Joomla! Issue Tracker | Joomla! CMS #44522 - [5.2] Privacy: Allow MFA and invalid privacy consents

RTC bug PR-5.2-dev

Fixed in Code Base
19 Dec 2024
Medium
Build: 5.2-dev
# 44522
Diff
Hackwar:5.2-privacy-requirereset

Pending

User tests: Successful: Unsuccessful:

Hackwar
24 Nov 2024

Pull Request for Issue #42783, #38791.

Summary of Changes

When a user has no valid privacy consent and has MFA enabled, they are stuck in an endless redirect loop.

Testing Instructions

Setup a user with MFA
Enable the privacyconsent system plugin
Login with that user in the frontend

Actual result BEFORE applying this Pull Request

Endless redirect loop between captive view and profile edit view.

Expected result AFTER applying this Pull Request

MFA captive view is displayed and you can type in a MFA code.

Link to documentations

Please select:

Documentation link for docs.joomla.org:
No documentation changes for docs.joomla.org needed
Pull Request link for manual.joomla.org:
No documentation changes for manual.joomla.org needed

Votes

# of Users Experiencing Issue

1/1

Average Importance Score

3.00

e02d12b 24 Nov 2024

Privacy: Allow MFA and invalid privacy consents

Hackwar - open - 24 Nov 2024

Hackwar - change - 24 Nov 2024

Status

New

⇒

Pending

joomla-cms-bot - change - 24 Nov 2024

Category

⇒

Front End Plugins

Hackwar - change - 24 Nov 2024

The description was changed

Hackwar - edited - 24 Nov 2024

pe7er - test_item - 18 Dec 2024 - Tested successfully

pe7er - comment - 18 Dec 2024

I have tested this item ✅ successfully on e02d12b

I was able to reproduce the issue: I ended up in an endless loop and could not login. In Firefox I got this message:

After the patch I was able to login.
And the Privacy Policy consent option is displayed in the User Profile

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/44522.}

alikon - comment - 19 Dec 2024

without pr

with pr
I was able to login.

alikon - test_item - 19 Dec 2024 - Tested successfully

alikon - comment - 19 Dec 2024

I have tested this item ✅ successfully on e02d12b

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/44522.}

alikon - change - 19 Dec 2024

Status	Pending	⇒	Ready to Commit
Labels	Added: bug PR-5.2-dev

alikon - comment - 19 Dec 2024

RTC

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/44522.}

735fc20 19 Dec 2024

Merge branch '5.2-dev' into 5.2-privacy-requirereset

bembelimen - change - 19 Dec 2024

Labels

Added: RTC

bembelimen - change - 19 Dec 2024

Status	Ready to Commit	⇒	Fixed in Code Base
Closed_Date	0000-00-00 00:00:00	⇒	2024-12-19 10:11:47
Closed_By		⇒	bembelimen

bembelimen - close - 19 Dec 2024

bembelimen - merge - 19 Dec 2024

Add a Comment

Older
Newer

Joomla! Issue Tracker - CMS

[#44522] - [5.2] Privacy: Allow MFA and invalid privacy consents

Summary of Changes

Testing Instructions

Actual result BEFORE applying this Pull Request

Expected result AFTER applying this Pull Request

Link to documentations

Votes

Add a Comment