 1.3.0-beta.1
2009-08-07 01:30 dhx Changeset attached master-1.2.x 17ae3fc0 =>
2009-08-07 01:30 dhx Changeset attached master fe113064 =>
2009-08-07 02:30 dhx Changeset attached master-1.2.x 1d837ae7 =>
2009-08-07 02:30 dhx Changeset attached master dce1691b =>
2009-08-07 03:12 dhx Note Added: 0022690
2009-08-07 03:12 dhx Status confirmed => resolved
2009-08-07 03:12 dhx Fixed in Version 1.3.0-beta.1 => 1.2.2
2009-08-07 03:20 dhx Changeset attached master-1.2.x fd39c78b =>
2009-08-07 03:20 dhx Changeset attached master f27b0e9c =>
2009-10-07 14:19 jreese Status resolved => closed
2010-01-16 23:51 dhx Relationship added has duplicate 0005109
2012-04-13 03:31 dregad Relationship added has duplicate 0003819