Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#37763] - [4.x] User Logout direct fails

No Code Attached Yet bug
avatar brianteeman
brianteeman
8 May 2022

Steps to reproduce the issue

  1. Create a menu item with GUEST permissions
  2. Create a menu item with REGISTERED permissions
  3. Create a menu item with Public permissions
  4. Publish the login module on all pages AND set redirect on login to the registered page and redirect on logout to the guest page
  5. Create a menu item Users->Login Form AND set redirect on login to the registered page and redirect on logout to the guest page
  6. Create a menu item Users->Logout AND set redirect on logout to the public page
  7. Create a menu item Users->Logout AND set redirect on logout to the guest page

Test 1

login and logout using the module

Test 2

login and logout using the menu login form

Test 3

Login (any method) and Logout using the Logout menu item that redirects to a public page

Test 4

Login (any method) and Logout using the Logout menu item that redirects to a guest page

Expected Results

login and logout and redirects all work as expected

Actual Result

Test 1,2 & 3 work as expected
Test 4 produces a 403 You don't have permission to access this

Votes

# of Users Experiencing Issue
1/1
Average Importance Score
3.00
avatar brianteeman brianteeman - open - 8 May 2022
avatar joomla-cms-bot joomla-cms-bot - change - 8 May 2022
Labels Added: No Code Attached Yet
avatar joomla-cms-bot joomla-cms-bot - labeled - 8 May 2022
avatar brianteeman brianteeman - change - 8 May 2022
The description was changed
avatar brianteeman brianteeman - edited - 8 May 2022
avatar sozzled
sozzled - comment - 8 May 2022

Thanks, @brianteeman. I reported this at #37042 but it failed to gain any traction or attention. I consider this a bug with J! 4 that probably goes back to before the release of J! 4.0 but was overlooked or not considered important. Whether or not the matter is fixed I would like an acknowledgement from the development team(s) as to why this happens:

The logout menu item does not close the session (and reset the viewing permissions) before the session is redirected to a menu item that the session is not permitted to access. That, in a nutshell, is the problem.

Further, the viewer remains logged-in as a result of the error.

avatar brianteeman
brianteeman - comment - 8 May 2022

I reported this at #37042 but it failed to gain any traction or attention.

Probably because you didnt have good test instructions and asked people to wade through the forum.

I consider this a bug with J! 4 that probably goes back to before the release of J! 4.0 but was overlooked or not considered important

Doesnt really matter what you consider or when the bug first occurred. The only thing that matters is when someone discovers and reports it.,

I would like an acknowledgement from the development team(s) as to why this happens:

I would like a ferrari

avatar fancyFranci fancyFranci - change - 17 Feb 2023
Labels Added: bug
avatar fancyFranci fancyFranci - labeled - 17 Feb 2023
avatar brianteeman
brianteeman - comment - 19 Dec 2023

Closing as no longer reproducable

avatar Quy Quy - change - 19 Dec 2023
Status New Closed
Closed_Date 0000-00-00 00:00:00 2023-12-19 12:06:50
Closed_By Quy
avatar Quy Quy - close - 19 Dec 2023

Add a Comment

Login with GitHub to post a comment