Feeling Lucky
bug
PR-5.2-dev
[#44520] - [5.2] User: Logout also when required to pw reset
- Closed
- 25 Nov 2024
- Medium
- Build: 5.2-dev
- # 44520
- Diff
- Hackwar:5.2-user-logout
User tests: Successful: Unsuccessful:
Pull Request for Issue #29576.
Summary of Changes
When a user is required to reset their password, they can't use the direct-logout-menu-item.
Testing Instructions
- Create a menu item of type Users -> Logout
- Create or edit a user and set the require password reset flag
- Login in the frontend with this user
- Click on the logout menu link
Actual result BEFORE applying this Pull Request
Logout is denied.
Expected result AFTER applying this Pull Request
Logout is allowed
Link to documentations
Please select:
-
Documentation link for docs.joomla.org:
-
No documentation changes for docs.joomla.org needed
-
Pull Request link for manual.joomla.org:
-
No documentation changes for manual.joomla.org needed
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | Libraries |
brianteeman
- comment
- 25 Nov 2024
I do not agree with this change. All you should be able to do when password reset is required is to change the password. No other action should be allowed.
| Status | Pending | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2024-11-25 09:42:49 |
| Closed_By | ⇒ | Hackwar | |
| Labels |
Added:
bug
PR-5.2-dev
|
||
Test by using User Group
Administrator:Menu "Blog" > Logout (Menu Item Type
Logout)Logout is allowed, but also a Login with unchanged Password.
Menu "Special" > Log out (Menu Item Type
Login Form)Logout is denied.