Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#42254] - [5.3] Access level registered for mod_user

Updates Requested bug PR-4.4-dev PR-5.2-dev Pending

User tests: Successful: Unsuccessful:

avatar chmst
chmst
31 Oct 2023

Pull Request for Issue #28804 .

Summary of Changes

Remove rendering status modules from login, Set accesslevel "registered" for mod menu

Testing Instructions

Grant access to the backend for a usergroup which has not viewlevel "special", for example to usergroup registered.
The user then can login to the backend.

Actual result BEFORE applying this Pull Request

He cannot log out

Expected result AFTER applying this Pull Request

Set access-level for mod_user to "registered" or make a fresh installation for a new test.
mod_user is active, the user can log out.

Link to documentations

Please select:

  • Documentation link for docs.joomla.org:

  • No documentation changes for docs.joomla.org needed

  • Pull Request link for manual.joomla.org:

  • No documentation changes for manual.joomla.org needed

avatar chmst chmst - open - 31 Oct 2023
avatar chmst chmst - change - 31 Oct 2023
Status New Pending
avatar joomla-cms-bot joomla-cms-bot - change - 31 Oct 2023
Category SQL Administration com_admin Postgresql Templates (admin) Installation
avatar chmst chmst - change - 31 Oct 2023
The description was changed
avatar chmst chmst - edited - 31 Oct 2023
avatar chmst chmst - change - 31 Oct 2023
Labels Added: PR-4.4-dev
avatar chmst chmst - change - 31 Oct 2023
The description was changed
avatar chmst chmst - edited - 31 Oct 2023
avatar chmst chmst - change - 31 Oct 2023
The description was changed
avatar chmst chmst - edited - 31 Oct 2023
avatar brianteeman
brianteeman - comment - 31 Oct 2023

Is it intended top remove the link to the frontend of the site from the login page?

avatar chmst chmst - change - 2 Nov 2023
Title
Access level registered for com_user
Access level registered for mod_user
avatar chmst chmst - edited - 2 Nov 2023
avatar HLeithner
HLeithner - comment - 23 Nov 2023

I think we can't hard code access level ids in sql statements (there is no guarantee that 2 === registered)

avatar carlitorweb
carlitorweb - comment - 20 Apr 2024

Should not be enough for this module to appear that the user have access to the administrator? How I see it, this module do not need to proccess any access level to see if he can or not show up in that position. If you log in, you need a way to log out and you don't need an access level to define it.

avatar HLeithner HLeithner - change - 24 Apr 2024
Title
Access level registered for mod_user
[4.4] Access level registered for mod_user
avatar HLeithner HLeithner - edited - 24 Apr 2024
avatar HLeithner
HLeithner - comment - 15 Nov 2024

This pull request has been automatically rebased to 5.2-dev.

avatar HLeithner HLeithner - change - 15 Nov 2024
Title
[4.4] Access level registered for mod_user
[5.2] Access level registered for mod_user
avatar HLeithner HLeithner - edited - 15 Nov 2024
avatar Hackwar
Hackwar - comment - 16 Jan 2025

Any news on this one?

avatar Hackwar Hackwar - change - 16 Jan 2025
Labels Added: Updates Requested bug PR-5.2-dev
avatar HLeithner
HLeithner - comment - 15 Apr 2025

This pull request has been automatically rebased to 5.3-dev.

avatar HLeithner HLeithner - change - 15 Apr 2025
Title
[5.2] Access level registered for mod_user
[5.3] Access level registered for mod_user
avatar HLeithner HLeithner - edited - 15 Apr 2025
avatar brianteeman
brianteeman - comment - 28 Aug 2025

The only way I can think of to ensure that the logout is present is to render the module directly in the admin template with a check that the user has core.admin permissions and not to use the viewlevel permissions.

Add a Comment

Login with GitHub to post a comment