[#32173] - [4.0.0-beta6] Logout missing in backend
- Closed
- 27 Jan 2021
- Medium
- Build: staging
- # 32173
Steps to reproduce the issue
I have created a separate user group below "registered" and allowed it to log in to the backend.
The user can also log in to the backend. But for the logout the logout button or the menu item is missing.
Expected result
Show the lougout button or the user menu item with logout
Actual result
only show the menu item to the frontend
Additional comments
If I move the user group under author, then the logout / user menu is displayed.
joomla-cms-bot
- | Labels |
Added:
?
|
||
| Title |
|
||||||
| Labels |
Added:
?
|
||
I'm sure we had this issue before. Its one of those limitations of our acl system and is expected behaviour of the system. However you're right that a user should always have a way to log out. As its a module in J4 I would just make it public view access level
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/32173.
The module "mod_user" with the title "User Status" must be set to public, then the logout is displayed. This should be set as the default setting.
Then here is another problem with the link "Edit Profile". The user can call the link, but there are no buttons for cancel or save. I believe this has already been reported.
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/32173.
When reported this years ago, I was told simply to set user rights correctly when I grant access to users.
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/32173.
I guess it could be set to public by default AND remove the ability for it to be included in the login.php template
I'm pretty sure with have 100 others situations where the user can shot in his own foot. Setting this to public would mean it could be seen on the login.php as mentioned by brian. Maybe there are much more pitfalls.
Don't see it as release blocker and would only fix it if it's easy to fix without hardcoding it. Looking at the auth plugins or other system plugins the situations is much worse then "I can't logout when I create a new group". There may be more defaults that have to be reconsidered if you want to give backend access to a frontend group.
... and you can always create a custom admin menu to logout
It feels as a bug if it happnes to a user and will be reported again and again. But I don't see it as release blocker. The worst what can happen is waiting until the session has expired.
I don't see this as a release blocker either. if you know how to handle it, then it's ok. But it's not really intuitive at the moment.
| Labels |
Removed:
?
|
||
I wasn’t sure if it was a regression on j3 behaviour. Happy to remove release blocker tho if we all agree
The same issue in joomla3,
When you create a custom group, the group should be in Special "view access lvl" to be able to see most of backend modules
It more about configuration. but agree that logout should be always visible
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2021-01-27 23:03:20 |
| Closed_By | ⇒ | wilsonge |
This is related to the module being assigned to the "special" view access level. The group is not in that access level. I'm unsure whether to mark this as expected behaviour or if it's a release blocker xD .
I think we probably need to display some sort of logout button in all cases because the user is actually trapped in the backend in the current scenario.
@HLeithner @bembelimen interested to hear your opinions here.