bug PR-5.2-dev Pending

User tests: Successful: Unsuccessful:

avatar Hackwar
Hackwar
24 Nov 2024

Pull Request for Issue #29576.

Summary of Changes

When a user is required to reset their password, they can't use the direct-logout-menu-item.

Testing Instructions

  1. Create a menu item of type Users -> Logout
  2. Create or edit a user and set the require password reset flag
  3. Login in the frontend with this user
  4. Click on the logout menu link

Actual result BEFORE applying this Pull Request

Logout is denied.

Expected result AFTER applying this Pull Request

Logout is allowed

Link to documentations

Please select:

  • Documentation link for docs.joomla.org:

  • No documentation changes for docs.joomla.org needed

  • Pull Request link for manual.joomla.org:

  • No documentation changes for manual.joomla.org needed

avatar Hackwar Hackwar - open - 24 Nov 2024
avatar Hackwar Hackwar - change - 24 Nov 2024
Status New Pending
avatar joomla-cms-bot joomla-cms-bot - change - 24 Nov 2024
Category Libraries
avatar fgsw
fgsw - comment - 25 Nov 2024

Test by using User Group Administrator:

Menu "Blog" > Logout (Menu Item Type Logout)

Logout is allowed, but also a Login with unchanged Password.

Menu "Special" > Log out (Menu Item Type Login Form)

Logout is denied.

avatar brianteeman
brianteeman - comment - 25 Nov 2024

I do not agree with this change. All you should be able to do when password reset is required is to change the password. No other action should be allowed.

avatar Hackwar Hackwar - close - 25 Nov 2024
avatar Hackwar
Hackwar - comment - 25 Nov 2024

Closing this PR in favour of #44521

avatar Hackwar Hackwar - change - 25 Nov 2024
Status Pending Closed
Closed_Date 0000-00-00 00:00:00 2024-11-25 09:42:49
Closed_By Hackwar
Labels Added: bug PR-5.2-dev

Add a Comment

Login with GitHub to post a comment